4f019d5ac2ea030efd216fee6e218c57

Sharing

Copy URL Twitter E-mail

General

Target

4f019d5ac2ea030efd216fee6e218c57
Size

57KB
MD5

4f019d5ac2ea030efd216fee6e218c57
SHA1

ac61ee26770189ba4f3ad2e873d35cac1f904516
SHA256

45450a1e367f3ba380b9fb3e858fe410ced2c2af3499c402fadd520f39f5aa1e
SHA512

92248189444b25364cd615535064ede030d5480ca7d3f0f6e49d01594882b176610d78aa5789a36ed7bf74ce2b00c2411cf809d5fc894dad017db32cc9872f48
SSDEEP

1536:+m93g4FPfDUfQCuSHqt26OGpRqCsw7pnd6noG:+1QPAQCuSKt2QY5WA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f019d5ac2ea030efd216fee6e218c57

Files

4f019d5ac2ea030efd216fee6e218c57
.exe windows:4 windows x86 arch:x86

dc31ebe68e53ab825014889a83271ff0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualAlloc
GlobalHandle
LoadLibraryA
LockResource
lstrlenW
InterlockedIncrement
GetVersionExW
FindResourceExW
GetPrivateProfileIntW
GetCurrentThread
lstrcmpiW
TlsSetValue
SetThreadPriority
LoadResource
ReleaseSemaphore
VirtualQuery
FreeLibrary
GetModuleHandleW
GlobalDeleteAtom
WriteFile
LocalFree
LeaveCriticalSection
ReleaseMutex
VirtualProtect
GlobalUnlock
SetEndOfFile
FindResourceW
GlobalAlloc
lstrlenA
MultiByteToWideChar
InterlockedDecrement
MoveFileW
FreeConsole
DuplicateHandle
SetFileTime
GetLastError
GlobalGetAtomNameW
GlobalFindAtomW
SetErrorMode
LocalFileTimeToFileTime
GetCurrentDirectoryW
GetVolumeInformationW
GetModuleHandleA
GetFileAttributesW
LockFile
GetSystemTimeAsFileTime
LocalAlloc
ResumeThread
GetProfileIntW
SetUnhandledExceptionFilter
GetFileSize
IsDBCSLeadByte
lstrcpynW
TlsAlloc
CreateSemaphoreW
FormatMessageW
QueryPerformanceCounter
GetTempFileNameW
InitializeCriticalSection
GetProcAddress
SetFileAttributesW
CreateMutexW
GetDiskFreeSpaceW
GetFullPathNameW
GetProcessVersion
UnlockFile
UnhandledExceptionFilter
FreeResource
InterlockedCompareExchange
lstrcpynA
GlobalFlags
CreateEventW
SizeofResource
SetFilePointer
TlsGetValue
DeleteFileW
FindClose
SetEvent
SearchPathW
GetPrivateProfileStringW
SuspendThread
WideCharToMultiByte
GetFileTime
DelayLoadFailureHook
LocalLock
LoadLibraryW
FindNextFileW
GetSystemDirectoryA
lstrcatA
GetCurrentProcessId
Sleep
GetModuleFileNameW
TlsFree
GetTickCount
GlobalFree
lstrcmpA
MulDiv
GlobalSize
GetStringTypeExW
LoadLibraryExA
LocalUnlock
FileTimeToLocalFileTime
DeleteCriticalSection
GetThreadLocale
GetShortPathNameW
TerminateProcess
GetVersionExA
EnterCriticalSection
GlobalAddAtomW
CopyFileW
SystemTimeToFileTime
WaitForMultipleObjects
lstrcpyA
WritePrivateProfileStringW
FlushFileBuffers
lstrcmpW
ReadFile
CloseHandle
GetTempPathW
FindFirstFileW
GlobalReAlloc
GetCurrentProcess
lstrcpyW
SetLastError
CreateFileW
WaitForSingleObject
FileTimeToSystemTime
GetCurrentThreadId
GlobalLock
OutputDebugStringW
GetSystemInfo
GetUserDefaultLCID
LocalReAlloc
GetVersion
lstrcmpiA

