378503d37fa07aa731789769d91098dc

Sharing

Copy URL Twitter E-mail

General

Target

378503d37fa07aa731789769d91098dc
Size

480KB
MD5

378503d37fa07aa731789769d91098dc
SHA1

d5ffc033b26eca35657cce9bebb90dabf848cffa
SHA256

ca463ef9196a13c0c416be58e28e35b9140d051b64722909355019c6b37c85cc
SHA512

d5f1a2cbfa0f25b86197eea2c43a47eb1f4b4cbbea740ac1f518b983b15f24d744a809887dfae2796cdcf92b244db53bb7d978a2dc19cc1c86b7faeeac84e5cf
SSDEEP

12288:5L5ZO5xzRrIFAoUS/7QeDF5iqNEw3l8/:5L5mZ9q/ce9WT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
378503d37fa07aa731789769d91098dc

Files

378503d37fa07aa731789769d91098dc
.exe windows:4 windows x86 arch:x86

6c25c8a3c5a01f99d930977d39d80eb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAAccept
WSAConnect

olecli32

OleEqual

kernel32

HeapAlloc
SetErrorMode
lstrcmpA
IsBadReadPtr
GetFileAttributesA
GetSystemDefaultLCID
LockFile
FreeEnvironmentStringsW
lstrcpynA
IsBadCodePtr
GlobalAddAtomA
ReleaseSemaphore
GetExitCodeProcess
_llseek
GetCurrentThreadId
RaiseException
GlobalSize
InterlockedDecrement
EnterCriticalSection
TerminateProcess
SizeofResource
GetStdHandle
MoveFileA
TlsAlloc
lstrcmpiW
CreateProcessW
lstrcmpiA
VirtualFree
WriteFile
GetWindowsDirectoryA
_lwrite
GetTempPathA
SetFileAttributesA
GlobalAlloc
Sleep
CompareStringW
GetUserDefaultLangID
VirtualQuery
GlobalLock
RemoveDirectoryA
CreateEventA
FormatMessageA
GlobalHandle
TlsSetValue
TlsFree
FreeEnvironmentStringsA
WideCharToMultiByte
RtlUnwind
SetLastError
GetVersionExA
lstrcpyA
GetStringTypeW
ResetEvent
UnhandledExceptionFilter
GetLastError
_lclose
GetProcAddress
GlobalUnlock
GetACP
GlobalDeleteAtom
GetUserDefaultLCID
CreateDirectoryA
GetStringTypeA
ResumeThread
_lread
HeapFree
SetEndOfFile
SetHandleCount
SetLocalTime
GetShortPathNameA
HeapDestroy
GetTickCount
VirtualProtect
GetSystemDefaultLangID
DeleteFileA
CloseHandle
FindClose
WaitForSingleObject
LCMapStringA
ExitProcess
FindResourceA
FreeResource
GetEnvironmentStringsW
MultiByteToWideChar
GetCurrentDirectoryA
LCMapStringW
GetDateFormatA
GetLocalTime
GetTempFileNameA
DeleteCriticalSection
VirtualAlloc
SetEnvironmentVariableA
lstrlenA
SetFileTime
LeaveCriticalSection
LoadLibraryExA
SearchPathA
HeapCreate
GetFullPathNameA
LoadLibraryA
GetVersion
HeapSize
SetStdHandle
InterlockedIncrement
DuplicateHandle
FileTimeToLocalFileTime
SetFilePointer
GetModuleHandleA
GetEnvironmentStrings
CreateThread
GetTimeZoneInformation
ReadFile
GetProfileStringA
lstrcatA
GetLocaleInfoA
SystemTimeToFileTime
FreeLibrary
FindFirstFileA
GetCurrentProcessId
GetStartupInfoA
GetCPInfo
CreateSemaphoreA
GetModuleFileNameW
CreateFileA
ExitThread
UnlockFile
FileTimeToSystemTime
FormatMessageW
GlobalFree
GetFileType
InitializeCriticalSection
WinExec
GetFileTime
CreateProcessA
HeapReAlloc
SetEvent
IsDBCSLeadByte
GetVolumeInformationA
GetSystemInfo
GetSystemTime
FlushFileBuffers
GetModuleFileNameA
FindNextFileA
GetStringTypeExA
FlushInstructionCache
GetDriveTypeA
TlsGetValue
GetCurrentProcess
GetSystemDirectoryA
CompareStringA
MulDiv
GetOEMCP
GlobalReAlloc
LockResource
LoadResource
SetCurrentDirectoryA
GetCommandLineA

