279f43ac309616c1dd8f4c48f9c66781

Sharing

Copy URL Twitter E-mail

General

Target

279f43ac309616c1dd8f4c48f9c66781
Size

556KB
MD5

279f43ac309616c1dd8f4c48f9c66781
SHA1

c5f1a94febf53a31acc0e1f2322a7e9141435283
SHA256

800c31a74d2a923b8ead40cf26650a768c6b650b97011ea33b7890d567d42e0c
SHA512

e06f3a98fca5cac46009fe5a9c51959e7bc25b2c8f182d2b23f00e7a8aa6964fa47bbf3cfe79b972cede1096a6ac12be220b8e6bc5b58a77bebf1074bbb64ade
SSDEEP

12288:nBMMnMMMMMtzDS/3GkqHsK76QxNEmRfxhzGqgGmOzm0OU4LNTTdZy6f:nBMMnMMMMMtni3IsK7VMmRfx1G7GmOz6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
279f43ac309616c1dd8f4c48f9c66781

Files

279f43ac309616c1dd8f4c48f9c66781
.exe windows:4 windows x86 arch:x86

0fe9d8dc5b64e749002a183cf78231fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TrackPopupMenu
DdeCreateDataHandle
UpdateWindow
EndPaint
LoadIconA
ShowWindow
CheckMenuItem
GetDesktopWindow
GetParent
WindowFromPoint
PeekMessageA
InvalidateRgn
DestroyCaret
GetWindowTextLengthA
DdeCmpStringHandles
GetSysColor
PeekMessageW
GetWindowLongA
ModifyMenuA
FindWindowW
GetCaretPos
TranslateMDISysAccel
SubtractRect
HideCaret
IsCharAlphaA
IsChild
ShowCaret
SetPropA
CreateWindowExA
UnregisterClassA
IsClipboardFormatAvailable
IsWindow
SetParent
IsIconic
DdeAbandonTransaction
EnumThreadWindows
SetScrollPos
SetScrollRange
EndDeferWindowPos
IsRectEmpty
DefFrameProcA
BeginDeferWindowPos
DefMDIChildProcA
GetMessageTime
AdjustWindowRectEx
GetAsyncKeyState
SetForegroundWindow
SetTimer
DdePostAdvise
DdeGetLastError
IntersectRect
SetWindowTextA
MapWindowPoints
DdeCreateStringHandleA
DeferWindowPos
GetUpdateRgn
CopyRect
InflateRect
DispatchMessageA
GetSubMenu
SetDlgItemTextA
keybd_event
GetDC
LockWindowUpdate
MoveWindow
IsDialogMessageA
CharLowerBuffW
DestroyWindow
EqualRect
DdeConnect
SetWindowContextHelpId
wsprintfA
GetDCEx
FindWindowA
DdeDisconnect
GetWindowTextA
GetMessagePos
WaitMessage
DeleteMenu
GetMenuItemCount
GetWindowRgn
GetCapture
GetCursor
ReleaseDC
DdeFreeStringHandle
CharNextA
ReleaseCapture
DrawMenuBar
GetUpdateRect
CharUpperBuffW
SetActiveWindow
DdeFreeDataHandle
InsertMenuA
CreateIcon
LoadAcceleratorsA
TranslateMessage
SetWindowLongA
GetMenuState
SetFocus
DestroyAcceleratorTable
UnhookWindowsHookEx
RegisterClassA
GetMenuStringA
PostQuitMessage
GetClassInfoExA
VkKeyScanA
SetMenuItemInfoA
SetScrollInfo
OemToCharA
SystemParametersInfoA
DrawIcon
GetScrollPos
VkKeyScanW
GetClipboardFormatNameA
LoadImageA
GetIconInfo
PostThreadMessageA
GetWindow
OpenClipboard
DdeSetUserHandle
SetWindowRgn
ClipCursor
CharPrevA
LoadStringA
AttachThreadInput
MessageBoxA
DdeGetData
InvalidateRect
CreateCaret
BeginPaint
CharLowerBuffA
GetCaretBlinkTime
CharLowerA
SetMenuDefaultItem
DefWindowProcA
MessageBoxIndirectA
AdjustWindowRect
DdeQueryConvInfo
EnableWindow
GetScrollInfo
CharToOemA
BringWindowToTop
WinHelpA
WaitForInputIdle
DrawFocusRect
ToAscii
SetCapture
FrameRect
GetTabbedTextExtentA
GetPropA
GetClassNameA
RegisterClassExA
GetLastActivePopup
GetSystemMenu
PostMessageW
GetDlgItem
GetKeyboardLayout
SendMessageA
IsWindowEnabled
RemoveMenu
GetMenuItemID
GetMenuItemInfoA
PtInRect
IsZoomed
CreateCursor
ClientToScreen
GetClientRect
DdeClientTransaction
DrawFrameControl
CreateMenu
DdeNameService
GetClassInfoA
CharToOemBuffA
SendDlgItemMessageA
ScreenToClient
CallNextHookEx
SetWindowsHookExA
CharUpperA
GetCursorPos
EmptyClipboard
OffsetRect
CopyAcceleratorTableA
GetWindowDC
TabbedTextOutA
GetKeyboardState
SetCaretPos
CreateAcceleratorTableA
EnableMenuItem
GetWindowThreadProcessId
LoadCursorA
GetWindowRect
DestroyCursor
MsgWaitForMultipleObjects
SetWindowsHookExW
DrawTextA
CallWindowProcA
GetForegroundWindow
RegisterClipboardFormatA
DdeUninitialize
AppendMenuA
SetClipboardData
GetMenu
ShowCursor
DdeQueryStringA
GetActiveWindow
DdeInitializeA
CharUpperBuffA
LoadBitmapA
IsWindowVisible
DestroyIcon
EndDialog
SetCursorPos
SetRect
EnumClipboardFormats
DialogBoxParamA
GetDoubleClickTime
RemovePropA
ShowScrollBar
CreateDialogParamA
SetMenu
GetFocus
MessageBeep
SetWindowPos
CreatePopupMenu
GetSystemMetrics
CloseClipboard
SetKeyboardState
PostMessageA
DestroyMenu
GetQueueStatus
FillRect
GetKeyState
SetCursor
KillTimer
GetClipboardData