gdi32

StartPage
SetViewportOrgEx
PolylineTo
SetTextCharacterExtra
StretchDIBits
GetViewportExtEx
DeleteObject
GetBkMode
CreateFontW
SetPolyFillMode
CopyMetaFileW
RestoreDC
SetTextColor
ExtCreatePen
GetClipBox
SelectClipPath
CreateRectRgn
Escape
GetTextAlign
LineTo
GetTextExtentPoint32W
CreateDIBPatternBrushPt
OffsetRgn
CreateDCW
StartDocW
SetROP2
GetMapMode
SetBkMode
GetTextFaceW
CreatePatternBrush
GetPaletteEntries
TextOutW
GetTextColor
SetTextJustification
CreateCompatibleDC
ArcTo
EnumMetaFile
GetPixel
CreatePalette
GetPolyFillMode
RectVisible
PlayMetaFileRecord
DeleteDC
DeleteMetaFile
EnumFontFamiliesW
OffsetClipRgn
OffsetWindowOrgEx
SetMapperFlags
SetBrushOrgEx
PlayMetaFile
GetClipRgn
PtVisible
SetArcDirection
EndPage
IntersectClipRect
SetWindowExtEx
EndDoc
SetAbortProc
GetStretchBltMode
CreatePen
RealizePalette
SelectPalette
SetTextAlign
ScaleViewportExtEx
SaveDC
PolyDraw
CreateBitmap
GetWindowExtEx
DPtoLP
SetWindowOrgEx
MoveToEx
CreateFontIndirectW
PatBlt
SelectClipRgn
SetMapMode
UnrealizeObject
EnumFontFamiliesExW
GetStockObject
GetTextMetricsW
LPtoDP
OffsetViewportOrgEx
SelectObject
GetDeviceCaps
CreateMetaFileW
Rectangle
SetBkColor
SetStretchBltMode
GetROP2
GetObjectW
CreateRectRgnIndirect
GetTextExtentPoint32A
ExtSelectClipRgn
CreateHatchBrush
CloseMetaFile
AbortDoc
BitBlt
CreateSolidBrush
PolyBezierTo
CombineRgn
SetRectRgn
ScaleWindowExtEx
GetObjectType
SetViewportExtEx
SetColorAdjustment
GetWindowOrgEx
ExtTextOutW
GetViewportOrgEx
GetBkColor
GetCharWidthW
ExcludeClipRect
GetCurrentPositionEx
GetNearestColor
CreateCompatibleBitmap

advapi32

RegDeleteValueW
RegCloseKey
RegSetValueExW
RegEnumKeyW
GetFileSecurityW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueW
RegOpenKeyW
RegQueryValueW
SetFileSecurityW
RegCreateKeyW
RegQueryValueExW
RegOpenKeyExW

