c04031c04883e0fbdf33d84554b0c0038c7b77198ef9ae632f1f8fcdca7b75f5

Sharing

Copy URL Twitter E-mail

General

Target

c04031c04883e0fbdf33d84554b0c0038c7b77198ef9ae632f1f8fcdca7b75f5
Size

4.0MB
MD5

8899e61473537dd42caeb8b26a9728c3
SHA1

908102ee7801ed33617e540d00640af8d6fb3a96
SHA256

c04031c04883e0fbdf33d84554b0c0038c7b77198ef9ae632f1f8fcdca7b75f5
SHA512

c18a91c1e867f37c0ec8f05b69df9649e2a7258c9b4c5d2b22bb2dab6ed77403c08fc95a3510c3127bbe5e9c438fbb8972512508ec4ee2070a276e967645dc6d
SSDEEP

98304:yshd8qv+ZP3A15xs4QuSnp9ueoElMP8l4nTFLOAkGkzdnEVomFHKnPP:rWdo580P8l4nTFLOyomFHKnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c04031c04883e0fbdf33d84554b0c0038c7b77198ef9ae632f1f8fcdca7b75f5

Files

c04031c04883e0fbdf33d84554b0c0038c7b77198ef9ae632f1f8fcdca7b75f5
.exe windows:6 windows x86 arch:x86

54f30524d0a0f791010ba1795d61ada8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libeay32

ord251
ord222

ssleay32

ord84
ord75
ord8
ord183
ord101
ord87
ord12
ord108
ord45
ord35
ord112
ord78
ord94
ord141
ord107
ord189
ord58
ord110
ord48
ord43

kernel32

IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
WriteConsoleW
HeapQueryInformation
GetCommandLineW
GetCommandLineA
SetFilePointerEx
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetFileType
CreateFileW
VirtualQuery
VirtualAlloc
GetSystemInfo
RtlUnwind
CompareStringEx
GetStringTypeW
GetLocaleInfoEx
LCMapStringEx
UnhandledExceptionFilter
QueryPerformanceFrequency
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
TryEnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
OutputDebugStringW
CreateEventW
WaitForSingleObjectEx
ResetEvent
TerminateProcess
GetUserDefaultLCID
GetTempFileNameA
GetWindowsDirectoryA
SearchPathA
GetProfileIntA
FindResourceExW
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
GetTempPathA
GetACP
GetCurrentDirectoryA
GetFileAttributesA
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalFlags
GetThreadLocale
lstrcmpiA
DuplicateHandle
GetVolumeInformationA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
SystemTimeToTzSpecificLocalTime
LocalAlloc
InitializeCriticalSectionAndSpinCount
FileTimeToSystemTime
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetVersionExA
ResumeThread
SuspendThread
SetThreadPriority
CreateEventA
SetEvent
CopyFileA
FormatMessageA
LocalFree
GlobalFree
GlobalSize
GlobalAlloc
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryExW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetSystemDirectoryW
SetLastError
EncodePointer
OutputDebugStringA
GlobalLock
GlobalUnlock
MulDiv
GetTickCount64
FreeLibrary
GetCurrentProcessId
GetProcAddress
LoadLibraryA
GetCurrentThread
CreateFileA
GetCurrentThreadId
GetCurrentProcess
CreateProcessA
CloseHandle
WaitForSingleObject
SetUnhandledExceptionFilter
SetThreadUILanguage
GetModuleFileNameA
GetTickCount
GetLocalTime
Sleep
WideCharToMultiByte
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
FindResourceW
LoadResource
RaiseException
HeapReAlloc
LockResource
GetLastError
MultiByteToWideChar
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
SizeofResource
SetStdHandle
ExitProcess
GetStdHandle
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW

user32

PostQuitMessage
DrawIconEx
IsRectEmpty
OffsetRect
DrawFocusRect
GetSysColorBrush
DrawStateA
DrawFrameControl
DrawEdge
GetActiveWindow
TranslateMessage
GetMessageA
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
AppendMenuA
InsertMenuA
GetMenuState
GetMenuStringA
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
ShowOwnedPopups
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
MessageBoxA
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetDoubleClickTime
GetIconInfo
CopyIcon
GetMenuDefaultItem
SetMenuDefaultItem
SetCursor
CreateDialogIndirectParamA
EndDialog
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ModifyMenuA
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
SetMenu
GetNextDlgTabItem
GetDesktopWindow
SetWindowContextHelpId
MapDialogRect
GetKeyNameTextA
MapVirtualKeyA
SetLayeredWindowAttributes
SetRectEmpty
LoadCursorA
LoadCursorW
EnumDisplayMonitors
DestroyMenu
GetMenuItemInfoA
CharUpperA
GetMenu
GetCapture
RealChildWindowFromPoint
CopyImage
GetAsyncKeyState
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DestroyIcon
LoadImageA
LoadImageW
SetParent
MonitorFromPoint
TrackMouseEvent
SetCapture
ReleaseCapture
GetSystemMenu
DeleteMenu
MessageBeep
NotifyWinEvent
SetCursorPos
SetRect
UnionRect
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
LoadIconA
EnableScrollBar
EnableWindow
InvalidateRect
GetParent
UnregisterClassA
GetClientRect
GetWindowLongA
MapWindowPoints
ClientToScreen
CopyRect
WindowFromPoint
GetDC
GetCursorPos
IsIconic
MessageBoxExA
IsZoomed
RemoveMenu
SystemParametersInfoA
DrawMenuBar
SendMessageA
LoadIconW
SetMenuItemInfoA
IsWindow
GetSubMenu
DrawIcon
GetSystemMetrics
FillRect
SetWindowRgn
IsWindowVisible
GetWindowRect
LoadMenuW
KillTimer
SetTimer
ReleaseDC
InflateRect
IntersectRect
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetWindowDC
BeginPaint
EndPaint
ScreenToClient
GetSysColor
RegisterWindowMessageA
DispatchMessageA
PeekMessageA
GetMessagePos
TranslateMDISysAccel
GetMessageTime
PostMessageA
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsMenu
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgItem
GetDlgCtrlID
SetFocus
DestroyAcceleratorTable
SetClassLongA
GetUpdateRect
WaitMessage
UpdateLayeredWindow
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
GetKeyboardLayout
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
SubtractRect
RegisterClipboardFormatA
CharUpperBuffA
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
FrameRect
IsClipboardFormatAvailable
PostThreadMessageA
IsCharLowerA
MapVirtualKeyExA
DefFrameProcA
DefMDIChildProcA
GetWindowRgn
DestroyCursor
InvertRect
HideCaret
CreateMenu
GetComboBoxInfo
ScrollWindow
GetFocus
GetKeyState

