4272c25032e511fa28bb0481f9ed9c56

Sharing

Copy URL Twitter E-mail

General

Target

4272c25032e511fa28bb0481f9ed9c56
Size

778KB
MD5

4272c25032e511fa28bb0481f9ed9c56
SHA1

ad2701db6b59068e90a7d644ef27b739c5e8c148
SHA256

67575265dfd4a777d6d0167c17f257d6d1b85461a117ad20085475e1377144fc
SHA512

ab41eb3cfab03379235addb2053db9bdaadf8b70881a576dbd3cde88311a880efd8215eb3f5805af21cfbf3d0828a078ec3e74727d1b544373d5dd402942d925
SSDEEP

12288:v0gtnZdfzcKl0wqcuZiT2IPnl0HAqmVbwDpqHvQde0w/s:DtnXzZ2IPnmHU5rPEys

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4272c25032e511fa28bb0481f9ed9c56

Files

4272c25032e511fa28bb0481f9ed9c56
.exe windows:4 windows x86 arch:x86

8a8840f05928b1c150332ee4b8678268

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wpcap

pcap_dump_open
pcap_lookupdev
pcap_dump_close
pcap_close
pcap_open_live
pcap_setbuff
pcap_lookupnet
pcap_compile
pcap_freecode
pcap_setfilter
pcap_datalink
pcap_loop
pcap_dump
pcap_sendpacket

packet

PacketSetNumWrites
PacketSendPacket
PacketOpenAdapter
PacketAllocatePacket
PacketInitPacket
PacketFreePacket
PacketCloseAdapter

ws2_32

inet_addr
htonl
ntohl
htons
ntohs
WSAStartup
WSACleanup
closesocket
recvfrom
sendto
bind
WSAGetLastError
setsockopt
socket
select
recv
connect
gethostbyname

iphlpapi

GetBestRoute
CreateIpNetEntry
GetIpNetTable
GetBestInterface
GetPerAdapterInfo
DeleteIpNetEntry
GetAdaptersInfo

kernel32

DuplicateHandle
GetCurrentProcess
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
MoveFileA
FindClose
FindFirstFileA
GetVolumeInformationA
GetStringTypeExA
GetThreadLocale
GetShortPathNameA
DeleteCriticalSection
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetCurrentDirectoryA
GetFileSize
LocalFileTimeToFileTime
SystemTimeToFileTime
GetProcessVersion
GetCPInfo
GetOEMCP
GlobalSize
lstrlenW
CopyFileA
SetErrorMode
FindResourceExA
RtlUnwind
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
SetStdHandle
GetFileType
ExitThread
GetACP
HeapSize
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetProfileIntA
LocalAlloc
LocalLock
LocalUnlock
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFullPathNameA
GetTempFileNameA
GetFileAttributesA
FileTimeToSystemTime
MulDiv
SetLastError
lstrcatA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalAddAtomA
CreateEventA
SuspendThread
SetEvent
GlobalDeleteAtom
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
LockResource
FindResourceA
LoadResource
lstrcmpA
MultiByteToWideChar
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
GetWindowsDirectoryA
lstrcpynA
WideCharToMultiByte
SetThreadPriority
DeleteFileA
ResumeThread
LoadLibraryA
FileTimeToLocalFileTime
GetVersion
GetLastError
CreateMutexA
CloseHandle
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
TerminateThread
CreateThread
WaitForSingleObject
SetWaitableTimer
CreateWaitableTimerA
LocalFree
FormatMessageA
GetTickCount
FreeLibrary
GetProcAddress

