49babf05953ce5dc66020e4c1f5fd407

Sharing

Copy URL Twitter E-mail

General

Target

49babf05953ce5dc66020e4c1f5fd407
Size

119KB
MD5

49babf05953ce5dc66020e4c1f5fd407
SHA1

9decd7550c5974cc085b9713dfa3aff0dc6fb120
SHA256

5686246417c055052984405e420813d1adb3d1e42ac1fe995f38f32aae5992c9
SHA512

dc0a876127eaf9e44cf140d9d41eada5b22339dd9c826f2694af4e626ebcf9b9a57ebbc2b7ced7091c2c0ec7206f369131cb727bd45a8fc2c4d0e639a818cec4
SSDEEP

3072:+GZcFOFLB7cfdc2CFyYr4vnWjFDrAmkq1Fq5C:+wcFfVCF6vWj9VkqLR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49babf05953ce5dc66020e4c1f5fd407

Files

49babf05953ce5dc66020e4c1f5fd407
.exe windows:5 windows x86 arch:x86

0ce9d497c1cdbcf4eb2cabe72e475fbc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

SetFileSecurityW
RegSetValueW
RegQueryValueW
RegCloseKey
RegCreateKeyW
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
GetFileSecurityW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW

user32

SetParent
CheckDlgButton
AdjustWindowRectEx
DrawEdge
GetMenuState
GetDlgItemInt
ScrollWindow
InflateRect
IsWindowEnabled
CheckRadioButton
CreateDialogIndirectParamW
SetMenu
SetScrollRange
InSendMessage
BeginPaint
GetTabbedTextExtentA
GetMenuItemCount
PtInRect
IsWindowVisible
MapWindowPoints
GetSysColorBrush
RegisterClassW
GetActiveWindow
FillRect
AppendMenuW
GetDialogBaseUnits
MapDialogRect
PostMessageW
SystemParametersInfoW
InvertRect
EndPaint
IsWindow
GetClassNameW
GetWindowRect
SetWindowsHookExW
GrayStringW
EndDeferWindowPos
RemoveMenu
DrawMenuBar
IsClipboardFormatAvailable
ShowOwnedPopups
SetPropW
DeferWindowPos
GetPropW
wvsprintfW
SetWindowPlacement
InvalidateRgn
SetRectEmpty
ReuseDDElParam
LoadCursorW
CreateWindowExW
GetDlgCtrlID
UnhookWindowsHookEx
PeekMessageW
BringWindowToTop
wsprintfW
PostQuitMessage
LoadIconW
UnpackDDElParam
DestroyMenu
DispatchMessageW
TrackPopupMenu
GetDC
GetMenu
GetCapture
GetKeyState
GetFocus
GetSysColor
ValidateRect
WindowFromDC
ClipCursor
RegisterWindowMessageW
ShowScrollBar
TranslateMessage
GetDlgItem
DestroyWindow
GetDlgItemTextW
IsChild
DefWindowProcW
CallWindowProcW
SetCursorPos
GetMenuStringW
DeleteMenu
UnionRect
ClientToScreen
ReleaseDC
IsDialogMessageW
ScrollWindowEx
EndDialog
LoadAcceleratorsW
TranslateAcceleratorW
MessageBoxA
CopyAcceleratorTableW
DestroyCursor
DestroyIcon
ModifyMenuW
MoveWindow
InsertMenuW
GetDesktopWindow
CopyRect
CountClipboardFormats
InvalidateRect
GetDCEx
CreateMenu
GetScrollInfo
DrawFocusRect
KillTimer
IsRectEmpty
DefMDIChildProcW
LoadMenuW
GetWindowLongW
SetRect
SetActiveWindow
GetAsyncKeyState
FindWindowW
LoadBitmapW
GetParent
RedrawWindow
GetMessageW
GetMenuItemID
EnableMenuItem
EnableWindow
MessageBoxW
RegisterClipboardFormatW
GetCursorPos
GetWindowPlacement
FrameRect
TabbedTextOutW
WindowFromPoint
GetMenuCheckMarkDimensions
SetCursor
MsgWaitForMultipleObjects
BeginDeferWindowPos
SetTimer
DrawTextW
GetWindowTextW
GetSystemMetrics
LockWindowUpdate
LoadStringW
UpdateWindow
ScreenToClient
GetMessageTime
GetWindowDC
SystemParametersInfoA
WaitMessage
SetWindowContextHelpId
SendMessageW
CharNextW
IntersectRect
GetWindowThreadProcessId
CheckMenuItem
GetForegroundWindow
GetWindow
RemovePropW
SetForegroundWindow
ShowWindow
SetScrollInfo
SetDlgItemTextW
GetSystemMenu
SetMenuItemBitmaps
MessageBeep
SetFocus
IsIconic
SetDlgItemInt
PostThreadMessageW
CallNextHookEx
GetScrollPos
GetNextDlgGroupItem
GetScrollRange
EqualRect
GetSubMenu
GetMessagePos
CharUpperW
WinHelpW
GetTopWindow
SendDlgItemMessageW
GetClassInfoW
DefFrameProcW
SetCapture
GetLastActivePopup
SetWindowPos
SendDlgItemMessageA
IsZoomed
TranslateMDISysAccel
EnumChildWindows
SetWindowTextW
SetWindowLongW
OffsetRect
GetTabbedTextExtentW
SetScrollPos
IsDlgButtonChecked
GetClientRect
GetNextDlgTabItem
UnregisterClassW
ReleaseCapture
GetWindowTextLengthW