user32

ShowScrollBar
GetClassInfoW
DefMDIChildProcW
UnregisterClassW
CallNextHookEx
SetDlgItemTextW
GetSubMenu
SetActiveWindow
IsWindow
GetTopWindow
BeginDeferWindowPos
SetScrollPos
BringWindowToTop
GetDlgItemInt
LoadBitmapW
GetWindowTextLengthW
RegisterClassW
RegisterClipboardFormatW
WaitMessage
GetDlgItem
GetMessageW
SystemParametersInfoA
SetScrollRange
DrawFocusRect
RegisterWindowMessageW
GetMessageTime
ShowWindow
IsZoomed
TranslateMessage
InflateRect
SendDlgItemMessageW
KillTimer
GetMenuState
DeferWindowPos
GetClientRect
ModifyMenuW
PostThreadMessageW
GetActiveWindow
SetCursorPos
GetWindow
GetNextDlgTabItem
GetTabbedTextExtentA
CheckDlgButton
DestroyWindow
LoadAcceleratorsW
FillRect
GetParent
ShowOwnedPopups
LoadCursorW
GetMenuStringW
GetKeyState
IsDlgButtonChecked
IntersectRect
CountClipboardFormats
SetWindowsHookExW
LockWindowUpdate
InsertMenuW
EnableMenuItem
ReleaseDC
RedrawWindow
GetWindowPlacement
SetPropW
CharNextW
TrackPopupMenu
GetDC
GetScrollRange
IsRectEmpty
SetWindowContextHelpId
PostQuitMessage
CharUpperW
TranslateMDISysAccel
AdjustWindowRectEx
GetForegroundWindow
GetWindowDC
CreateDialogIndirectParamW
GetAsyncKeyState
RemovePropW
SystemParametersInfoW
FrameRect
LoadStringW
IsChild
GetScrollInfo
UnionRect
GetClassNameW
CallWindowProcW
InSendMessage
MapDialogRect
SetFocus
SetCursor
EqualRect
MapWindowPoints
wvsprintfW
CopyRect
CreateWindowExW
GetMenu
DestroyIcon
DrawEdge
GetCursorPos
MoveWindow
SetDlgItemInt
DestroyCursor
ValidateRect
MessageBoxW
IsDialogMessageW
GetDlgCtrlID
GetLastActivePopup
GetSysColor
GetWindowRect
SetScrollInfo
SetParent
SetRectEmpty
IsWindowVisible
UpdateWindow
EnableWindow
UnhookWindowsHookEx
InvertRect
WindowFromDC
MsgWaitForMultipleObjects
CreateMenu
GetPropW
CheckMenuItem
GetSystemMenu
SetMenuItemBitmaps
WindowFromPoint
PtInRect
GetMenuItemID
GetDesktopWindow
ReuseDDElParam
GetMessagePos
ScreenToClient
LoadIconW
GetWindowThreadProcessId
TranslateAcceleratorW
ClientToScreen
CopyAcceleratorTableW
InvalidateRgn
SetWindowPos
SetWindowPlacement
SetTimer
AppendMenuW
DefWindowProcW
GetScrollPos
SetCapture
OffsetRect
SetMenu
DispatchMessageW
DeleteMenu
SetForegroundWindow
GetNextDlgGroupItem
GetMenuItemCount
GetMenuCheckMarkDimensions
MessageBoxA
SetRect
DrawTextW
GetDlgItemTextW
GetSystemMetrics
TabbedTextOutW
DestroyMenu
IsIconic
ScrollWindowEx
FindWindowW
GetSysColorBrush
IsClipboardFormatAvailable
MessageBeep
WinHelpW
ScrollWindow
DrawMenuBar
PostMessageW
SendDlgItemMessageA
EndDeferWindowPos
CheckRadioButton
SendMessageW
LoadMenuW
GetFocus
wsprintfW
GetWindowTextW
GetWindowLongW
UnpackDDElParam
BeginPaint
ReleaseCapture
EndDialog
GrayStringW
EndPaint
GetDCEx
IsWindowEnabled
ClipCursor
DefFrameProcW
EnumChildWindows
GetDialogBaseUnits
SetWindowTextW
RemoveMenu
InvalidateRect
SetWindowLongW
PeekMessageW
GetTabbedTextExtentW
GetCapture

wininet

FtpGetCurrentDirectoryW
InternetSetFilePointer
InternetSetStatusCallbackW
FtpFindFirstFileW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetOpenUrlW
HttpEndRequestW
InternetQueryDataAvailable
InternetGetLastResponseInfoW
FtpRemoveDirectoryW
InternetErrorDlg
InternetFindNextFileW
InternetCrackUrlW
InternetGetCookieW
InternetCanonicalizeUrlW
FtpRenameFileW
InternetOpenW
InternetConnectW
GopherCreateLocatorW
FtpGetFileW
FtpOpenFileW
InternetQueryOptionW
InternetSetCookieW
GopherGetAttributeW
InternetSetOptionExW
HttpSendRequestExW
GopherOpenFileW
HttpQueryInfoW
HttpSendRequestW
InternetCloseHandle
FtpPutFileW
InternetReadFile
InternetWriteFile
FtpCreateDirectoryW
FtpDeleteFileW
FtpSetCurrentDirectoryW
GopherFindFirstFileW