gdi32

CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
GetDeviceCaps
GetMapMode
PatBlt
SetBkColor
SetRectRgn
ExtTextOutA
DPtoLP
CreateHatchBrush
CreatePen
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutA
SetViewportExtEx
CreateFontIndirectA
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CopyMetaFileA
CreateDCA
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
GetTextExtentPoint32A
CreatePolygonRgn
Polygon
Polyline
GetTextMetricsA
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
RealizePalette
SetPixel
StretchBlt
Rectangle
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
EnumFontFamiliesExA
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceA
CreateBitmap
CombineRgn
GetStockObject
BitBlt
CreateCompatibleBitmap
CreateFontA
SelectObject
CreateDIBSection
SetDIBColorTable
CreateCompatibleDC
UpdateColors
CreateRoundRectRgn
DeleteDC
DeleteObject
CreateSolidBrush
FillRgn
SetViewportOrgEx
SetLayout
GetObjectA

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumKeyA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegCloseKey
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetDesktopFolder
SHGetFileInfoA
SHAppBarMessage
DragQueryFileA
DragFinish

comctl32

_TrackMouseEvent

shlwapi

PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
StrFormatKBSizeA
PathStripToRootA
PathIsUNCA
UrlUnescapeA

uxtheme

GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetWindowTheme
DrawThemeText
IsAppThemed
DrawThemeParentBackground
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CreateStreamOnHGlobal
CoDisconnectObject
CoInitializeEx
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
CoRevokeClassObject
CoRegisterMessageFilter

oleaut32

VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysAllocStringByteLen
SysStringLen
LoadTypeLi
SysAllocString
OleCreateFontIndirect
SafeArrayDestroy

gdiplus

GdipCreateBitmapFromStream
GdiplusStartup
GdiplusShutdown
GdipLoadImageFromFile
GdipGetImageHeight
GdipCreateBitmapFromFile
GdipLoadImageFromFileICM
GdipGetImagePaletteSize
GdipCreateBitmapFromHBITMAP
GdipBitmapUnlockBits
GdipAlloc
GdipSetInterpolationMode
GdipDrawImageRectI
GdipDisposeImage
GdipGetImagePixelFormat
GdipFree
GdipDrawImageI
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipCreateBitmapFromFileICM
GdipCreateFromHDC
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipGetImagePalette
GdipGetImageWidth
GdipCloneImage

oledlg

ord8

ws2_32

ioctlsocket
recvfrom
getsockopt
WSAGetLastError
setsockopt
WSACleanup
sendto
htons
gethostbyname
gethostname
inet_ntop
inet_ntoa
inet_pton
__WSAFDIsSet
accept
bind
closesocket
select
WSAStartup
send
socket
connect
recv

iphlpapi

GetAdaptersInfo

dbghelp

StackWalk64
SymInitialize
SymGetLineFromAddr64
SymGetModuleInfo64
SymGetModuleBase64
SymCleanup
SymGetSymFromAddr64
SymFunctionTableAccess64

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

wininet

HttpEndRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetSetStatusCallback
InternetGetLastResponseInfoA
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetConnectA
InternetCloseHandle
InternetOpenA
InternetCanonicalizeUrlA
InternetCrackUrlA
HttpSendRequestExA

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Exports

Exports

OPENSSL_Applink

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 437KB - Virtual size: 436KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54f30524d0a0f791010ba1795d61ada8

Headers

DLL Characteristics

File Characteristics

Imports

libeay32

ssleay32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oledlg

ws2_32

iphlpapi

dbghelp

oleacc

wininet

imm32

winmm

Exports

Exports

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 437KB - Virtual size: 436KB

.data Size: 34KB - Virtual size: 182KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 163KB - Virtual size: 163KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 437KB - Virtual size: 436KB

.data
Size: 34KB - Virtual size: 182KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 163KB - Virtual size: 163KB