kernel32

GlobalSize
FileTimeToLocalFileTime
FindClose
GetTickCount
GetThreadLocale
WaitForSingleObject
SystemTimeToFileTime
QueryPerformanceCounter
lstrcpyA
lstrcmpW
TlsFree
LocalFree
ResumeThread
GlobalLock
UnlockFile
CreateFileW
lstrcpynA
LocalUnlock
LoadLibraryA
WaitForMultipleObjects
LockFile
MulDiv
GlobalDeleteAtom
GetSystemDirectoryA
GetVersionExA
UnhandledExceptionFilter
WritePrivateProfileStringW
LocalReAlloc
MultiByteToWideChar
TlsGetValue
GetFullPathNameW
GlobalUnlock
FindNextFileW
LoadLibraryW
GetCurrentDirectoryW
GetFileSize
FindFirstFileW
LocalLock
VirtualQuery
SetErrorMode
GetTempPathW
GetSystemTimeAsFileTime
SetEvent
GlobalHandle
GetSystemInfo
GetVersionExW
GetProfileIntW
ReleaseMutex
TlsSetValue
FreeLibrary
TerminateProcess
GetCurrentProcess
LeaveCriticalSection
GetProcessVersion
IsDBCSLeadByte
GetModuleFileNameW
LoadLibraryExA
SetFilePointer
GetModuleHandleW
GetTempFileNameW
FindResourceExW
GetLastError
LockResource
lstrcmpiW
MoveFileW
SetLastError
ReadFile
CreateSemaphoreW
WideCharToMultiByte
GetCurrentProcessId
GetVersion
FormatMessageW
lstrcatW
lstrcpynW
InterlockedDecrement
GetCurrentThread
DeleteFileW
VirtualAlloc
lstrcmpA
GlobalFlags
GlobalFree
GetCurrentThreadId
ReleaseSemaphore
lstrlenA
CreateMutexW
SetFileTime
GetVolumeInformationW
EnterCriticalSection
LoadResource
SetEndOfFile
GetPrivateProfileIntW
SetFileAttributesW
OutputDebugStringW
CreateEventW
FreeResource
InitializeCriticalSection
TlsAlloc
GlobalGetAtomNameW
lstrcatA
GlobalReAlloc
GetShortPathNameW
FindResourceW
lstrcmpiA
SetUnhandledExceptionFilter
GetFileAttributesW
GlobalAlloc
lstrlenW
WriteFile
DelayLoadFailureHook
FlushFileBuffers
lstrcpyW
LocalFileTimeToFileTime
InterlockedCompareExchange
GetFileTime
InterlockedIncrement
FreeConsole
LocalAlloc
CopyFileW
GetUserDefaultLCID
GetProcAddress
GetDiskFreeSpaceW
DeleteCriticalSection
SizeofResource
DuplicateHandle
GetStringTypeExW
SetThreadPriority
CloseHandle
GlobalFindAtomW
Sleep
GlobalAddAtomW
VirtualProtect
SuspendThread
FileTimeToSystemTime
GetModuleHandleA
SearchPathW

