221929c945fea62c310ed737cbd75b07

Sharing

Copy URL

Twitter E-mail

General

Target

221929c945fea62c310ed737cbd75b07
Size

179KB
MD5

221929c945fea62c310ed737cbd75b07
SHA1

d0398a381107e735f31362065161082b015b3b93
SHA256

894ff822d1fa1ec964ddd1977359089c49d10c23bf5aec56c323c9f5a52abda2
SHA512

134d63908ddb5c73de30584279feec01f79efc1988b0691b7ca6ef5b70673069fa6a68f47f15bd9da2dc103a47e19d24439d9ff26a7334bdf4e63cd7eb5cc0d3
SSDEEP

3072:MpA5Hawe6cAFUMMnMMMMMX7I7DvtsKMiM4CHYOaRhjYAHMtUPDoRf9DePBmPBvxK:cGHaj9pMMnMMMMMavQOC4O+hUQMtU7S8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
221929c945fea62c310ed737cbd75b07

Files

221929c945fea62c310ed737cbd75b07
.exe windows:5 windows x86 arch:x86

c5d41967aa0975fc0978a529e6c5f098

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

uxtheme

GetThemeBackgroundExtent
SetWindowTheme
GetThemeAppProperties
IsAppThemed
IsThemeActive
GetThemeMetric
GetThemeFont
GetThemeMargins
GetThemeBackgroundContentRect
OpenThemeData
GetThemePartSize
CloseThemeData
DrawThemeBackground
DrawThemeParentBackground
GetThemeColor

