752b5baf9f7014748494364980cd81a174ee20f9535e854e82111fd9fbd98fc4

Sharing

Copy URL Twitter E-mail

General

Target

752b5baf9f7014748494364980cd81a174ee20f9535e854e82111fd9fbd98fc4
Size

4.0MB
MD5

67b9aef403504c8e295f26d30722cfd0
SHA1

90736fa107f265202614fecc8830af9a67a2bd9e
SHA256

752b5baf9f7014748494364980cd81a174ee20f9535e854e82111fd9fbd98fc4
SHA512

1ae98bd05b390e90a95dfc01bebc6651b36cf2d6908d70a2b25f2c18e7715e82546a044c410052927cf6052dd88840ac8154ebef74abea6e0c24278ebf060ef2
SSDEEP

98304:XOS2ZUNcMhhaIDTSPCpKOGEKzVwu/gj+HkzMMrMIMMrMK4Mdv:eS2GiXb/gj+HkFndv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
752b5baf9f7014748494364980cd81a174ee20f9535e854e82111fd9fbd98fc4

Files

752b5baf9f7014748494364980cd81a174ee20f9535e854e82111fd9fbd98fc4
.dll windows:5 windows x86 arch:x86

f08c292d06e79df83a2ad3d0564262fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ImageList_AddMasked
ImageList_GetImageCount
ImageList_GetIcon
ImageList_Remove
ImageList_SetImageCount
ImageList_Replace
InitCommonControlsEx

kernel32

SizeofResource
LockResource
LoadResource
FindResourceW
GetConsoleWindow
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
InitializeCriticalSectionAndSpinCount
HeapDestroy
LeaveCriticalSection
RaiseException
GetLastError
HeapSize
EnterCriticalSection
DecodePointer
WinExec
lstrlenW
DeleteCriticalSection
GetSystemDefaultUILanguage
SetLastError
CreateThread
ExitThread
QueryPerformanceCounter
GetModuleFileNameW
ExpandEnvironmentStringsW
InitializeCriticalSection
WritePrivateProfileStringA
GetPrivateProfileStringA
MultiByteToWideChar
DeviceIoControl
ProcessIdToSessionId
GetUserDefaultLangID
SetCurrentDirectoryW
GetComputerNameExW
FindNextFileW
GetSystemDefaultLCID
FlushViewOfFile
OpenFileMappingW
GlobalMemoryStatusEx
CreatePipe
WaitForMultipleObjects
TryEnterCriticalSection
GetEnvironmentVariableW
PeekNamedPipe
WaitNamedPipeW
DisconnectNamedPipe
ConnectNamedPipe
CreateNamedPipeW
CreateDirectoryW
OpenMutexW
GetSystemTime
GetLocalTime
ResetEvent
OpenEventW
TerminateThread
GetExitCodeProcess
GetExitCodeThread
GetDiskFreeSpaceExW
CreateProcessW
GetCurrentProcessId
GetTickCount
CreateFileW
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
MoveFileExW
MulDiv
RtlUnwind
ExitProcess
GetModuleHandleExW
GetSystemInfo
VirtualAlloc
VirtualQuery
HeapQueryInformation
SetStdHandle
GetFileType
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetStdHandle
GetStartupInfoW
GetModuleFileNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
WriteConsoleW
SetEnvironmentVariableA
GetCommandLineA
SetFileAttributesW
GetFileSizeEx
FileTimeToLocalFileTime
GetProfileIntW
GetWindowsDirectoryW
GetFileTime
Sleep
SetFilePointer
WriteFile
CloseHandle
OutputDebugStringW
GetCurrentThreadId
OpenProcess
GetFileAttributesExW
GetCommandLineW
GetTempFileNameW
GetLongPathNameW
SearchPathW
FormatMessageW
LocalFree
CreateMutexW
WaitForSingleObject
GetTempPathW
IsDebuggerPresent
CreateFileMappingW
MapViewOfFile
ReleaseMutex
UnmapViewOfFile
LoadLibraryW
GetProcAddress
FreeLibrary
QueryPerformanceFrequency
GetUserDefaultUILanguage
GlobalDeleteAtom
GlobalAlloc
FreeResource
GlobalFree
LocalAlloc
GlobalAddAtomW
FindResourceExW
GetUserDefaultLCID
GlobalLock
GlobalUnlock
GlobalSize
CopyFileW
WideCharToMultiByte
OutputDebugStringA
EncodePointer
GetSystemDirectoryW
GetModuleHandleA
GetModuleHandleW
LoadLibraryExW
lstrcmpW
LoadLibraryA
GlobalFindAtomW
GetCurrentThread
GetVersionExW
lstrcmpA
CompareStringA
SetEvent
CreateEventW
SetThreadPriority
ResumeThread
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
VerSetConditionMask
lstrcpyW
VerifyVersionInfoW
VirtualProtect
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
SetErrorMode
GlobalGetAtomNameW
FileTimeToSystemTime
GetThreadLocale
GetFileAttributesW
GetFileSize
GetCurrentDirectoryW
CompareStringW
GetLocaleInfoW
GlobalFlags
DeleteFileW
lstrcmpiW
FindClose
FindFirstFileW
FlushFileBuffers
GetFullPathNameW
GetShortPathNameW
GetVolumeInformationW
LockFile
ReadFile
SetEndOfFile
UnlockFile
DuplicateHandle
GetCurrentProcess