ole32

OleUninitialize
OleLoad
StgCreateDocfile
ProgIDFromCLSID
CoMarshalInterface
OleQueryLinkFromData
StringFromCLSID
BindMoniker
CoUnmarshalInterface
GetClassFile
OleSave
CoDisconnectObject
CreateILockBytesOnHGlobal
MkParseDisplayName
CLSIDFromProgID
ReleaseStgMedium
OleSaveToStream
OleCreateLinkFromData
OleLoadFromStream
OleInitialize
CoRegisterMessageFilter
CoIsOle1Class
CoLockObjectExternal
OleGetIconOfClass
OleCreateLink
OleConvertOLESTREAMToIStorage
CreateDataAdviseHolder
ReadClassStg
StgIsStorageILockBytes
StringFromGUID2
ReadClassStm
StgOpenStorage
OleDoAutoConvert
OleRegGetUserType
CoGetClassObject
StgOpenStorageOnILockBytes
OleCreateFromData
OleSetClipboard
OleLockRunning
WriteClassStg
OleIsCurrentClipboard
StgCreateDocfileOnILockBytes
OleConvertIStorageToOLESTREAM
CoRevokeClassObject
OleSetMenuDescriptor
CreateBindCtx
OleGetClipboard
OleTranslateAccelerator
OleQueryCreateFromData
CreateStreamOnHGlobal
IIDFromString
OleFlushClipboard
OleIsRunning
CreateOleAdviseHolder
CoRegisterClassObject
RegisterDragDrop
OleGetAutoConvert
OleCreateLinkToFile
OleCreateFromFile
OleRun
OleCreateMenuDescriptor
IsAccelerator
CoCreateInstance
DoDragDrop
OleDestroyMenuDescriptor
OleDuplicateData
CoFreeUnusedLibraries
CLSIDFromString
CoGetMalloc
RevokeDragDrop