ddraw

DirectDrawCreate

user32

GetSystemMenu
MessageBoxExA
GetNextDlgTabItem
IsWindow
IsIconic
TrackPopupMenu
SetCapture
SetFocus
SetClipboardViewer
GetMenuItemInfoW
MapVirtualKeyW
GetClipboardFormatNameW
GetSubMenu
GetClassLongW
InsertMenuW
CallMsgFilterW
CharUpperW
CharLowerBuffW
EndDialog
GetLastInputInfo
GetCapture
RemovePropW
RegisterClassExW
MessageBoxIndirectW
DefWindowProcW
RemoveMenu
CharLowerW
DestroyWindow
SetMenu
GetClientRect
DialogBoxIndirectParamW
DdeCreateDataHandle
DdeGetData
DialogBoxIndirectParamA
GetProcessWindowStation
DialogBoxParamW
InvalidateRect
GetFocus
GetAncestor
SetWindowRgn
GetActiveWindow
PostMessageW
MapWindowPoints
GetClipboardData
ScreenToClient
BeginDeferWindowPos
AdjustWindowRect
SetMenuItemBitmaps
InsertMenuItemW
DestroyAcceleratorTable
GetPropW
GetWindowInfo
GetMenuItemID
DdeUninitialize
FillRect
CloseClipboard
GetClassNameW
SetScrollInfo
CreateIconIndirect
SetRect
UnregisterClassW
EqualRect
SetWindowLongW
FindWindowA
EnumDisplaySettingsW
GetWindowRgnBox
SetCursor
GetShellWindow
SetDlgItemTextW
GetMessageTime
GetSystemMetrics
GetMenuItemInfoA
RegisterClipboardFormatW
DrawTextExW
UpdateWindow
GetClassWord
LoadMenuW
DispatchMessageW
DefWindowProcA
GetCursor
IsChild
PeekMessageW
GetWindowLongA
GetAsyncKeyState
SendMessageTimeoutA
SetParent
SetPropA
EndMenu
MessageBoxExW
ShowWindow
SetWindowLongA
GetMenuItemCount
CheckDlgButton
MapDialogRect
DeleteMenu
GetClassInfoW
SetWindowPlacement
EndPaint
DdeFreeStringHandle
SetActiveWindow
GetWindowLongW
RemovePropA
SendMessageW
DrawFocusRect
GetDlgCtrlID
UnionRect
CreateWindowExW
ClientToScreen
LoadImageW
GetDlgItemTextW
SendDlgItemMessageW
DdeInitializeW
WindowFromPoint
PostQuitMessage
TranslateAcceleratorW
RegisterClassW
KillTimer
WinHelpW
CharPrevA
VkKeyScanExW
EnumDesktopWindows
GetMessageW
MessageBoxW
SendNotifyMessageW
AdjustWindowRectEx
SystemParametersInfoW
GetWindowThreadProcessId
ReleaseDC
RegisterWindowMessageW
CopyImage
DialogBoxParamA
EnumChildWindows
GetCursorPos
GetMonitorInfoW
AppendMenuW
IsWindowUnicode
ShowOwnedPopups
CopyRect
GetParent
PostThreadMessageA
PtInRect
MonitorFromPoint
UnhookWindowsHookEx
GetKeyState
GetMessageA
DdeDisconnect
GetPropA
GetMenuState
MoveWindow
PeekMessageA
SetCursorPos
DrawTextW
SetTimer
FindWindowExW
DdeFreeDataHandle
IntersectRect
DestroyIcon
IsWindowEnabled
LoadIconW
EnumThreadWindows
PostMessageA
IsRectEmpty
IsWindowVisible
GetSysColorBrush
IsDialogMessageW
SetWindowTextW
SetClipboardData
IsDlgButtonChecked
EnableMenuItem
MonitorFromRect
GetLastActivePopup
CreateMenu
GetWindowPlacement
LoadCursorA
CreatePopupMenu
OffsetRect
GetMenuDefaultItem
CharNextA
HideCaret
SendMessageA
EmptyClipboard
GetWindowTextW
PostThreadMessageW
CopyIcon
DeferWindowPos
GetDC
GetSysColor
ReleaseCapture
WaitMessage
ChangeClipboardChain
BeginPaint
DdeConnect
CheckMenuRadioItem
UpdateLayeredWindow
IsCharAlphaNumericW
NotifyWinEvent
wsprintfW
SetWindowsHookExW
GetMessagePos
SetForegroundWindow
TrackPopupMenuEx
GetDlgItem
MonitorFromWindow
LoadBitmapW
GetWindow
TranslateMessage
DrawFrameControl
EnumWindows
DdeCreateStringHandleW
DestroyMenu
CheckMenuItem
DrawEdge
SetMenuItemInfoW
GetScrollInfo
GetKeyNameTextW
LoadCursorW
MessageBeep
SetRectEmpty
GetDesktopWindow
GetForegroundWindow
GetKeyboardLayout
FindWindowW
SetDlgItemInt
EndDeferWindowPos
SetPropW
SetWindowPos
AllowSetForegroundWindow
GetWindowDC
TrackMouseEvent
ChildWindowFromPoint
CharPrevW
ShowCaret
GetClassInfoExW
GetDoubleClickTime
SetMenuDefaultItem
SystemParametersInfoA
GetComboBoxInfo
CreateDialogParamW
DdeClientTransaction
LoadStringW
InflateRect
IsHungAppWindow
GetWindowRect
ShowScrollBar
SendMessageTimeoutW
MessageBoxIndirectA
DdeQueryStringW
DrawIconEx
MsgWaitForMultipleObjects
RegisterWindowMessageA
GetMenuStringW
DispatchMessageA
OpenClipboard
LoadAcceleratorsW
CheckRadioButton
IsMenu
EnableWindow
GetDialogBaseUnits
LoadStringA
MsgWaitForMultipleObjectsEx
SetScrollPos
WaitForInputIdle
AnimateWindow
LockSetForegroundWindow
CharNextW
DdeNameService
CallWindowProcW
GetIconInfo
RedrawWindow
GetWindowTextLengthW
GetTopWindow
CallNextHookEx
AttachThreadInput
RegisterClipboardFormatA

shell32

ExtractIconExW
SHGetDesktopFolder
DragQueryFileW
SHChangeNotify
ShellExecuteW
SHGetFolderPathAndSubDirW
Shell_NotifyIconA
SHGetFileInfoW
ShellExecuteExW
SHSetLocalizedName
SHGetPathFromIDListW
SHGetFolderPathW
ExtractAssociatedIconExW
SHGetFolderLocation
SHCreateShellItem
ExtractIconW
SHAppBarMessage
SHPathPrepareForWriteW
SHGetDataFromIDListW
SHGetInstanceExplorer
Shell_NotifyIconW
SHBindToParent
SHGetSpecialFolderLocation
ShellAboutW
SHBrowseForFolderW
ShellExecuteA
SHGetSpecialFolderPathW
SHGetPathFromIDListA
SHFileOperationW