ole32

OleCreateMenuDescriptor
RegisterDragDrop
OleSetClipboard
OleInitialize
OleSetMenuDescriptor
CreateFileMoniker
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CoCreateInstance
OleCreateFromFile
GetRunningObjectTable
CoInitialize
CoTreatAsClass
CoRevokeClassObject
OleQueryCreateFromData
WriteClassStm
StgCreateDocfile
StringFromCLSID
ReleaseStgMedium
CoRegisterClassObject
OleLoadFromStream
OleLockRunning
OleTranslateAccelerator
CoGetMalloc
OleDuplicateData
OleDestroyMenuDescriptor
OleSave
IsAccelerator
ReadClassStg
CoRegisterMessageFilter
CreateOleAdviseHolder
CreateBindCtx
GetClassFile
OleRegGetUserType
OleRegEnumVerbs
OleGetIconOfClass
StgIsStorageFile
CreateDataAdviseHolder
CreateGenericComposite
DoDragDrop
StgCreateDocfileOnILockBytes
OleRun
CoTaskMemFree
OleCreateFromData
CLSIDFromString
CoDisconnectObject
OleUninitialize
WriteClassStg
OleQueryLinkFromData
CreateItemMoniker
OleCreateLinkFromData
OleGetClipboard
CLSIDFromProgID
CoTaskMemAlloc
OleLoad
StgOpenStorageOnILockBytes
OleCreateStaticFromData
GetHGlobalFromILockBytes
CoLockObjectExternal
CreateDataCache
OleSaveToStream
SetConvertStg
OleCreateLinkToFile
CreateILockBytesOnHGlobal
OleRegGetMiscStatus
RevokeDragDrop
OleSetContainedObject
WriteFmtUserTypeStg
CoUninitialize
StgOpenStorage
ReadFmtUserTypeStg
OleIsRunning
ReadClassStm
CoGetClassObject
StringFromGUID2
OleIsCurrentClipboard
OleFlushClipboard
OleCreate

cmdial32

CmCustomHangUp
AutoDialFunc

gdi32

IntersectClipRect
CreateMetaFileW
SelectObject
SetPolyFillMode
CreatePalette
GetTextExtentPoint32W
SelectPalette
Rectangle
SetTextCharacterExtra
DPtoLP
PolylineTo
CreateFontW
GetObjectType
RestoreDC
OffsetRgn
CopyMetaFileW
OffsetViewportOrgEx
OffsetWindowOrgEx
SetTextJustification
CreatePen
PolyBezierTo
GetBkColor
UnrealizeObject
RectVisible
SetROP2
GetClipBox
AbortDoc
EnumFontFamiliesExW
CreateBitmap
GetCharWidthW
SetWindowOrgEx
ScaleWindowExtEx
CreateRectRgnIndirect
PlayMetaFileRecord
StartPage
SetBkMode
GetClipRgn
LPtoDP
GetPaletteEntries
TextOutW
GetBkMode
PolyDraw
GetNearestColor
SelectClipRgn
PlayMetaFile
EndDoc
SetTextColor
SetBkColor
CreatePatternBrush
CreateDIBPatternBrushPt
CreateCompatibleDC
ExtTextOutW
SetViewportExtEx
SetAbortProc
EndPage
StartDocW
CreateFontIndirectW
EnumFontFamiliesW
CombineRgn
CreateDCW
GetStretchBltMode
DeleteObject
EnumMetaFile
SetStretchBltMode
PatBlt
CreateHatchBrush
GetTextFaceW
RealizePalette
CloseMetaFile
ExtSelectClipRgn
GetCurrentPositionEx
ExtCreatePen
SetArcDirection
ExcludeClipRect
SetWindowExtEx
SetMapMode
StretchDIBits
SelectClipPath
SetColorAdjustment
GetMapMode
MoveToEx
DeleteDC
GetWindowOrgEx
ScaleViewportExtEx
GetWindowExtEx
GetTextMetricsW
SaveDC
SetMapperFlags
GetStockObject
LineTo
GetDeviceCaps
GetTextAlign
GetPolyFillMode
GetROP2
SetBrushOrgEx
BitBlt
DeleteMetaFile
PtVisible
SetViewportOrgEx
GetViewportOrgEx
CreateCompatibleBitmap
OffsetClipRgn
GetTextExtentPoint32A
SetTextAlign
GetPixel
CreateRectRgn
CreateSolidBrush
GetViewportExtEx
Escape
SetRectRgn
GetObjectW
ArcTo
GetTextColor

