46fa10910307f935f34919035128af20b3b27455abfae8256e677c2471295a04

Sharing

Copy URL

Twitter E-mail

General

Target

46fa10910307f935f34919035128af20b3b27455abfae8256e677c2471295a04
Size

2.5MB
MD5

a028d0eb1abd036e0b9fe5393b2d0f0c
SHA1

2af21596bdf8827970edeb0233d7f27bbd71e927
SHA256

46fa10910307f935f34919035128af20b3b27455abfae8256e677c2471295a04
SHA512

8f4206fe4b8f3a309423c241eeab89add0a526e01e0591f3a51600a6eb0b88cd9ce31dff74501d628f34ad6d7f03e2f57e56c50d5f32b7c314a9c73024d7dc6c
SSDEEP

49152:WeRcsNEPIl5j9RJ5lFmoab5l7HcLCXH5bYkJ8L3BA:XrNEqvJ8VlDYk6i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46fa10910307f935f34919035128af20b3b27455abfae8256e677c2471295a04

Files

46fa10910307f935f34919035128af20b3b27455abfae8256e677c2471295a04
.exe windows:5 windows x64 arch:x64

47585bc8d2d654f8bc8bae4d67151544

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
CopyFileA
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GlobalFlags
GetACP
LocalAlloc
TlsGetValue
InitializeCriticalSection
TlsAlloc
GlobalReAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
DeleteCriticalSection
GetCPInfo
GetOEMCP
InitializeCriticalSectionAndSpinCount
FileTimeToSystemTime
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
GetWindowsDirectoryA
GetNumberFormatA
GetTempFileNameA
GetTempPathA
SearchPathA
GetTickCount
GetProfileIntA
Sleep
VirtualProtect
FindResourceExW
HeapFree
EncodePointer
DecodePointer
ExitProcess
HeapAlloc
VirtualAlloc
SetThreadStackGuarantee
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
GetCommandLineA
RtlLookupFunctionEntry
RtlUnwindEx
RaiseException
RtlPcToFileHeader
ExitThread
CreateThread
HeapReAlloc
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
HeapSetInformation
HeapCreate
SetHandleCount
GetStdHandle
GetStartupInfoW
GetConsoleCP
GetConsoleMode
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
IsValidCodePage
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeW
LCMapStringW
CompareStringW
WriteConsoleW
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
GlobalSize
FormatMessageA
LocalFree
lstrlenW
MulDiv
GetCurrentProcessId
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
lstrcmpA
GlobalAlloc
GetModuleHandleW
GetModuleFileNameW
ReleaseActCtx
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
GetModuleHandleA
FreeLibrary
GetProcAddress
CompareStringA
LoadLibraryW
LoadLibraryA
ActivateActCtx
DeactivateActCtx
SetLastError
lstrcmpW
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
FreeResource
lstrcmpiA
GetVersion
GetFileInformationByHandle
GetDriveTypeA
FindFirstFileExA
GetCurrentDirectoryW
SetFileTime
WriteFile
CreateDirectoryA
GetFileAttributesA
LocalFileTimeToFileTime
lstrcatA
lstrcpyA
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
CloseHandle
SetFilePointer
CreateFileA
GetLastError
lstrlenA
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetModuleFileNameA
GetCurrentProcess
DeleteFileA
GetDriveTypeW

user32

TranslateAcceleratorA
BringWindowToTop
InsertMenuItemA
LoadAcceleratorsA
DestroyIcon
LoadImageA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
MonitorFromPoint
GetSystemMenu
IsMenu
IsRectEmpty
LockWindowUpdate
EnumChildWindows
RegisterClipboardFormatA
DrawStateA
CopyImage
LoadImageW
GetMenuDefaultItem
InvertRect
DrawFocusRect
HideCaret
EnableScrollBar
GetIconInfo
GetNextDlgGroupItem
DrawIconEx
DrawEdge
DrawFrameControl
SetRect
SetCursorPos
UnionRect
UpdateLayeredWindow
SetMenuDefaultItem
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
IsClipboardFormatAvailable
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
FrameRect
GetUpdateRect
CharUpperBuffA
CopyIcon
SubtractRect
CreateMenu
GetDoubleClickTime
MapDialogRect
GetWindowRgn
DestroyCursor
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
LoadCursorW
SetWindowLongPtrA
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
SetClassLongPtrA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetAsyncKeyState
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
GetWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
EnableWindow
LoadIconW
WindowFromPoint
SetCapture
SendMessageA
GetSystemMetrics
GetWindowRect
OffsetRect
GetDC
RealChildWindowFromPoint
IntersectRect
CharUpperA
DestroyMenu
GetMenuItemInfoA
InflateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
GetSysColorBrush
DrawTextA
TabbedTextOutA
FillRect
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
GetWindowThreadProcessId
ShowOwnedPopups
GetMessageA
TranslateMessage
ValidateRect
SetParent
CreatePopupMenu
NotifyWinEvent
SetWindowRgn
CreateAcceleratorTableA
LoadAcceleratorsW
PeekMessageA
DestroyAcceleratorTable
SystemParametersInfoA
MessageBeep
RedrawWindow
IsZoomed
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyA
ToAsciiEx
CopyAcceleratorTableA
PostThreadMessageA
wsprintfA
LoadCursorA
SetCursor
ReleaseDC
GetDesktopWindow
GetCursorPos
GetSubMenu
LoadMenuW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
IsWindowVisible
DrawIcon
GetClientRect
IsIconic
EnumDisplayMonitors
SetLayeredWindowAttributes
SetRectEmpty
KillTimer
SetTimer
InvalidateRect
DeleteMenu
WaitMessage
PostMessageA
ReleaseCapture
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
GetWindowLongPtrA

