d0f05cd6957e1e93d1ca4154762b4d4bcaeb16c0bf878b59a1500c4974ef4502

Sharing

Copy URL

Twitter E-mail

General

Target

d0f05cd6957e1e93d1ca4154762b4d4bcaeb16c0bf878b59a1500c4974ef4502
Size

1.5MB
MD5

8b891d9985adf40603aafd8ed3406c60
SHA1

b280e8787cae4164f508c502f46eee2230204c1e
SHA256

d0f05cd6957e1e93d1ca4154762b4d4bcaeb16c0bf878b59a1500c4974ef4502
SHA512

3aa8dd45435f4d98f273c7ab1094f3e9e10c131716f59a2c9584383c94756d577424067b51e34dc1e6dc875dfc4f45d7b47f2b297e59d4bb0860f1018d33cb79
SSDEEP

24576:KctgHZ7Vq6FWfL7imwgiYhiAHuK/B0SdQZH4l9tfrxSfFldFu8hod/QodlyGG:Kct4pq6QffYKhiAHueGefrxS7FadRdd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0f05cd6957e1e93d1ca4154762b4d4bcaeb16c0bf878b59a1500c4974ef4502

Files

d0f05cd6957e1e93d1ca4154762b4d4bcaeb16c0bf878b59a1500c4974ef4502
.exe windows:6 windows x86 arch:x86

5c8af47c25b30653d5754f904c5bcc75

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathGetDriveNumberW
StrCmpNIW
StrDupW
StrChrA
PathRelativePathToW
PathIsPrefixW
PathFindFileNameW
PathUnExpandEnvStringsW
PathIsRootW
PathCanonicalizeW
PathFindExtensionW
PathCommonPrefixW
PathCompactPathExW
PathRemoveExtensionW
StrFormatByteSizeW
PathStripPathW
PathRemoveBackslashW
StrRetToBufW
PathMatchSpecW
StrCatBuffW
PathUnquoteSpacesW
StrChrW
StrTrimW
SHAutoComplete
StrCpyNW
PathQuoteSpacesW
PathRenameExtensionW
PathIsDirectoryW
StrRChrW
PathAppendW
PathIsRelativeW
PathFileExistsW
PathAddBackslashW
PathRemoveFileSpecW
PathIsSameRootW

psapi

EnumProcessModules
GetModuleFileNameExW

user32

OpenClipboard
BeginDeferWindowPos
GetSubMenu
TrackPopupMenu
LoadAcceleratorsW
DeleteMenu
ShowOwnedPopups
CopyImage
MessageBoxW
EqualRect
IsWindowVisible
ShowWindowAsync
GetMessagePos
LoadMenuW
CharUpperW
GetKeyState
DefWindowProcW
GetMenuItemInfoW
DeferWindowPos
GetMessageW
SetTimer
CloseClipboard
SetMenuItemInfoW
EmptyClipboard
RegisterClassW
SetWindowPlacement
FrameRect
SetMenuDefaultItem
EnumWindows
GetMessageTime
IntersectRect
SetFocus
BringWindowToTop
TranslateAcceleratorW
GetWindowDC
EndDeferWindowPos
SetClipboardData
CheckMenuItem
IsZoomed
KillTimer
PostQuitMessage
GetSysColorBrush
EnableMenuItem
RegisterWindowMessageW
UpdateWindow
IsIconic
GetWindowThreadProcessId
DrawAnimatedRects
FindWindowExW
GetDC
MonitorFromRect
SetActiveWindow
LoadStringA
SetWindowTextW
LoadStringW
DdeCreateStringHandleW
DdeConnect
GetMonitorInfoW
OffsetRect
SetWindowCompositionAttribute
SystemParametersInfoW
SetPropW
RedrawWindow
SendMessageW
wsprintfW
GetSysColor
CharPrevW
GetWindowPlacement
GetSystemMetrics
DdeInitializeW
DdeUninitialize
DialogBoxIndirectParamW
DdeClientTransaction
SetLayeredWindowAttributes
CharUpperBuffW
SetRect
DdeFreeStringHandle
SetForegroundWindow
LoadImageW
ReleaseDC
GetPropW
RemovePropW
DispatchMessageW
PeekMessageW
TranslateMessage
GetWindowLongW
GetWindowTextLengthW
GetSystemMenu
AdjustWindowRectEx
PostMessageW
CheckMenuRadioItem
GetWindowRect
GetFocus
DestroyWindow
SetWindowPos
CheckRadioButton
MessageBoxExW
CreateWindowExW
EndDialog
MessageBeep
CreatePopupMenu
WindowFromPoint
DestroyCursor
ShowWindow
DestroyIcon
GetDlgCtrlID
SetDlgItemTextW
MapWindowPoints
GetDlgItemTextW
SendDlgItemMessageW
IsWindowEnabled
IsDlgButtonChecked
DestroyMenu
GetMenuStringW
CharNextW
LoadIconW
LoadCursorW
GetClassNameW
SetCapture
InsertMenuW
SetCursor
SetWindowLongW
TrackPopupMenuEx
GetComboBoxInfo
GetClientRect
GetDlgItem
AppendMenuW
CheckDlgButton
GetParent
ReleaseCapture
InvalidateRect
ChildWindowFromPoint
GetCursorPos
EnableWindow
GetWindowTextW
DdeDisconnect