user32

WaitMessage
PostThreadMessageW
ModifyMenuW
DeleteMenu
GetSystemMenu
CharUpperW
SetParent
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
CreatePopupMenu
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
RealChildWindowFromPoint
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetMenuItemInfoW
DestroyMenu
SetWindowRgn
DrawFrameControl
DrawEdge
EnumDisplayMonitors
GetSysColorBrush
SetLayeredWindowAttributes
MapVirtualKeyW
GetKeyNameTextW
GetAsyncKeyState
IntersectRect
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
MapDialogRect
SetWindowContextHelpId
GetWindowThreadProcessId
ShowOwnedPopups
TranslateMessage
GetMessageW
PostQuitMessage
SystemParametersInfoW
MessageBeep
IsZoomed
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetActiveWindow
GetNextDlgTabItem
EndDialog
IsWindow
ToUnicodeEx
GetKeyboardState
IsWindowVisible
PostMessageW
CreateDialogIndirectParamW
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetClassNameW
GetClassLongW
EqualRect
MessageBoxW
AdjustWindowRectEx
ShowScrollBar
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
RegisterClipboardFormatW
LockWindowUpdate
SetClassLongW
IsClipboardFormatAvailable
CharNextW
InvalidateRgn
SetCursorPos
GetDoubleClickTime
GetMenuDefaultItem
GetUpdateRect
FrameRect
GetComboBoxInfo
CharUpperBuffW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsCharLowerW
MapVirtualKeyExW
SubtractRect
KillTimer
SetWindowLongW
InvalidateRect
SetTimer
GetMessagePos
ScreenToClient
GetClientRect
PtInRect
SetCursor
GetSysColor
GetDC
GetWindowRect
GetParent
ReleaseDC
InflateRect
LoadCursorW
CopyIcon
SetRectEmpty
DrawFocusRect
DestroyCursor
UnregisterClassW
LoadIconW
RegisterWindowMessageW
GetKeyboardLayout
CreateMenu
GetWindowRgn
GetTopWindow
SetActiveWindow
GetDesktopWindow
SetWindowPos
IsIconic
GetSystemMetrics
SendMessageCallbackW
MsgWaitForMultipleObjects
AllowSetForegroundWindow
ExitWindowsEx
CloseDesktop
OpenDesktopW
SetThreadDesktop
GetThreadDesktop
SetProcessWindowStation
GetProcessWindowStation
CloseWindowStation
OpenWindowStationW
WaitForInputIdle
MsgWaitForMultipleObjectsEx
DrawIcon
RedrawWindow
EnumChildWindows
FlashWindowEx
SetForegroundWindow
UpdateWindow
LoadMenuW
GetCursorPos
ClientToScreen
SetMenuDefaultItem
GetSubMenu
RemovePropW
GetPropW
SetPropW
TrackMouseEvent
OffsetRect
DrawStateW
CopyRect
GetFocus
LoadBitmapW
EnableWindow
DestroyIcon
MapWindowPoints
SetRect
GetMenuStringW
GetMenuState
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
GetNextDlgGroupItem
SetCapture
ReleaseCapture
WindowFromPoint
FillRect
IsRectEmpty
GetWindowLongW
CopyImage
DrawIconEx
GetIconInfo
SendDlgItemMessageA
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
PeekMessageW
DispatchMessageW
IsDialogMessageW
GetWindow
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
IsWindowEnabled
SetFocus
GetDlgCtrlID
CheckDlgButton
SetDlgItemTextW
ShowWindow
MoveWindow
GetDlgItem
SendMessageW
LoadImageW

