2516df70a1bb0c71575db8ad38d4f449ca5fdae73d8165ac4e9bf903da95083b

Sharing

Copy URL

Twitter E-mail

General

Target

2516df70a1bb0c71575db8ad38d4f449ca5fdae73d8165ac4e9bf903da95083b
Size

3.5MB
MD5

ae57313ce6d1005eaa5d5295e644f4be
SHA1

21320bcbaaa267102d09903d925df373face9981
SHA256

2516df70a1bb0c71575db8ad38d4f449ca5fdae73d8165ac4e9bf903da95083b
SHA512

afc06a2fb66e5646931b05af3cc589fecc6b133e4998918f2d795380617b6feffdb33b276341f65958330dd9351e487adff25dcaa4ba79b8b4c4c1a155ec82b5
SSDEEP

98304:psF8Bt+tVFMcsu7sLz9GcLd11VAYUCsFLOAkGkzdnEVomFHKnPCh:psoRd11VAYUCsFLOyomFHKnPCh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2516df70a1bb0c71575db8ad38d4f449ca5fdae73d8165ac4e9bf903da95083b

Files

2516df70a1bb0c71575db8ad38d4f449ca5fdae73d8165ac4e9bf903da95083b
.exe windows:6 windows x86 arch:x86

415f4289cfbd3b005338a2d21a46fecf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
VirtualQuery
VirtualAlloc
GetCommandLineW
GetCommandLineA
GetDriveTypeW
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlUnwind
GetStdHandle
ExitProcess
GetFileType
LCMapStringW
GetConsoleOutputCP
GetConsoleMode
GetTimeZoneInformation
ReadConsoleW
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
WriteConsoleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetFilePointerEx
GetTempFileNameW
SearchPathW
GetProfileIntW
GetTickCount
FindResourceExW
GetWindowsDirectoryW
SetErrorMode
GetTempPathW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
VirtualProtect
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
GetThreadLocale
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
VerifyVersionInfoW
VerSetConditionMask
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcpyW
lstrcmpA
GetCurrentThread
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
ResumeThread
SuspendThread
SetThreadPriority
SetEvent
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
GetCurrentProcessId
GetModuleHandleA
OutputDebugStringA
SetLastError
MulDiv
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
CreateEventW
PurgeComm
ReadFile
SetCommState
GetCommState
SetCommTimeouts
GetCommTimeouts
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
HeapFree
WaitForSingleObject
GetModuleHandleW
GetLocalTime
GetProcAddress
LoadLibraryW
LocalFree
FormatMessageW
CopyFileW
DeleteFileW
GetVersionExW
GetNativeSystemInfo
GetSystemInfo
InitializeCriticalSectionEx
EnterCriticalSection
LeaveCriticalSection
CloseHandle
WriteFile
CreateFileW
GetModuleFileNameW
WideCharToMultiByte
GetCurrentDirectoryW
MultiByteToWideChar
Sleep
GetUserDefaultUILanguage
GetSystemDefaultLangID
OutputDebugStringW
FindResourceW
LoadResource
LockResource
SizeofResource
GetModuleHandleExW