kernel32

RaiseException
GetSystemInfo
VirtualQuery
GetModuleHandleW
LoadLibraryExA
EnterCriticalSection
LeaveCriticalSection
DecodePointer
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
WaitForSingleObjectEx
ReadConsoleW
GetConsoleMode
VirtualProtect
CompareStringOrdinal
FreeLibrary
LoadLibraryExW
ReadFile
lstrlenW
WriteFile
lstrcpynW
ExpandEnvironmentStringsW
GetModuleFileNameW
SetFilePointer
SetEndOfFile
UnlockFileEx
CreateFileW
GetSystemDirectoryW
MultiByteToWideChar
lstrcatW
CloseHandle
LockFileEx
GetFileSize
WideCharToMultiByte
lstrcpyW
lstrcmpiW
lstrcmpW
FlushFileBuffers
GetShortPathNameW
LocalAlloc
GetFileAttributesW
SetFileAttributesW
FormatMessageW
GetLastError
GetCurrentDirectoryW
LocalFree
WaitForSingleObject
CreateEventW
SetEvent
GlobalAlloc
GlobalFree
ResetEvent
SizeofResource
SearchPathW
GetLocaleInfoEx
FreeResource
OpenProcess
LockResource
LoadLibraryW
LoadResource
FindResourceW
GetWindowsDirectoryW
GetProcAddress
GlobalLock
GlobalUnlock
MulDiv
CreateDirectoryW
FindFirstFileW
GetCommandLineW
SetErrorMode
FindClose
GetUserPreferredUILanguages
FindFirstChangeNotificationW
GetVersion
ResolveLocaleName
GlobalSize
FileTimeToSystemTime
FindCloseChangeNotification
FileTimeToLocalFileTime
FindNextChangeNotification
SetCurrentDirectoryW
GetTimeFormatW
VerSetConditionMask
CopyFileW
VerifyVersionInfoW
GetDateFormatW
MapViewOfFile
CreateFileMappingW
LocaleNameToLCID
FindResourceExW
LCIDToLocaleName
UnmapViewOfFile
GetVersionExW
GetLocaleInfoW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
SetLastError
UnhandledExceptionFilter
GetConsoleOutputCP
HeapReAlloc
HeapSize
SetFilePointerEx
GetFileSizeEx
GetStringTypeW
SetStdHandle
OutputDebugStringW
SetConsoleCtrlHandler
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
CompareStringW
GetFileType
HeapAlloc
HeapFree
GetCurrentThread
GetStdHandle
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
WriteConsoleW

gdi32

GetStockObject
SetBkColor
ExtTextOutW
EnumFontsW
GetDeviceCaps
SetTextColor
GetObjectW
DeleteObject
CreateSolidBrush
CreateFontIndirectW

comdlg32

GetSaveFileNameW
ChooseColorW
GetOpenFileNameW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHGetFolderPathW
SHGetSpecialFolderPathW
ShellExecuteW
SHCreateDirectoryExW
SHFileOperationW
SHBrowseForFolderW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetPathFromIDListW
SHGetFileInfoW
SHGetDesktopFolder
ord180
SHAppBarMessage
DragQueryFileW
Shell_NotifyIconW
DragAcceptFiles
DragFinish
SHGetDataFromIDListW

ole32

OleUninitialize
CoCreateInstance
OleInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
DoDragDrop

ntdll

RtlGetNtVersionNumbers

comctl32

ImageList_AddMasked
InitCommonControlsEx
ord410
ord413
ImageList_Create
ImageList_Destroy
ord381
PropertySheetW

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 321KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c8af47c25b30653d5754f904c5bcc75

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

psapi

user32

kernel32

gdi32

comdlg32

advapi32

shell32

ole32

ntdll

comctl32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.data Size: 3KB - Virtual size: 27KB

.idata Size: 10KB - Virtual size: 10KB

.rsrc Size: 321KB - Virtual size: 320KB

.reloc Size: 20KB - Virtual size: 20KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 3KB - Virtual size: 27KB

.idata
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 321KB - Virtual size: 320KB

.reloc
Size: 20KB - Virtual size: 20KB