375032b6c23d4ddb8d8cce9f7cfe2467

Sharing

Copy URL

Twitter E-mail

General

Target

375032b6c23d4ddb8d8cce9f7cfe2467
Size

846KB
MD5

375032b6c23d4ddb8d8cce9f7cfe2467
SHA1

a3aded315dda56e14ac1b965de596182c20ee180
SHA256

9b0e0e6045642d12396ab16aa4f85243632923e12bea6d7f88dfdec734dd2c0b
SHA512

e7a8729fbf54c86621302a71511206d8ca4b956f3fbcc587e7e52c15665610854eb2f87afa221f8778b046495dd6be47cb477c2506a126cce1b0ef0864ee1d13
SSDEEP

24576:3o6+eSbiouO7/Q0v8qz8eb5BCahuaR9yVN8Q:4LbMOzZFz8ebXCaRCVN8Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
375032b6c23d4ddb8d8cce9f7cfe2467

Files

375032b6c23d4ddb8d8cce9f7cfe2467
.exe windows:5 windows x86 arch:x86

1836fff31080c2e10f2b64549cb0ab94

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetModuleFileNameA
GetCurrentThreadId
DuplicateHandle
TlsFree
LocalFileTimeToFileTime
SetEvent
GlobalFree
SetEnvironmentVariableA
GetVersionExW
GetStringTypeW
GetDriveTypeW
SetLastError
FreeLibrary
GetACP
SetErrorMode
ExitThread
ReadFile
CloseHandle
FreeEnvironmentStringsW
GetOEMCP
Process32FirstW
HeapSize
FindClose
CreateProcessW
GlobalAlloc
DeleteCriticalSection
GetCPInfo
CreateFileW
TerminateThread
GetModuleHandleW
FileTimeToLocalFileTime
GetTempPathW
CreateEventW
GetEnvironmentVariableW
GetModuleFileNameW
WriteProcessMemory
WideCharToMultiByte
LCMapStringW
GetProcessHeap
WriteConsoleW
LoadLibraryW
OutputDebugStringW
SetSystemPowerState
InitializeCriticalSectionAndSpinCount
GetLocalTime
GetEnvironmentStringsW
SetPriorityClass
LoadLibraryA
GetWindowsDirectoryW
GetConsoleCP
GetTimeFormatA
EnumResourceNamesW
VirtualAlloc
SizeofResource
SetFilePointerEx
QueryPerformanceCounter
SystemTimeToFileTime
Beep
GlobalLock
InterlockedExchange
UnhandledExceptionFilter
GetStringTypeA
GetStartupInfoA
TlsSetValue
GetSystemDirectoryW
CopyFileW
MoveFileW
GetExitCodeProcess
VirtualFree
HeapReAlloc
SetUnhandledExceptionFilter
FindResourceW
VirtualProtect
GetTimeZoneInformation
Sleep
GetPrivateProfileSectionW
InterlockedIncrement
CompareStringA
GetSystemTimeAsFileTime
CreateDirectoryW
EnterCriticalSection
RtlUnwind
VirtualFreeEx
SetEnvironmentVariableW
DeviceIoControl
CreateFileA
GetModuleHandleA
SetVolumeLabelW
GetLocaleInfoA
CreateHardLinkW
GetProcessIoCounters
ResumeThread
GetComputerNameW
RemoveDirectoryW
GetCurrentDirectoryW
IsValidCodePage
GetFileType
SetFileTime
MultiByteToWideChar
SetFilePointer
WritePrivateProfileSectionW
GlobalMemoryStatusEx
LCMapStringA
GetFileAttributesW
GetCurrentThread
GetPrivateProfileSectionNamesW
GetDiskFreeSpaceW
Process32NextW
GetCommandLineW
GetFileSize
MulDiv
IsDebuggerPresent
SetFileAttributesW
TlsAlloc
CompareStringW
ExitProcess
FindNextFileW
InterlockedDecrement
GetDateFormatA
GetStartupInfoW
CreatePipe
HeapAlloc
GetTempFileNameW
RaiseException
WritePrivateProfileStringW
HeapFree
SetHandleCount
OpenProcess
QueryPerformanceFrequency
GetCurrentProcess
GetSystemInfo
GetConsoleMode
CreateThread
CreateToolhelp32Snapshot
LoadResource
LoadLibraryExW
WriteFile
TerminateProcess
FileTimeToSystemTime
WaitForSingleObject
GetConsoleOutputCP
WriteConsoleA
FormatMessageW
ReadProcessMemory
GetPrivateProfileStringW
TlsGetValue
GlobalUnlock
SetStdHandle
LockResource
GetCurrentProcessId
LeaveCriticalSection
GetDiskFreeSpaceExW
GetTickCount
FindFirstFileW
GetProcAddress
lstrcmpiW
FlushFileBuffers
VirtualAllocEx
DeleteFileW
GetLastError
SetEndOfFile
SetCurrentDirectoryW
GetShortPathNameW
GetFullPathNameW