rtutils

TraceDumpExA
TraceDumpExW

ntdll

RtlAddAccessAllowedObjectAce
RtlAdjustPrivilege
NtSetSystemEnvironmentValueEx
NtQuerySemaphore

gdi32

SetBkColor
CombineRgn
CreateMetaFileW
IntersectClipRect
SetStretchBltMode
RealizePalette
GetTextExtentExPointI
CreatePolygonRgn
GetRegionData
SelectPalette
GetStockObject
SaveDC
DeleteEnhMetaFile
CreateBitmap
SetTextAlign
RestoreDC
BitBlt
GetGlyphIndicesW
DeleteDC
GetObjectA
StretchDIBits
GetRgnBox
TextOutW
GetBkMode
CreateRectRgn
CreateFontIndirectA
CreateCompatibleBitmap
SetRectRgn
StretchBlt
ExtTextOutW
SetViewportOrgEx
SetPaletteEntries
GetTextExtentPointW
CreatePatternBrush
CreateDCA
CreatePen
CreateCompatibleDC
GetTextAlign
GetTextColor
LineTo
CreateHalftonePalette
CreateFontW
GetObjectW
GetPaletteEntries
GetLayout
SetViewportExtEx
SetBrushOrgEx
CreateFontIndirectW
SetWindowExtEx
LPtoDP
GetPixel
DeleteObject
CloseMetaFile
GetDeviceCaps
PlayEnhMetaFile
GetSystemPaletteEntries
GetBrushOrgEx
Rectangle
GetTextExtentPoint32A
GetDCOrgEx
CreateSolidBrush
SetLayout
GetDIBits
TextOutA
GetClipBox
CreateDCW
CreateDIBSection
OffsetWindowOrgEx
GetBkColor
OffsetRgn
CreateRectRgnIndirect
SetDCPenColor
SetWindowOrgEx
SetTextColor
CloseEnhMetaFile
GetTextCharset
CreatePalette
CreateDIBPatternBrushPt
EqualRgn
GetTextMetricsW
SetBkMode
GetTextExtentPoint32W
CreateEnhMetaFileA
RectVisible
ExtCreateRegion
MoveToEx
PatBlt
SelectObject
SetMapMode

kernel32

VirtualAlloc

advapi32

CryptReleaseContext
GetTokenInformation
GetTraceLoggerHandle
CreateProcessAsUserW
ConvertSidToStringSidW
RegDeleteValueW
ConvertStringSidToSidW
RegOpenKeyExA
RegOpenKeyW
RegEnumValueW
SetThreadToken
RegCreateKeyExW
CryptHashData
RegQueryValueExW
TraceEvent
GetLengthSid
OpenProcessToken
CryptDestroyHash
RegCreateKeyA
RegEnumValueA
CryptAcquireContextW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCreateKeyExA
TraceMessage
RegDeleteKeyW
RegQueryInfoKeyW
RegDeleteKeyA
RegOpenCurrentUser
IsTextUnicode
RegOpenKeyExW
RegDeleteValueA
CryptCreateHash
RegEnumKeyExW
ImpersonateSelf
UnregisterTraceGuids
GetUserNameW
RegisterTraceGuidsW
GetTraceEnableFlags
RegSetValueExW
CryptGetHashParam
RegEnumKeyW
RegCloseKey
OpenThreadToken
RegQueryValueExA
RegQueryValueW
DuplicateTokenEx
SetTokenInformation
RegSetValueExA
GetTraceEnableLevel

psapi

GetProcessImageFileNameW

Sections

.text
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5d41967aa0975fc0978a529e6c5f098

Headers

DLL Characteristics

File Characteristics

Imports

uxtheme

ddraw

user32

shell32

rtutils

ntdll

gdi32

kernel32

advapi32

psapi

Sections

.text Size: 1024B - Virtual size: 1012B

.idata Size: 12KB - Virtual size: 12KB

.data Size: 1KB - Virtual size: 352KB

.rsrc Size: 155KB - Virtual size: 154KB

.rdata Size: 8KB - Virtual size: 7KB

.text
Size: 1024B - Virtual size: 1012B

.idata
Size: 12KB - Virtual size: 12KB

.data
Size: 1KB - Virtual size: 352KB

.rsrc
Size: 155KB - Virtual size: 154KB

.rdata
Size: 8KB - Virtual size: 7KB