msvcrt

_CxxThrowException
wcsncpy
ceil
localtime
fputws
gmtime
wcstol
wcsftime
fgetws
wcsstr
_wcslwr
wcscpy
_get_osfhandle
_wtol
vswprintf
floor
_wsplitpath
_except_handler3
time
wcstoul
fread
_endthreadex
_snwprintf
iswspace
mktime
_ltow
fclose
realloc
_wtoi
wcschr
__doserrno
iswdigit
modf
_expand
wcsspn
wcscmp
fseek
fflush
_wcsrev
__wargv
_wcsdup
memmove
_fdopen
calloc
_open_osfhandle
__argc
_adjust_fdiv
_beginthreadex
_purecall
wcstod
clearerr
__dllonexit
wcsrchr
_wcsupr
_ultow
fwrite
_initterm
wcsncmp
ftell
_msize
malloc
wcspbrk
abort
_onexit
_wfullpath
swprintf
free
wcslen
_wcsnicmp
wcscspn
__CxxFrameHandler
_itow

activeds

FreeADsMem

ole32

GetHGlobalFromILockBytes
OleCreateStaticFromData
CoTaskMemFree
OleCreate
CreateILockBytesOnHGlobal
OleCreateLinkFromData
ReadFmtUserTypeStg
StgOpenStorage
CoFreeUnusedLibraries
ReadClassStm
CoRevokeClassObject
OleSave
OleIsRunning
OleGetIconOfClass
CoLockObjectExternal
OleSaveToStream
IsAccelerator
OleFlushClipboard
OleQueryCreateFromData
StgIsStorageFile
CreateItemMoniker
OleSetClipboard
OleGetClipboard
CreateOleAdviseHolder
WriteClassStm
CoGetMalloc
StgCreateDocfileOnILockBytes
SetConvertStg
ReleaseStgMedium
StgCreateDocfile
DoDragDrop
OleCreateFromData
OleLoad
OleDuplicateData
WriteClassStg
CoRegisterMessageFilter
OleCreateFromFile
OleIsCurrentClipboard
OleRegEnumVerbs
RegisterDragDrop
OleLoadFromStream
OleTranslateAccelerator
CreateDataCache
CreateStreamOnHGlobal
CoDisconnectObject
CoGetClassObject
GetClassFile
OleQueryLinkFromData
CreateDataAdviseHolder
CoTaskMemAlloc
CreateGenericComposite
OleCreateLinkToFile
OleDestroyMenuDescriptor
CreateBindCtx
CoInitialize
StringFromGUID2
CoUninitialize
OleRegGetUserType
RevokeDragDrop
CreateFileMoniker
StgOpenStorageOnILockBytes
CoCreateInstance
CLSIDFromString
CoTreatAsClass
OleLockRunning
WriteFmtUserTypeStg
GetRunningObjectTable
OleSetMenuDescriptor
CLSIDFromProgID
ReadClassStg
OleSetContainedObject
StringFromCLSID
OleRegGetMiscStatus
OleCreateMenuDescriptor
OleInitialize
OleRun
OleUninitialize
CoRegisterClassObject

dciman32

DCIEnum

Sections

.textbss
Size: - Virtual size: 368KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc31ebe68e53ab825014889a83271ff0

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

user32

wininet

msvcrt

activeds

ole32

dciman32

Sections

.textbss Size: - Virtual size: 368KB

.text Size: 512B - Virtual size: 432B

.idata Size: 17KB - Virtual size: 16KB

.data Size: 38KB - Virtual size: 37KB

.rdata Size: 512B - Virtual size: 32B

.rsrc Size: 1KB - Virtual size: 1KB

.textbss
Size: - Virtual size: 368KB

.text
Size: 512B - Virtual size: 432B

.idata
Size: 17KB - Virtual size: 16KB

.data
Size: 38KB - Virtual size: 37KB

.rdata
Size: 512B - Virtual size: 32B

.rsrc
Size: 1KB - Virtual size: 1KB