6f0fb31ac260019bfa1fbfeb1a4ae66a96faba02673951bb06de28c79e4bf29c

Sharing

Copy URL Twitter E-mail

General

Target

6f0fb31ac260019bfa1fbfeb1a4ae66a96faba02673951bb06de28c79e4bf29c
Size

6.8MB
MD5

36d19aca299799bf5b21620cd3d2f573
SHA1

2642eb53b910a4cfe1bfc66f87f7eb60f280c463
SHA256

6f0fb31ac260019bfa1fbfeb1a4ae66a96faba02673951bb06de28c79e4bf29c
SHA512

3fbd5e22359b11b92c6246ac9c586993d4ff675d2ea0c449feab855ea6c785d2590d2a1066c73a985bc186a58b3e35a070ebe0e3bf1422c29094c4ef8b0eb266
SSDEEP

196608:a6kFDATESTL31q7NISVK+LfVLvxUmdEKxsv6fMW1e7cmJcXFLOyomFHKnPI:9kFD0FTL31q7NISVK+zHdIvAMW1CcmJ8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f0fb31ac260019bfa1fbfeb1a4ae66a96faba02673951bb06de28c79e4bf29c

Files

6f0fb31ac260019bfa1fbfeb1a4ae66a96faba02673951bb06de28c79e4bf29c
.exe windows:5 windows x86 arch:x86

fb194e97536bcfca109276ae4e1822fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
GetACP
ExitProcess
GetStdHandle
GetFileType
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
GetConsoleMode
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
QueryPerformanceFrequency
RtlUnwind
OutputDebugStringW
SetFilePointerEx
ReadConsoleW
GetConsoleCP
GetTimeFormatW
GetDateFormatW
LCMapStringW
GetTimeZoneInformation
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
GetTempFileNameW
FindResourceExW
GetWindowsDirectoryW
SearchPathW
GetProfileIntW
GetTempPathW
GetTickCount
SetErrorMode
FindNextFileW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
VirtualProtect
lstrcmpiW
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
GlobalGetAtomNameW
GetFileSize
GetFileAttributesW
VerifyVersionInfoW
VerSetConditionMask
GetThreadLocale
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
LocalAlloc
CompareStringW
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
GlobalAddAtomW
ResumeThread
SetThreadPriority
SetEvent
CopyFileW
FormatMessageW
LocalFree
GlobalSize
GetCurrentProcessId
GlobalUnlock
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
LoadLibraryA
lstrcpyW
HeapFree
GlobalFree
FreeResource
MultiByteToWideChar
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryW
LoadLibraryExW
GetModuleHandleA
FreeLibrary
GetVersionExW
GetCurrentThreadId
GetCurrentThread
SetLastError
MulDiv
DeleteFileW
GetModuleFileNameW
WideCharToMultiByte
LockResource
LoadResource
SizeofResource
FindResourceW
Sleep
GetCurrentProcess
GetModuleHandleW
GetProcAddress
CloseHandle
CreateFileW
WaitForSingleObject
ReadFile
CreateEventW
WriteFile
OutputDebugStringA
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
HeapQueryInformation

