a242a7bdb2f0cc7424fd26e962f708914dbdb470372c2d8350b6afde004ea42c

Sharing

Copy URL Twitter E-mail

General

Target

a242a7bdb2f0cc7424fd26e962f708914dbdb470372c2d8350b6afde004ea42c
Size

3.1MB
MD5

5b01dac4646ac393aec3cd0c87215398
SHA1

37484a807a4b14b9305981d96187e8781c58920c
SHA256

a242a7bdb2f0cc7424fd26e962f708914dbdb470372c2d8350b6afde004ea42c
SHA512

a2914c1421604cbeaa687936d965f473ffc1663299a7abbcb7be20e12b2ca54fff35705cb857d537a5e23bb878b1317529208736ba23bcfb80df917e61196906
SSDEEP

98304:hfqQNKFduPJuO5O2sbmxRh4IZWGXQzetHrFr/WJ5Wxc7CssBZ:hfqRdGuO5LZ7cYCSxc7Css

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a242a7bdb2f0cc7424fd26e962f708914dbdb470372c2d8350b6afde004ea42c

Files

a242a7bdb2f0cc7424fd26e962f708914dbdb470372c2d8350b6afde004ea42c
.exe windows:5 windows x86 arch:x86

8c705b6c6b961c66045cb500c824602f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringA
LockResource
ReleaseMutex
GetCurrentProcess
GetCurrentThread
Sleep
GetVersionExW
GetModuleFileNameA
SystemTimeToFileTime
GetTickCount
GetLocalTime
GetCurrentProcessId
GlobalLock
GetLogicalDrives
GetDriveTypeA
GlobalAlloc
CopyFileW
GlobalUnlock
GetTempPathW
GlobalFree
GetDriveTypeW
GetCurrentDirectoryW
PeekNamedPipe
GetFileInformationByHandle
SizeofResource
GetEnvironmentVariableW
ReadConsoleW
ReadConsoleA
SetConsoleMode
GlobalMemoryStatus
ConvertThreadToFiber
ConvertFiberToThread
FindFirstFileW
FindNextFileW
GetVersion
CreateFiber
SwitchToFiber
DeleteFiber
GetSystemTime
GetThreadContext
SetThreadContext
GetThreadPriority
InterlockedExchangeAdd
InterlockedCompareExchange
WideCharToMultiByte
LoadResource
FindFirstFileExA
EnterCriticalSection
CloseHandle
DeleteFileW
CreateThread
CreateFileA
GetSystemDirectoryA
GlobalMemoryStatusEx
DeviceIoControl
WaitForSingleObject
SetEvent
CreateEventA
FormatMessageA
GetModuleFileNameW
ProcessIdToSessionId
InterlockedExchange
GetPrivateProfileIntA
WritePrivateProfileStringA
SetFilePointer
SetFileTime
WriteFile
GetFileAttributesA
ReadFile
CreateDirectoryA
GetCurrentDirectoryA
LocalFileTimeToFileTime
GetProcAddress
LoadLibraryA
lstrlenA
MultiByteToWideChar
SetLastError
GetLastError
MulDiv
lstrlenW
LocalFree
GlobalSize
CopyFileA
FreeLibrary
GetModuleHandleW
lstrcmpA
DeactivateActCtx
ActivateActCtx
CompareStringA
LoadLibraryExA
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThreadId
GlobalDeleteAtom
GetModuleHandleA
GlobalAddAtomA
FreeResource
FindResourceA
SetThreadPriority
ResumeThread
CreateActCtxW
ReleaseActCtx
InterlockedDecrement
lstrcmpW
LoadLibraryW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
FindResourceW
LeaveCriticalSection
GetVersionExA
GlobalFindAtomA
GlobalGetAtomNameA
GetThreadLocale
FileTimeToSystemTime
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GlobalFlags
GetSystemDirectoryW
lstrcpyA
DeleteFileA
lstrcmpiA
MoveFileA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetACP
GetCPInfo
GetOEMCP
SetErrorMode
GetTempFileNameA
GetTempPathA
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
GetProfileIntA
SearchPathA
GetWindowsDirectoryA
GetNumberFormatA
VirtualProtect
FindResourceExW
EncodePointer
DecodePointer
GetFileAttributesW
GetSystemTimeAsFileTime
ExitProcess
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapReAlloc
RtlUnwind
RaiseException
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
SetConsoleCtrlHandler
GetStdHandle
IsValidCodePage
LCMapStringW
GetConsoleCP
GetConsoleMode
SetHandleCount
HeapCreate
HeapDestroy
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeW
CompareStringW
CreateFileW
WriteConsoleW
SetEnvironmentVariableA
GetProcessHeap