msvcrt

fflush
fseek
wcspbrk
_open_osfhandle
_msize
_except_handler3
_onexit
gmtime
fclose
iswspace
wcscpy
_adjust_fdiv
wcsftime
swprintf
time
_wtol
_snwprintf
_wcsrev
_wfullpath
__doserrno
wcstol
fwrite
_ltow
_wcsnicmp
_wsplitpath
fread
_endthreadex
wcslen
_itow
wcscmp
_wtoi
malloc
_ultow
wcsncmp
vswprintf
localtime
_wcsupr
modf
fgetws
wcschr
wcstoul
_initterm
realloc
free
_beginthreadex
abort
wcsspn
__dllonexit
wcscspn
_fdopen
__argc
_wcsdup
_wcslwr
calloc
wcsstr
_CxxThrowException
floor
wcsncpy
fputws
clearerr
iswdigit
wcsrchr
wcstod
_purecall
_get_osfhandle
_expand
memmove
__CxxFrameHandler
__wargv
mktime
ceil
ftell

activeds

DllGetClassObject
FreeADsMem

wininet

GopherCreateLocatorW
InternetCloseHandle
FtpFindFirstFileW
InternetSetCookieW
HttpQueryInfoW
InternetGetLastResponseInfoW
InternetSetFilePointer
InternetCanonicalizeUrlW
InternetWriteFile
InternetQueryOptionW
GopherOpenFileW
FtpRemoveDirectoryW
HttpEndRequestW
FtpGetCurrentDirectoryW
InternetCrackUrlW
InternetSetStatusCallbackW
FtpPutFileW
InternetQueryDataAvailable
FtpSetCurrentDirectoryW
HttpSendRequestExW
HttpOpenRequestW
FtpGetFileW
FtpCreateDirectoryW
HttpSendRequestW
GopherFindFirstFileW
InternetReadFile
FtpOpenFileW
InternetConnectW
InternetOpenUrlW
HttpAddRequestHeadersW
InternetGetCookieW
FtpDeleteFileW
InternetErrorDlg
InternetSetOptionExW
FtpRenameFileW
InternetFindNextFileW
InternetOpenW
GopherGetAttributeW

Sections

.text
Size: 512B - Virtual size: 460B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0ce9d497c1cdbcf4eb2cabe72e475fbc

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

kernel32

ole32

cmdial32

gdi32

msvcrt

activeds

wininet

Sections

.text Size: 512B - Virtual size: 460B

.idata Size: 17KB - Virtual size: 16KB

.rsrc Size: 15KB - Virtual size: 15KB

.data Size: - Virtual size: 80KB

.rdata Size: 85KB - Virtual size: 88KB

.text
Size: 512B - Virtual size: 460B

.idata
Size: 17KB - Virtual size: 16KB

.rsrc
Size: 15KB - Virtual size: 15KB

.data
Size: - Virtual size: 80KB

.rdata
Size: 85KB - Virtual size: 88KB