gdi32

SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
DeleteDC
SelectClipRgn
CreateCompatibleBitmap
BitBlt
DeleteObject
GetObjectA
CreateDIBSection
SelectObject
Rectangle
ExcludeClipRect
GetClipBox
SetMapMode
CreateCompatibleDC
SetPixelV
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
GetDeviceCaps
CreateBitmap
SetTextColor
GetTextFaceA
SetPaletteEntries
ExtFloodFill
GetViewportOrgEx
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
LPtoDP
GetWindowOrgEx
EnumFontFamiliesExA
Polygon
Ellipse
Polyline
CreateEllipticRgn
CreatePolygonRgn
GetSystemPaletteEntries
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
GetBkColor
SetPixel
StretchBlt
RealizePalette
GetDIBits
SetDIBColorTable
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetTextColor
CreateRoundRectRgn
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectA
GetTextExtentPoint32A
CreateRectRgnIndirect
SetRectRgn
CombineRgn
PatBlt
DPtoLP
GetTextMetricsA
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
OffsetRgn
GetRgnBox
SetBkColor

shell32

SHAppBarMessage
DragQueryFileA
DragFinish
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFileInfoA
ShellExecuteA
SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA

oleaut32

SysFreeString
SysStringLen
SysAllocString
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA

gdiplus

GdipCreateFromHDC
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdiplusShutdown
GdipSetInterpolationMode
GdipDrawImageRectI
GdiplusStartup
GdipDrawImageI

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA

advapi32

CryptReleaseContext
CryptImportKey
CryptDestroyKey
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptGenRandom
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
CryptEncrypt

ole32

ReleaseStgMedium
CoCreateGuid
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleGetClipboard
DoDragDrop
OleLockRunning
CreateStreamOnHGlobal
CoInitialize
CoInitializeEx
CoCreateInstance
CoUninitialize
OleDuplicateData
CoTaskMemAlloc

wldap32

ord30
ord46
ord41
ord27
ord301
ord33
ord79
ord35
ord32
ord200
ord143
ord26
ord50
ord60
ord211
ord22

ws2_32

htons
bind
ntohs
getsockname
setsockopt
WSAIoctl
send
recv
select
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup
getsockopt
getpeername
closesocket
socket
connect
freeaddrinfo
getaddrinfo
sendto
recvfrom
accept
listen
ioctlsocket
gethostname
htonl
ntohl

crypt32

CertFreeCertificateContext

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 590KB - Virtual size: 590KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

47585bc8d2d654f8bc8bae4d67151544

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

oleaut32

msimg32

comctl32

shlwapi

gdiplus

oleacc

imm32

winmm

winspool.drv

comdlg32

advapi32

ole32

wldap32

ws2_32

crypt32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 590KB - Virtual size: 590KB

.data Size: 33KB - Virtual size: 82KB

.pdata Size: 89KB - Virtual size: 89KB

text Size: 3KB - Virtual size: 2KB

data Size: 2KB - Virtual size: 1KB

.rsrc Size: 17KB - Virtual size: 17KB

.reloc Size: 78KB - Virtual size: 77KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 590KB - Virtual size: 590KB

.data
Size: 33KB - Virtual size: 82KB

.pdata
Size: 89KB - Virtual size: 89KB

text
Size: 3KB - Virtual size: 2KB

data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 17KB - Virtual size: 17KB

.reloc
Size: 78KB - Virtual size: 77KB