user32

CopyImage
UnregisterClassA
GetNextDlgGroupItem
InvalidateRgn
SetRect
CopyAcceleratorTableA
CharNextA
GetMenuDefaultItem
SetMenuDefaultItem
GetMenuItemInfoA
CreatePopupMenu
IsMenu
DestroyMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsRectEmpty
IsZoomed
GetAsyncKeyState
NotifyWinEvent
MessageBeep
SetWindowRgn
GetSystemMenu
LoadMenuW
IntersectRect
OffsetRect
InflateRect
CharUpperA
DestroyIcon
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoA
SetRectEmpty
DeleteMenu
RealChildWindowFromPoint
LoadCursorA
GetSysColorBrush
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
SetParent
GetClassLongA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
UnpackDDElParam
OpenClipboard
SetClipboardData
EndDeferWindowPos
GetTopWindow
GetSubMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
AppendMenuA
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
CloseClipboard
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
DestroyAcceleratorTable
SetClassLongA
DrawIconEx
ReuseDDElParam
DrawEdge
DrawFrameControl
DrawFocusRect
ToAsciiEx
MapVirtualKeyA
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
BringWindowToTop
LockWindowUpdate
CallWindowProcA
GetMenu
SetWindowLongA
CopyRect
GetClassNameA
InvalidateRect
UpdateWindow
DrawStateA
GetSysColor
EndPaint
BeginPaint
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadImageA
LoadMenuA
GetCapture
GetMenuStringA
GetMenuState
CheckMenuItem
EnableMenuItem
ModifyMenuA
GetParent
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
PostQuitMessage
PostMessageA
SetCursor
ShowOwnedPopups
MessageBoxA
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
MessageBoxW
GetProcessWindowStation
GetUserObjectInformationW
GetWindowThreadProcessId
RemoveMenu
PtInRect
GetWindowRect
ClientToScreen
ScreenToClient
IsWindow
CallNextHookEx
GetCursorPos
UnhookWindowsHookEx
SetWindowsHookExA
SetWindowPos
MapDialogRect
SetWindowContextHelpId
GetWindow
ValidateRect
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
RegisterWindowMessageA
EndDialog
GetNextDlgTabItem
GetDlgItem
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
GetDesktopWindow
FillRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowDC
EmptyClipboard
LoadImageW
RegisterClipboardFormatA
FrameRect
CopyIcon
CharUpperBuffA
PostThreadMessageA
InvertRect
HideCaret
GetIconInfo
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
SubtractRect
DestroyCursor
GetWindowRgn
SetCursorPos
EnableWindow
GetSystemMetrics
LoadIconW
SendMessageA
GetClientRect
DrawIcon
KillTimer
IsIconic
SetTimer
ReleaseDC
GetDC
wsprintfA
TrackPopupMenu
mouse_event