gdi32

GetBitmapDimensionEx
GetTextFaceW
SetPixelV
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
GetWindowOrgEx
GetViewportOrgEx
SetPaletteEntries
ExtFloodFill
GetSystemPaletteEntries
GetNearestPaletteIndex
LPtoDP
EnumFontFamiliesExW
GetPaletteEntries
CreatePalette
GetCurrentObject
OffsetRgn
GetRgnBox
CreateRoundRectRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
RealizePalette
GetDIBits
Polyline
Polygon
CreatePolygonRgn
GetTextColor
GetBkColor
Ellipse
CreateEllipticRgn
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
CreateCompatibleBitmap
DPtoLP
SetRectRgn
PatBlt
GetMapMode
CreateRectRgnIndirect
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
SetTextJustification
SetTextAlign
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
BitBlt
CreateBitmap
SetTextColor
SetBkColor
GetObjectType
CreateCompatibleDC
CreateDCW
CopyMetaFileW
CreateFontW
CreatePen
Rectangle
RoundRect
SelectObject
DeleteObject
GetDeviceCaps
GetTextMetricsW
CreateSolidBrush
DeleteDC
GetTextExtentPoint32W
CreateFontIndirectW
GetObjectW
GetStockObject

msimg32

GradientFill
TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

GetUserNameW
RegOpenKeyExW
RegQueryInfoKeyW
SetEntriesInAclW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
BackupEventLogW
CloseEventLog
OpenEventLogW
FreeSid
AllocateAndInitializeSid
CreateProcessAsUserW
ChangeServiceConfigW
QueryServiceConfigW
ControlService
StartServiceW
QueryServiceStatus
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegEnumKeyExW
CheckTokenMembership
OpenProcessToken
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW

shell32

SHGetFolderPathW
ShellExecuteW
CommandLineToArgvW
Shell_NotifyIconW
DragQueryFileW
DragFinish
SHAppBarMessage
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
ShellExecuteExW
SHGetFileInfoW
ExtractIconW
SHGetDesktopFolder
SHGetSpecialFolderPathW

shlwapi

PathIsFileSpecW
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
StrToIntW
PathFindExtensionW

uxtheme

GetWindowTheme
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeText
DrawThemeParentBackground
GetThemeSysColor
GetCurrentThemeName
GetThemeColor

ole32

RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleUninitialize
CoFreeUnusedLibraries
OleLockRunning
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitializeEx
OleDraw
CLSIDFromProgID
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CLSIDFromString
CoCreateInstance
CoRevokeClassObject
CoRegisterMessageFilter
OleInitialize
CoInitializeSecurity
CoSetProxyBlanket

oleaut32

SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
SysStringLen
LoadTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayUnaccessData
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
SysFreeString
SysAllocString
OleLoadPictureFile
OleSavePictureFile

oledlg

OleUIBusyW

gdiplus

GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipDrawImageI
GdipCreateBitmapFromStream
GdiplusStartup
GdiplusShutdown
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCreateFromHDC
GdipLoadImageFromStream
GdipCreateHBITMAPFromBitmap
GdipDrawImageRectI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipCreateBitmapFromStreamICM
GdipBitmapSetPixel
GdipBitmapGetPixel
GdipGraphicsClear
GdipGetImageHorizontalResolution
GdipGetImageVerticalResolution
GdipBitmapSetResolution
GdipCreateBitmapFromResource
GdipFree

psapi

GetModuleBaseNameW
EnumProcesses
GetModuleFileNameExW
EnumProcessModules

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

secur32

GetUserNameExW

Exports

Exports

CreateUIInstance
DestroyUIInstance

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 451KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f08c292d06e79df83a2ad3d0564262fd

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

psapi

oleacc

imm32

winmm

version

secur32

Exports

Exports

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 451KB - Virtual size: 451KB

.data Size: 34KB - Virtual size: 71KB

.rsrc Size: 1.7MB - Virtual size: 1.7MB

.reloc Size: 156KB - Virtual size: 155KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 451KB - Virtual size: 451KB

.data
Size: 34KB - Virtual size: 71KB

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

.reloc
Size: 156KB - Virtual size: 155KB