3ac7216865d8099b7c3535ed77c7ec44

Sharing

Copy URL Twitter E-mail

General

Target

3ac7216865d8099b7c3535ed77c7ec44
Size

792KB
MD5

3ac7216865d8099b7c3535ed77c7ec44
SHA1

16e7eb5cc590a378e9571931a573e3804f744eda
SHA256

75edc22c613287a12360f7527c6001c4c8064398e3a6757134b42f078c874656
SHA512

f9cb73a60bf9a0aa5543249914c22ab575f7e7537365e596e59ed52558249b506896c1b1b00946182733c86b6b983c38bc65cff2ca28fab864f413ca282fb7e0
SSDEEP

12288:oSswyzoKi6IJKNnEvKZmd35Q4a/yxZJMEf1G5qUten+:w7Nn0K2jxZJMEdG5qsG+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ac7216865d8099b7c3535ed77c7ec44

Files

3ac7216865d8099b7c3535ed77c7ec44
.exe windows:4 windows x86 arch:x86

1160b395f900cff3aa95e135829309fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetOpenW
InternetSetOptionW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
HttpQueryInfoW
InternetErrorDlg
InternetCloseHandle

kernel32

TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GetFileTime
GetStartupInfoW
RtlUnwind
HeapReAlloc
ExitThread
HeapSize
SetStdHandle
GetFileType
VirtualProtect
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleHandleA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GlobalFlags
lstrlenA
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
GetThreadLocale
MoveFileW
SetErrorMode
InterlockedDecrement
SuspendThread
SetThreadPriority
lstrlenW
MulDiv
GlobalUnlock
GlobalFree
FreeResource
GlobalAddAtomW
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
GetTickCount
ResumeThread
GetFileAttributesW
GetExitCodeProcess
SetCurrentDirectoryW
DeleteFileW
CopyFileW
MoveFileExW
TerminateProcess
SetLastError
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
SetEvent
CreateEventW
Sleep
TerminateThread
WaitForSingleObject
HeapDestroy
CreateThread
HeapCreate
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryW
ReadFile
VirtualFree
VirtualAlloc
GetFileSize
OpenProcess
FindClose
FindFirstFileW
GetPrivateProfileSectionNamesW
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrcpyW
GetCurrentProcessId
GetCurrentThreadId
IsDebuggerPresent
lstrcatW
RaiseException
CreateFileW
CreateProcessW
GetCurrentThread
MultiByteToWideChar
CreateDirectoryW
lstrcmpiW
WideCharToMultiByte
GetModuleFileNameW
LocalFree
FormatMessageW
FindResourceW
LoadResource
LockResource
SizeofResource
GetVersionExW
GetCurrentProcess
GetModuleHandleW
GetProcAddress
ExitProcess
CloseHandle
GetLastError
CreateMutexW
GetModuleFileNameA

user32

PostThreadMessageW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
CharNextW
GetSysColorBrush
DestroyMenu
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ReleaseCapture
LoadCursorW
SetCapture
ClientToScreen
CharUpperW
UnregisterClassW
MoveWindow
SetWindowTextW
IsDialogMessageW
UnregisterClassA
ReleaseDC
GetDC
GetWindowThreadProcessId
SetCursor
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuState
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetForegroundWindow
UpdateWindow
GetClientRect
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GetParent
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
RegisterClipboardFormatW
DefWindowProcW
CallWindowProcW
GetWindowLongW
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
PostQuitMessage
ShowWindow
IsWindow
PostMessageW
RegisterWindowMessageW
SendMessageTimeoutW
FindWindowW
wsprintfW
ExitWindowsEx
EnableWindow
GetAsyncKeyState
GetSystemMetrics
MessageBoxW
SendMessageW
IsWindowVisible
LoadIconW
RemovePropW

gdi32

GetBkColor
GetTextColor
GetRgnBox
GetMapMode
GetWindowExtEx
GetViewportExtEx
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetDeviceCaps
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetStockObject
SetMapMode
RestoreDC
SaveDC
DeleteObject
CreateRectRgnIndirect
CreateBitmap

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegCreateKeyExW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegSetValueExW
RegQueryValueExW
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
RegCloseKey

shell32

SHGetFolderPathW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindFileNameW
UrlUnescapeW

oledlg

OleUIBusyW

ole32

CLSIDFromString
CoRevokeClassObject
CLSIDFromProgID
CoTaskMemFree
CoTaskMemAlloc
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard

oleaut32

SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
OleCreateFontIndirect
SysAllocString
SysStringLen

dbghelp

MiniDumpWriteDump

imagehlp

ImageGetCertificateData
ImageGetCertificateHeader
ImageEnumerateCertificates

crypt32

CertGetNameStringW
CryptVerifyMessageSignature
CertFreeCertificateContext

wintrust

WinVerifyTrust

Sections

.text
Size: 268KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 300KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1160b395f900cff3aa95e135829309fa

Headers

File Characteristics

Imports

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

dbghelp

imagehlp

crypt32

wintrust

Sections

.text Size: 268KB - Virtual size: 264KB

.rdata Size: 300KB - Virtual size: 297KB

.data Size: 12KB - Virtual size: 42KB

.rsrc Size: 208KB - Virtual size: 208KB

.text
Size: 268KB - Virtual size: 264KB

.rdata
Size: 300KB - Virtual size: 297KB

.data
Size: 12KB - Virtual size: 42KB

.rsrc
Size: 208KB - Virtual size: 208KB