user32

IsChild
GetTopWindow
SetScrollPos
GetScrollPos
SetScrollInfo
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
GetSysColor
MapWindowPoints
ClientToScreen
GetDC
BeginPaint
EndPaint
TabbedTextOutA
GrayStringA
wvsprintfA
GetTabbedTextExtentA
IsClipboardFormatAvailable
DestroyMenu
ReleaseCapture
PtInRect
SetCapture
InflateRect
IsRectEmpty
WindowFromPoint
CharUpperA
GetDesktopWindow
LoadStringA
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
IsZoomed
SetCursorPos
DestroyCursor
GetAsyncKeyState
GetClassNameA
InsertMenuA
DeleteMenu
GetMenuStringA
DestroyIcon
CharNextA
CopyAcceleratorTableA
GetNextDlgGroupItem
PostThreadMessageA
AppendMenuA
RemoveMenu
GetDCEx
LockWindowUpdate
FindWindowA
FillRect
SetParent
GetSystemMenu
InvertRect
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenuItemCount
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
RegisterWindowMessageA
OffsetRect
IntersectRect
IsIconic
GetWindowPlacement
GetWindowRect
RegisterClipboardFormatA
MapDialogRect
GetWindow
SetWindowContextHelpId
wsprintfA
SetFocus
ShowWindow
SetWindowPos
MoveWindow
GetDlgCtrlID
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
SetWindowsHookExA
GetLastActivePopup
MessageBoxA
ShowOwnedPopups
PostQuitMessage
GetNextDlgTabItem
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetDlgItem
IsWindowEnabled
SetMenuDefaultItem
SetForegroundWindow
TrackPopupMenu
GetMenuItemID
IsWindow
DrawTextA
GetWindowDC
ReleaseDC
LoadBitmapA
CopyRect
RedrawWindow
GetSysColorBrush
SetRect
LoadCursorA
CopyIcon
SetCursor
InvalidateRect
MessageBeep
GetClientRect
GetSystemMetrics
SetTimer
KillTimer
PostMessageA
LoadIconA
HideCaret
PeekMessageA
LoadMenuA
GetSubMenu
ShowCaret
SetCaretPos
DestroyCaret
DragDetect
CreateCaret
EnableScrollBar
EmptyClipboard
CreatePopupMenu
CloseWindow
UnionRect
IsMenu
DrawFrameControl
DrawIconEx
TrackPopupMenuEx
DefFrameProcA
TranslateMDISysAccel
DrawMenuBar
GetCursorPos
GetWindowLongA
SetWindowLongA
SendMessageA
SystemParametersInfoA
EnableWindow
UpdateWindow
GetMenu
UnregisterClassA
GetActiveWindow

gdi32

StretchDIBits
SetPixel
OffsetRgn
EnumFontFamiliesA
CreateCompatibleBitmap
SetBoundsRect
EnumFontFamiliesExA
CopyMetaFileA
CreateDCA
SetAbortProc
StartPage
EndPage
EndDoc
AbortDoc
LPtoDP
GetBkColor
GetTextColor
SetRectRgn
GetMapMode
GetTextExtentPoint32A
CreateRectRgnIndirect
PatBlt
GetCharWidthA
DPtoLP
GetTextMetricsA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreatePatternBrush
CreateSolidBrush
CreatePen
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
ExtSelectClipRgn
SetTextAlign
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
SelectObject
RestoreDC
SaveDC
StartDocA
DeleteDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
CreateCompatibleDC
BitBlt
CreateRectRgn
CombineRgn
DeleteObject
GetObjectA
GetStockObject
CreateFontA
CreateFontIndirectA
CreateDIBitmap

comdlg32

PrintDlgA
CommDlgExtendedError
GetFileTitleA
ReplaceTextA
FindTextA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumKeyA
RegQueryValueExA
RegQueryInfoKeyA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegQueryValueA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueA
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegEnumKeyExA

shell32

ShellExecuteA
DragFinish
DragQueryFileA
ExtractIconA
SHGetFileInfoA
Shell_NotifyIconA

comctl32

ord17
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
_TrackMouseEvent
ImageList_Destroy

oledlg

ord8

ole32

OleDuplicateData
CreateStreamOnHGlobal
CoRevokeClassObject
CoTaskMemAlloc
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
OleGetClipboard
ReleaseStgMedium
CoTaskMemFree
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter

olepro32

ord253

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysStringLen

wininet

HttpQueryInfoA
InternetErrorDlg
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetSetStatusCallback
InternetOpenA
InternetReadFile
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetCloseHandle

Sections

.text
Size: 504KB - Virtual size: 504KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 32KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8a8840f05928b1c150332ee4b8678268

Headers

File Characteristics

Imports

wpcap

packet

ws2_32

iphlpapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

Sections

.text Size: 504KB - Virtual size: 504KB

.rdata Size: 116KB - Virtual size: 116KB

.data Size: 32KB - Virtual size: 52KB

.rsrc Size: 116KB - Virtual size: 116KB

.aspack Size: 9KB - Virtual size: 12KB

.adata Size: - Virtual size: 4KB

.text
Size: 504KB - Virtual size: 504KB

.rdata
Size: 116KB - Virtual size: 116KB

.data
Size: 32KB - Virtual size: 52KB

.rsrc
Size: 116KB - Virtual size: 116KB

.aspack
Size: 9KB - Virtual size: 12KB

.adata
Size: - Virtual size: 4KB