gdi32

SetPixelV
GetTextFaceA
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
EnumFontFamiliesExA
SetPaletteEntries
ExtFloodFill
GetSystemPaletteEntries
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Rectangle
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
Polygon
Ellipse
Polyline
CreateEllipticRgn
CreatePolygonRgn
DPtoLP
PatBlt
GetMapMode
CombineRgn
SetRectRgn
GetTextExtentPoint32A
GetRgnBox
GetTextColor
GetBkColor
CreateDIBSection
CreateRoundRectRgn
GetTextCharsetInfo
EnumFontFamiliesA
GetTextMetricsA
CreateRectRgnIndirect
CreateCompatibleBitmap
CreateFontIndirectA
CreateDIBitmap
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
CreateCompatibleDC
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateBitmap
CopyMetaFileA
DeleteDC
GetDeviceCaps
GetDIBits
CreateDCA
RealizePalette
SelectPalette
GetObjectA
GetStockObject

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
OpenProcessToken
OpenThreadToken
LookupPrivilegeValueA
AdjustTokenPrivileges
CryptGenRandom
CryptDecrypt
CryptCreateHash
CryptSetHashParam
CryptSignHashW
CryptDestroyHash
CryptExportKey
CryptGetUserKey
CryptAcquireContextW
CryptGetProvParam
CryptDestroyKey
CryptReleaseContext
CryptEnumProvidersW
RegisterEventSourceW
ReportEventW
DeregisterEventSource
OpenServiceA
CloseServiceHandle
EnumServicesStatusA
RegDeleteKeyA
StartServiceA
ChangeServiceConfigA
OpenSCManagerA
QueryServiceConfigA
ControlService
RegCloseKey
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA

shell32

SHGetMalloc
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
SHAppBarMessage
DragQueryFileA
DragFinish
SHGetFileInfoA
SHCreateItemFromParsingName

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA

ole32

CoRegisterMessageFilter
CoRevokeClassObject
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CoInitializeEx
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CLSIDFromString
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoInitialize
CreateStreamOnHGlobal
CLSIDFromProgID
RevokeDragDrop
CoUninitialize
CoCreateInstance
CoGetClassObject

oleaut32

VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysAllocStringByteLen
SysAllocString
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VarBstrFromDate
OleCreateFontIndirect
SafeArrayDestroy
SysFreeString

oledlg

ord8

gdiplus

GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCreateBitmapFromStream
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDeleteGraphics
GdiplusStartup
GdipCloneImage
GdipSaveImageToFile
GdipGetImageEncoders
GdipDisposeImage
GdipGetImageEncodersSize
GdipAlloc
GdipFree
GdipDrawImageRectI
GdiplusShutdown
GdipLoadImageFromStream

ws2_32

send
WSASetLastError
recv
WSAGetLastError
ioctlsocket
setsockopt
closesocket
gethostbyname
inet_addr
WSAStartup
recvfrom
WSAEnumNetworkEvents
htons
WSAEventSelect
ntohs
sendto
WSACleanup
socket
WSACreateEvent
WSAWaitForMultipleEvents
ntohl
htonl

wtsapi32

WTSQueryUserToken
WTSFreeMemory

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

crypt32

CertGetCertificateContextProperty
CertOpenStore
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertDuplicateCertificateContext
CertFreeCertificateContext

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 599KB - Virtual size: 598KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ctors
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dtors
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c705b6c6b961c66045cb500c824602f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

ws2_32

wtsapi32

oleacc

imm32

winmm

crypt32

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 599KB - Virtual size: 598KB

.data Size: 60KB - Virtual size: 107KB

.ctors Size: 512B - Virtual size: 4B

.dtors Size: 512B - Virtual size: 4B

.rsrc Size: 20KB - Virtual size: 20KB

.reloc Size: 228KB - Virtual size: 228KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 599KB - Virtual size: 598KB

.data
Size: 60KB - Virtual size: 107KB

.ctors
Size: 512B - Virtual size: 4B

.dtors
Size: 512B - Virtual size: 4B

.rsrc
Size: 20KB - Virtual size: 20KB

.reloc
Size: 228KB - Virtual size: 228KB