user32

IsWindowVisible
InflateRect
PostQuitMessage
MapVirtualKeyW
MessageBoxW
ScreenToClient
GetMonitorInfoW
OpenWindowStationW
SetCapture
DefWindowProcW
IsDialogMessageW
CreateAcceleratorTableW
wsprintfW
GetFocus
SendDlgItemMessageW
OpenDesktopW
GetMenu
DeleteMenu
LoadStringW
CharUpperBuffW
DestroyIcon
IsZoomed
SetWindowLongW
PostMessageW
ExitWindowsEx
SetForegroundWindow
ClientToScreen
GetCursorPos
IsWindowEnabled
GetKeyboardState
CreatePopupMenu
SetUserObjectSecurity
GetSystemMetrics
GetAsyncKeyState
LoadImageW
TranslateMessage
SetProcessWindowStation
CheckMenuRadioItem
AttachThreadInput
EmptyClipboard
SetMenuItemInfoW
ReleaseCapture
CharLowerBuffW
GetMenuItemInfoW
RegisterWindowMessageW
CloseWindowStation
GetSubMenu
GetCursorInfo
GetWindowTextW
IsCharAlphaNumericW
DispatchMessageW
GetMenuStringW
GetDlgCtrlID
EndPaint
SetMenu
CopyRect
MessageBoxA
SetRect
GetClassLongW
DrawMenuBar
EnumThreadWindows
OpenClipboard
TranslateAcceleratorW
SetFocus
BeginPaint
DrawTextW
ShowWindow
GetForegroundWindow
GetClassNameW
CharNextW
GetMenuItemCount
RegisterHotKey
IsWindow
CloseDesktop
DrawFocusRect
GetActiveWindow
GetUserObjectSecurity
WindowFromPoint
UnregisterHotKey
FrameRect
BlockInput
DialogBoxParamW
SetKeyboardState
IsIconic
SendMessageTimeoutW
GetDesktopWindow
DestroyAcceleratorTable
DestroyMenu
GetDC
GetMenuItemID
FlashWindow
GetClientRect
GetProcessWindowStation
DestroyWindow
VkKeyScanW
CreateIconFromResourceEx
RegisterClassExW
GetWindowRect
mouse_event
GetDlgItem
LockWindowUpdate
GetSysColorBrush
IsMenu
AdjustWindowRectEx
GetKeyState
RedrawWindow
GetClipboardData
SendMessageW
CreateMenu
SetActiveWindow
IsCharUpperW
SetMenuDefaultItem
SendInput
CloseClipboard
EnumWindows
EndDialog
ReleaseDC
FillRect
IsClipboardFormatAvailable
MonitorFromPoint
SystemParametersInfoW
GetMessageW
IsDlgButtonChecked
GetWindowTextLengthW
LoadIconW
FindWindowExW
SetWindowPos
MessageBeep
GetWindowDC
keybd_event
GetKeyboardLayoutNameW
PeekMessageW
LoadCursorW
SetCursor
CountClipboardFormats
FindWindowW
SetWindowTextW
CopyImage
SetClipboardData
MonitorFromRect
SetLayeredWindowAttributes
TrackPopupMenuEx
KillTimer
IsCharAlphaW
MoveWindow
EnumChildWindows
GetCaretPos
InsertMenuItemW
CreateWindowExW
EnableWindow
IsCharLowerW
PtInRect
InvalidateRect
GetWindowThreadProcessId
GetParent
DrawFrameControl
GetWindowLongW
SetTimer
DefDlgProcW
GetSysColor

gdi32

SetBkColor
GetTextFaceW
StrokeAndFillPath
StretchBlt
GetTextExtentPoint32W
EndPath
Rectangle
CreatePen
GetDIBits
ExtCreatePen
DeleteDC
BeginPath
SetViewportOrgEx
StrokePath
SetTextColor
SetPixel
PolyDraw
GetObjectW
CreateFontW
CreateCompatibleDC
RoundRect
DeleteObject
Ellipse
MoveToEx
GetPixel
CreateCompatibleBitmap
CreateSolidBrush
GetDeviceCaps
SetBkMode
AngleArc
SelectObject
CreateDCW
CloseFigure
GetStockObject
LineTo