user32

SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongW
EqualRect
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
IsDialogMessageW
GetClassNameW
InvalidateRect
SetCursor
ShowOwnedPopups
ValidateRect
GetKeyState
GetMessageW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
PtInRect
GetCursorPos
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
LockWindowUpdate
TabbedTextOutW
GrayStringW
DrawTextExW
CloseClipboard
RemoveMenu
AppendMenuW
InsertMenuW
DestroyMenu
EnableScrollBar
GetDoubleClickTime
UnregisterClassW
PeekMessageW
TranslateMessage
DispatchMessageW
MessageBoxA
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringW
GetLastActivePopup
GetWindowThreadProcessId
CopyRect
ReleaseDC
MapVirtualKeyW
GetKeyNameTextW
GetSubMenu
LoadMenuW
GetDesktopWindow
SetActiveWindow
IsWindowEnabled
SendDlgItemMessageA
SetRectEmpty
WaitMessage
SetCapture
ReleaseCapture
WindowFromPoint
LoadCursorW
CopyImage
SystemParametersInfoW
DeleteMenu
RealChildWindowFromPoint
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetActiveWindow
GetNextDlgTabItem
SetRect
IntersectRect
GetNextDlgGroupItem
MessageBeep
SetLayeredWindowAttributes
EnumDisplayMonitors
SetParent
MonitorFromPoint
GetMessagePos
EnableWindow
SendMessageW
MessageBoxW
SetTimer
SetWindowPos
SetWindowLongW
GetWindowLongW
GetDC
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
LoadBitmapW
wsprintfW
KillTimer
RedrawWindow
UpdateWindow
SetForegroundWindow
LoadIconW
PostMessageW
PostQuitMessage
SetWindowContextHelpId
GetParent
GetWindow
MapDialogRect
RegisterWindowMessageW
DrawEdge
DrawFrameControl
IsWindowVisible
GetFocus
DrawStateW
SetWindowRgn
GetWindowRect
MapWindowPoints
GetSysColor
GetSysColorBrush
DrawFocusRect
FillRect
InflateRect
OffsetRect
IsRectEmpty
DrawIconEx
IsWindow
DestroyWindow
GetIconInfo
CopyIcon
GetMenuItemInfoW
GetMenuDefaultItem
CreateDialogIndirectParamW
EndDialog
GetDlgItem
OpenClipboard
SetClipboardData
EmptyClipboard
DestroyIcon
LoadImageW
TrackMouseEvent
IsZoomed
CharUpperW
GetAsyncKeyState
GetSystemMenu
NotifyWinEvent
SetCursorPos
UnionRect
BringWindowToTop
DrawTextW
CreatePopupMenu
SetMenuDefaultItem
ModifyMenuW
DestroyAcceleratorTable
SetClassLongW
GetUpdateRect
UpdateLayeredWindow
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
GetWindowRgn
DestroyCursor
CreateMenu
InvertRect
HideCaret
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
PostThreadMessageW
IsClipboardFormatAvailable
FrameRect
CharUpperBuffW
SubtractRect
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
RegisterClipboardFormatW
ReuseDDElParam
UnpackDDElParam
GetWindowDC

gdi32

ExtTextOutW
CreatePolygonRgn
Polygon
Polyline
CopyMetaFileW
CreateDCW
BitBlt
CreateBitmap
CreatePen
CreatePatternBrush
DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectW
MoveToEx
PatBlt
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetRgnBox
CreateFontIndirectW
GetMapMode
SetRectRgn
DPtoLP
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
RealizePalette
SetPixel
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceW
GetTextExtentPoint32W
GetTextColor
GetBkColor
Ellipse
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
CreateEllipticRgn
CombineRgn
GetTextMetricsW
GetDeviceCaps
StretchBlt
CreateCompatibleDC
CreateFontW
CreateSolidBrush
TextOutW
SetBkColor
DeleteDC

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegCloseKey
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW

shell32

SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHAppBarMessage
SHGetFileInfoW
DragFinish
DragQueryFileW
ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW
PathFindFileNameW

uxtheme

GetThemeSysColor
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsAppThemed
DrawThemeText
DrawThemeParentBackground
GetWindowTheme
GetThemePartSize
IsThemeBackgroundPartiallyTransparent

ole32

CoDisconnectObject
DoDragDrop
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
CoRevokeClassObject
CoRegisterMessageFilter
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoInitializeEx
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
OleFlushClipboard
OleGetClipboard
OleIsCurrentClipboard

oleaut32

SysStringLen
OleCreateFontIndirect
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysAllocString
SystemTimeToVariantTime
VariantCopy
VarBstrFromDate
VariantTimeToSystemTime
SafeArrayDestroy
LoadTypeLi

oledlg

OleUIBusyW

gdiplus

GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipSetInterpolationMode
GdipGetImageHeight
GdiplusShutdown
GdiplusStartup
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawImageRectI
GdipLoadImageFromFile
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipCreateFont
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDeleteFont
GdipCreatePath
GdipDeletePath
GdipGetImageWidth
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipGetImageGraphicsContext
GdipCreateBitmapFromHBITMAP
GdipDrawString
GdipDeleteBrush
GdipCreateSolidFill
GdipGetPathWorldBounds
GdipGetFontStyle
GdipGetFontSize
GdipAddPathString
GdipGetFamily
GdipStringFormatGetGenericTypographic

setupapi

SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW

hid

HidD_GetAttributes
HidD_GetHidGuid

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

wininet

InternetOpenW
InternetCloseHandle
InternetConnectW
FtpGetFileW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 339KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb194e97536bcfca109276ae4e1822fd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

setupapi

hid

oleacc

wininet

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 339KB - Virtual size: 338KB

.data Size: 23KB - Virtual size: 43KB

.rsrc Size: 4.8MB - Virtual size: 4.8MB

.reloc Size: 140KB - Virtual size: 140KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 339KB - Virtual size: 338KB

.data
Size: 23KB - Virtual size: 43KB

.rsrc
Size: 4.8MB - Virtual size: 4.8MB

.reloc
Size: 140KB - Virtual size: 140KB