advapi32

SetSecurityDescriptorDacl
RegQueryValueA
RegEnumValueW
AdjustTokenPrivileges
RegEnumKeyA
RegQueryValueExW
RegQueryValueExA
RegSetValueExW
RegOpenKeyW
InitializeSecurityDescriptor
RegDeleteValueW
RegEnumValueA
RegSetValueA
LookupPrivilegeValueA
RegCloseKey
RegDeleteKeyA
RegEnumKeyW
DeregisterEventSource
RegOpenKeyA
RegSetValueExA
OpenProcessToken
RegOpenKeyExA
RegQueryInfoKeyA
ReportEventA
RegisterEventSourceA
RegCreateKeyW
RegCreateKeyA
RegDeleteKeyW
RegDeleteValueA

ole32

StringFromCLSID
BindMoniker
OleGetClipboard
DoDragDrop
OleInitialize
RevokeDragDrop
StringFromGUID2
OleDoAutoConvert
CoRevokeClassObject
CoLockObjectExternal
CoMarshalInterface
OleLockRunning
OleIsRunning
CoFreeUnusedLibraries
CreateDataAdviseHolder
CreateOleAdviseHolder
OleSave
OleCreateFromData
OleQueryCreateFromData
WriteClassStg
OleConvertIStorageToOLESTREAM
ReleaseStgMedium
StgIsStorageILockBytes
CreateILockBytesOnHGlobal
CreateBindCtx
OleSaveToStream
OleSetClipboard
OleDuplicateData
StgCreateDocfileOnILockBytes
OleLoadFromStream
CreateStreamOnHGlobal
ReadClassStm
OleRun
CoRegisterMessageFilter
OleDestroyMenuDescriptor
CoGetMalloc
OleIsCurrentClipboard
OleSetMenuDescriptor
OleGetAutoConvert
OleCreateMenuDescriptor
IsAccelerator
OleCreateLink
ReadClassStg
CoRegisterClassObject
OleTranslateAccelerator
CoCreateInstance
CoDisconnectObject
CoUnmarshalInterface
MkParseDisplayName
OleCreateFromFile
CoIsOle1Class
OleGetIconOfClass
StgOpenStorage
OleCreateLinkToFile
CLSIDFromProgID
OleUninitialize
OleLoad
OleConvertOLESTREAMToIStorage
OleCreateLinkFromData
OleFlushClipboard
RegisterDragDrop
StgOpenStorageOnILockBytes
CLSIDFromString
GetClassFile
IIDFromString
CoGetClassObject
ProgIDFromCLSID
OleQueryLinkFromData
StgCreateDocfile
OleRegGetUserType