kernel32

RtlUnwind
FileTimeToSystemTime
GetFileAttributesA
SystemTimeToFileTime
TlsAlloc
lstrcmpiW
GetSystemInfo
FileTimeToLocalFileTime
_lwrite
GetUserDefaultLangID
FreeLibrary
lstrcatA
GetEnvironmentStrings
GetCommandLineA
GlobalSize
_lread
GetStringTypeA
FindClose
VirtualAlloc
GlobalDeleteAtom
GetWindowsDirectoryA
SizeofResource
SetFileTime
HeapDestroy
CreateProcessA
EnterCriticalSection
InterlockedIncrement
GlobalLock
IsDBCSLeadByte
TlsFree
FindResourceA
ResumeThread
GetModuleHandleA
ResetEvent
FindNextFileA
LoadLibraryExA
GetProfileStringA
TlsGetValue
HeapCreate
IsBadCodePtr
GlobalAddAtomA
TlsSetValue
VirtualQuery
SetErrorMode
WideCharToMultiByte
GetSystemDefaultLangID
GetTempPathA
CreateThread
HeapSize
VirtualProtect
SetFilePointer
FindFirstFileA
GetLocalTime
GlobalUnlock
WinExec
HeapAlloc
FlushFileBuffers
GetStringTypeW
GetModuleFileNameA
DeleteCriticalSection
GlobalReAlloc
_llseek
FlushInstructionCache
SetEvent
UnhandledExceptionFilter
DeleteFileA
LoadLibraryA
GetDateFormatA
GetDriveTypeA
lstrcpynA
GetCurrentProcessId
SetCurrentDirectoryA
GetStringTypeExA
LoadResource
HeapReAlloc
FreeEnvironmentStringsW
GetTickCount
GetSystemDirectoryA
CreateEventA
DuplicateHandle
GetLocaleInfoA
GetCurrentThreadId
LockResource
CompareStringA
SetEnvironmentVariableA
GetShortPathNameA
GetACP
_lclose
RaiseException
VirtualFree
lstrcmpA
GetTempFileNameA
GetCurrentDirectoryA
LeaveCriticalSection
SetHandleCount
CreateSemaphoreA
GetFileType
ExitThread
SetEndOfFile
GetLastError
GlobalHandle
GetSystemTime
CreateFileA
CreateDirectoryA
CompareStringW
GetCurrentProcess
GetCPInfo
InitializeCriticalSection
GetUserDefaultLCID
GetEnvironmentStringsW
MultiByteToWideChar
WriteFile
GetFullPathNameA
SetStdHandle
GlobalAlloc
FreeEnvironmentStringsA
ExitProcess
FormatMessageW
GetVolumeInformationA
GetVersion
SetLocalTime
lstrcpyA
LCMapStringA
GlobalFree
lstrlenA
UnlockFile
IsBadReadPtr
FreeResource
Sleep
GetStartupInfoA
GetOEMCP
GetVersionExA
GetStdHandle
FormatMessageA
HeapFree
LockFile
GetSystemDefaultLCID
MoveFileA
InterlockedDecrement
RemoveDirectoryA
GetProcAddress
ReadFile
WaitForSingleObject
LCMapStringW
GetExitCodeProcess
SetLastError
SetFileAttributesA
CreateProcessW
SearchPathA
ReleaseSemaphore
GetTimeZoneInformation
CloseHandle
MulDiv
TerminateProcess
lstrcmpiA
GetModuleFileNameW
GetFileTime