user32

InvalidateRect
ShowOwnedPopups
EnumDisplayMonitors
SystemParametersInfoW
SetLayeredWindowAttributes
DrawIconEx
IsRectEmpty
DrawFocusRect
GetSysColorBrush
SetWindowRgn
DrawStateW
DrawFrameControl
DrawEdge
MapDialogRect
SetWindowContextHelpId
WaitMessage
PostQuitMessage
GetCursorPos
TranslateMessage
GetMessageW
IntersectRect
InflateRect
OffsetRect
SetRectEmpty
SendDlgItemMessageA
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
DestroyMenu
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
NotifyWinEvent
SetClipboardData
SetFocus
GetDlgCtrlID
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetCursorPos
UnionRect
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
EnableWindow
SendMessageW
PostMessageW
LoadIconW
LoadBitmapW
SetTimer
KillTimer
SetWindowTextW
FindWindowW
FindWindowExW
GetDC
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
GetMenuItemInfoW
GetKeyNameTextW
MapVirtualKeyW
RealChildWindowFromPoint
CopyImage
GetAsyncKeyState
TrackMouseEvent
DestroyIcon
LoadImageW
SetCapture
ReleaseCapture
WindowFromPoint
DeleteMenu
RegisterWindowMessageW
GetWindowRect
CharUpperW
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
OpenClipboard
GetWindowTextW
DrawTextW
ReleaseDC
SetRect
UnregisterClassW
GetSystemMenu
AppendMenuW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SetCursor
LoadCursorW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
RemoveMenu
IsWindow
FrameRect
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongW
GetDesktopWindow
EnableScrollBar
GetDoubleClickTime
GetIconInfo
CopyIcon
GetParent
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
BeginPaint
CloseClipboard
EmptyClipboard
SetParent
MonitorFromPoint
GetFocus
EndPaint
ClientToScreen
ScreenToClient
GetSysColor
FillRect
MessageBoxW
GetWindowThreadProcessId
GetLastActivePopup
LoadMenuW
IsZoomed
GetMenuDefaultItem
SetMenuDefaultItem
ModifyMenuW
DestroyAcceleratorTable
SetClassLongW
GetUpdateRect
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableW
UpdateLayeredWindow
HideCaret
InvertRect
GetWindowRgn
DestroyCursor
CreateMenu
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
PostThreadMessageW
IsClipboardFormatAvailable
CharUpperBuffW
SubtractRect
RegisterClipboardFormatW
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
GetKeyState

gdi32

GetObjectType
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateFontIndirectW
CreateRectRgnIndirect
Escape
PatBlt
SetRectRgn
DPtoLP
CreateEllipticRgn
Ellipse
GetBkColor
GetClipBox
GetTextExtentPoint32W
CreatePolygonRgn
Polygon
Polyline
GetTextMetricsW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetRgnBox
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
EnumFontFamiliesExW
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceW
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
GetDeviceCaps
CopyMetaFileW
EndDoc
EndPage
BitBlt
StartPage
StartDocW
GetPixel
GetTextColor
ExcludeClipRect
DeleteDC
GetObjectW
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
SelectObject
GetMapMode
CreateFontW

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
AddPrinterDriverW
OpenPrinterW
EnumPrintersW
ord204
AddPrinterW
SetPrinterDataW
DocumentPropertiesW
GetPrinterDriverDirectoryW

advapi32

RegQueryValueW
RegQueryValueExW
RegCloseKey
RegEnumKeyExW
RegEnumValueW
RegEnumKeyW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW

shell32

ShellExecuteExW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHGetFileInfoW
DragFinish
DragQueryFileW
SHAppBarMessage
ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW
PathIsUNCW
PathFindFileNameW

uxtheme

GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetWindowTheme
DrawThemeText
IsAppThemed
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground

ole32

OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoInitializeEx
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoRevokeClassObject
CoRegisterMessageFilter
CreateStreamOnHGlobal

oleaut32

VariantChangeType
LoadTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysFreeString
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
SysAllocStringByteLen
SysStringLen
SysAllocString
SysAllocStringLen
VariantInit
VariantClear

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImageHeight
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat

ws2_32

WSASetLastError
WSAGetLastError
WSAAsyncSelect
sendto
recvfrom
ntohs
inet_ntoa
inet_addr
bind
accept
InetNtopW
setsockopt
WSACleanup
WSAStartup
recv
send
__WSAFDIsSet
select
connect
closesocket
ioctlsocket
socket
htonl
InetPtonW
htons

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW

iphlpapi

IcmpCreateFile
FlushIpNetTable
GetIpNetTable
IcmpSendEcho
GetAdaptersInfo

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 347KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

415f4289cfbd3b005338a2d21a46fecf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

ws2_32

setupapi

iphlpapi

oleacc

imm32

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 347KB - Virtual size: 347KB

.data Size: 23KB - Virtual size: 42KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 142KB - Virtual size: 142KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 347KB - Virtual size: 347KB

.data
Size: 23KB - Virtual size: 42KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 142KB - Virtual size: 142KB