user32

CharNextA
CopyAcceleratorTableA
SetCursorPos
IsZoomed
CharUpperBuffW
GetUpdateRect
CreateIcon
BeginPaint
PeekMessageW
LoadIconA
ShowWindow
SetScrollRange
DestroyIcon
CharToOemBuffA
CallNextHookEx
DefMDIChildProcA
ShowScrollBar
CharLowerBuffW
DdeCreateDataHandle
PeekMessageA
SendMessageA
UpdateWindow
RegisterClassA
DestroyWindow
GetSysColor
GetWindowDC
DestroyMenu
RemoveMenu
GetScrollPos
GetMessagePos
FillRect
UnhookWindowsHookEx
DdeClientTransaction
AdjustWindowRectEx
DdeCreateStringHandleA
ClientToScreen
ModifyMenuA
AppendMenuA
GetParent
ShowCaret
GetActiveWindow
BeginDeferWindowPos
GetCursorPos
GetPropA
VkKeyScanA
GetAsyncKeyState
GetMessageTime
MapWindowPoints
GetFocus
PostMessageW
InsertMenuA
SendDlgItemMessageA
GetMenuState
HideCaret
RegisterClassExA
SetWindowPos
GetCapture
SetCapture
GetDoubleClickTime
EnableMenuItem
GetClientRect
CreateWindowExA
PostMessageA
SetMenuDefaultItem
SubtractRect
SetWindowsHookExW
CloseClipboard
GetTabbedTextExtentA
ToAscii
GetKeyState
GetClassInfoA
DdeGetData
CharUpperBuffA
EnumThreadWindows
CreateCaret
DdeCmpStringHandles
GetUpdateRgn
CharLowerBuffA
DdeSetUserHandle
UnregisterClassA
InvalidateRect
GetForegroundWindow
FrameRect
GetSubMenu
EmptyClipboard
GetClassInfoExA
DefFrameProcA
SetScrollPos
VkKeyScanW
CreateCursor
GetWindowTextLengthA
DdePostAdvise
DrawTextA
DdeNameService
CharPrevA
IsDialogMessageA
GetMenuItemInfoA
CharToOemA
GetCursor
DrawMenuBar
AttachThreadInput
GetSystemMenu
FindWindowW
SetKeyboardState
GetLastActivePopup
DdeDisconnect
SetClipboardData
GetClassNameA
DialogBoxParamA
KillTimer
SetTimer
SetActiveWindow
TranslateMDISysAccel
GetKeyboardState
GetMenu
DeferWindowPos
IsChild
GetKeyboardLayout
PtInRect
DestroyCursor
BringWindowToTop
DdeConnect
GetMenuStringA
SetPropA
DrawFrameControl
LoadStringA
SetWindowLongA
CopyRect
DispatchMessageA
WaitForInputIdle
GetDlgItem
OffsetRect
CreatePopupMenu
DdeUninitialize
GetWindowTextA
IsClipboardFormatAvailable
EndPaint
CreateAcceleratorTableA
LoadImageA
DdeInitializeA
WaitMessage
WindowFromPoint
CharLowerA
OemToCharA
GetDC
FindWindowA
DestroyAcceleratorTable
EndDialog
PostThreadMessageA
GetClipboardFormatNameA
DrawFocusRect
OpenClipboard
TrackPopupMenu
GetQueueStatus
DdeAbandonTransaction
wsprintfA
EnableWindow
IsCharAlphaA
DestroyCaret
InvalidateRgn
SetWindowContextHelpId
GetCaretPos
SetMenu
GetDCEx
SetWindowTextA
keybd_event
ReleaseCapture
TabbedTextOutA
CharUpperA
CreateMenu
MessageBeep
GetWindowLongA
DrawIcon
EqualRect
GetWindowThreadProcessId
SetFocus
DeleteMenu
DefWindowProcA
EndDeferWindowPos
GetDesktopWindow
IsWindowVisible
GetMenuItemID
IntersectRect
PostQuitMessage
AdjustWindowRect
ShowCursor
SetRect
DdeFreeStringHandle
RegisterClipboardFormatA
IsWindowEnabled
TranslateMessage
SetWindowRgn
SetDlgItemTextA
SetForegroundWindow
CallWindowProcA
IsRectEmpty
SetMenuItemInfoA
SetScrollInfo
GetMenuItemCount
IsIconic
SetCursor
LoadAcceleratorsA
SetParent
RemovePropA
GetWindowRgn
CreateDialogParamA
GetWindow
MessageBoxIndirectA
DdeQueryConvInfo
ScreenToClient
SetCaretPos
MoveWindow
InflateRect
GetScrollInfo
GetIconInfo
LoadCursorA
SystemParametersInfoA
GetCaretBlinkTime
IsWindow
GetSystemMetrics
EnumClipboardFormats
DdeGetLastError
LoadBitmapA
CheckMenuItem
LockWindowUpdate
WinHelpA
GetClipboardData
MessageBoxA
DdeFreeDataHandle
DdeQueryStringA
GetWindowRect
MsgWaitForMultipleObjects
ReleaseDC
ClipCursor
SetWindowsHookExA

ddraw

DirectDrawEnumerateA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 440KB - Virtual size: 437KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c25c8a3c5a01f99d930977d39d80eb5

Headers

File Characteristics

Imports

ws2_32

olecli32

kernel32

advapi32

ole32

user32

ddraw

Sections

.text Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 2.4MB

.idata Size: 16KB - Virtual size: 12KB

.rsrc Size: 440KB - Virtual size: 437KB

.rdata Size: 8KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 2.4MB

.idata
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 440KB - Virtual size: 437KB

.rdata
Size: 8KB - Virtual size: 4KB