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

OpenProcessToken
OpenSCManagerW
GetTokenInformation
InitiateSystemShutdownExW
UnlockServiceDatabase
RegQueryValueExW
GetSecurityDescriptorDacl
CreateProcessAsUserW
CreateProcessWithLogonW
RegOpenKeyExW
InitializeAcl
AddAce
RegEnumKeyExW
RegDeleteKeyW
LogonUserW
CloseServiceHandle
RegEnumValueW
RegConnectRegistryW
RegSetValueExW
RegCloseKey
SetSecurityDescriptorDacl
DuplicateTokenEx
GetLengthSid
GetUserNameW
OpenThreadToken
InitializeSecurityDescriptor
RegCreateKeyExW
RegDeleteValueW
AdjustTokenPrivileges
CopySid
LockServiceDatabase
GetAclInformation
GetAce
LookupPrivilegeValueW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation
ord193
SHIsFileAvailableOffline
ShellExecuteW
SHGetFolderPathW
DragQueryPoint
ShellExecuteExW
Shell_NotifyIconW
DragQueryFileW
SHEmptyRecycleBinW
SHFileOperationW
SHGetDesktopFolder
DragFinish
SHBrowseForFolderW
ExtractIconExW
SHGetMalloc

ole32

CoCreateInstance
StringFromCLSID
OleSetMenuDescriptor
OleUninitialize
CoSetProxyBlanket
CoInitializeSecurity
CLSIDFromString
CoTaskMemFree
CLSIDFromProgID
CoInitialize
OleInitialize
CreateBindCtx
MkParseDisplayName
CoCreateInstanceEx
CoTaskMemAlloc
StringFromIID
CreateStreamOnHGlobal
CoUninitialize
IIDFromString
OleSetContainedObject

oleaut32

OleLoadPicture
SafeArrayAllocDescriptorEx
VariantCopy
VariantInit
SafeArrayUnaccessData
VariantClear
GetActiveObject
LoadRegTypeLi
OACreateTypeLib2
SafeArrayAllocData
VarR8FromDec
SafeArrayGetVartype
SafeArrayAccessData
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SysAllocString

comctl32

ImageList_BeginDrag
ImageList_DragLeave
InitCommonControlsEx
ImageList_Destroy
ImageList_SetDragCursorImage
ImageList_ReplaceIcon
ImageList_EndDrag
ImageList_DragEnter
ImageList_Create
ImageList_Remove
ImageList_DragMove

winmm

timeGetTime
waveOutSetVolume
mciSendStringW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

wininet

HttpQueryInfoW
InternetReadFile
InternetCloseHandle
InternetQueryDataAvailable
InternetOpenW
InternetCrackUrlW
FtpOpenFileW
InternetSetOptionW
HttpSendRequestW
InternetQueryOptionW
InternetConnectW
HttpOpenRequestW
FtpGetFileSize
InternetOpenUrlW

wsock32

WSACleanup
socket
inet_addr
bind
setsockopt
ioctlsocket
recv
gethostname
sendto
htons
connect
WSAGetLastError
accept
ntohs
WSAStartup
recvfrom
select
__WSAFDIsSet
gethostbyname
send
listen
closesocket

mpr

WNetGetConnectionW
WNetAddConnection2W
WNetUseConnectionW
WNetCancelConnection2W

psapi

EnumProcessModules
GetModuleBaseNameW
GetProcessMemoryInfo
EnumProcesses

userenv

LoadUserProfileW
CreateEnvironmentBlock
UnloadUserProfile
DestroyEnvironmentBlock

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.kyul
Size: - Virtual size: 5.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 495KB - Virtual size: 495KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1836fff31080c2e10f2b64549cb0ab94

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

winmm

version

wininet

wsock32

mpr

psapi

userenv

Sections

.text Size: 8KB - Virtual size: 8KB

.kyul Size: - Virtual size: 5.4MB

.rdata Size: 495KB - Virtual size: 495KB

.data Size: 294KB - Virtual size: 293KB

.tls Size: 512B - Virtual size: 57B

.rsrc Size: 33KB - Virtual size: 33KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 8KB - Virtual size: 8KB

.kyul
Size: - Virtual size: 5.4MB

.rdata
Size: 495KB - Virtual size: 495KB

.data
Size: 294KB - Virtual size: 293KB

.tls
Size: 512B - Virtual size: 57B

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 13KB - Virtual size: 12KB