ntdll

RtlAddCompoundAce

ddraw

DirectDrawEnumerateA

advapi32

RegQueryValueExW
RegisterEventSourceA
RegSetValueA
InitializeSecurityDescriptor
OpenProcessToken
RegDeleteKeyA
RegEnumKeyA
RegEnumValueA
ReportEventA
RegDeleteValueA
RegCreateKeyW
RegOpenKeyW
RegQueryValueA
RegEnumValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
LookupPrivilegeValueA
SetSecurityDescriptorDacl
RegQueryInfoKeyA
RegCloseKey
AdjustTokenPrivileges
DeregisterEventSource
RegSetValueExW
RegSetValueExA
RegCreateKeyA

gdi32

StretchDIBits
PtInRegion
Pie
SetDIBColorTable
GetViewportExtEx
GetStockObject
TranslateCharsetInfo
ScaleWindowExtEx
ExtCreateRegion
EndDoc
GetDIBits
StartPage
EnumFontsA
GetWindowExtEx
PlayMetaFile
CreateDCA
GetTextExtentPoint32A
SetViewportOrgEx
SetROP2
ScaleViewportExtEx
SetMapMode
SelectClipRgn
EndPage
DeleteEnhMetaFile
SetPixelV
OffsetRgn
GetTextMetricsA
SetStretchBltMode
EndPath
GetMapMode
SetBkColor
GetCurrentObject
CreateRectRgnIndirect
GetBitmapBits
CreateFontIndirectA
CreateHalftonePalette
CreateEnhMetaFileA
LineTo
CreatePen
CreatePenIndirect
BitBlt
SetAbortProc
GetROP2
RestoreDC
CombineRgn
GetPaletteEntries
GetEnhMetaFileHeader
BeginPath
CreatePatternBrush
SelectPalette
DeleteObject
OffsetWindowOrgEx
CreateBrushIndirect
CreateBitmap
DeleteMetaFile
CreateEllipticRgnIndirect
ResetDCA
RoundRect
CopyEnhMetaFileA
UnrealizeObject
CreateICA
PlayEnhMetaFile
WidenPath
CloseEnhMetaFile
CreateDIBitmap
CreateCompatibleBitmap
SetRectRgn
GetSystemPaletteEntries
CreateRectRgn
Escape
CreateCompatibleDC
ExtTextOutA
CloseMetaFile
SelectObject
Arc
CreatePalette
IntersectClipRect
SetViewportExtEx
GetTextExtentPointA
GetDeviceCaps
CreateMetaFileA
PatBlt
CreateHatchBrush
CreateSolidBrush
GetNearestColor
AbortDoc
ExcludeClipRect
CopyMetaFileA
GetBkColor
RealizePalette
GetClipBox
CreateDIBSection
GetObjectA
SaveDC
PathToRegion
DeleteDC
SetWindowExtEx
GetObjectType
TextOutA
StretchBlt
SetBkMode
StartDocA
GetWindowOrgEx
CreateRoundRectRgn
GetPixel
Rectangle
MoveToEx
SetWindowOrgEx
Ellipse
GetTextColor
SetTextColor
SetBrushOrgEx

Sections

.text
Size: 4KB - Virtual size: 908B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 496KB - Virtual size: 494KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0fe9d8dc5b64e749002a183cf78231fc

Headers

File Characteristics

Imports

user32

ole32

kernel32

ntdll

ddraw

advapi32

gdi32

Sections

.text Size: 4KB - Virtual size: 908B

.rdata Size: 12KB - Virtual size: 10KB

.rsrc Size: 496KB - Virtual size: 494KB

.idata Size: 16KB - Virtual size: 15KB

.data Size: 24KB - Virtual size: 2.0MB

.text
Size: 4KB - Virtual size: 908B

.rdata
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 496KB - Virtual size: 494KB

.idata
Size: 16KB - Virtual size: 15KB

.data
Size: 24KB - Virtual size: 2.0MB