a57ac0adc74c0911431aa99409f72e71e64dafce1f9c911936b95fe1c4b5778b

Sharing

Copy URL Twitter E-mail

General

Target

a57ac0adc74c0911431aa99409f72e71e64dafce1f9c911936b95fe1c4b5778b
Size

2.4MB
MD5

ff0244780d42b051ea908a629b9867a7
SHA1

62277720162411f6ec8c63df8ff9398ce5a06a86
SHA256

a57ac0adc74c0911431aa99409f72e71e64dafce1f9c911936b95fe1c4b5778b
SHA512

fae4bfb19551855ffe964cde3f59df8ef301af905cc3189eac57407edb72f53e119b7bf927bbcdff005b6378876fd343d142b0f41e82eaf2e22173f87bec7b75
SSDEEP

49152:vn6GERVuMs9Y5eYIoa1+jHKQpGrP6WzXFYOfIpRHooN9nrXh9n0:Ge5Q46WzXWbLN9rXh9n0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a57ac0adc74c0911431aa99409f72e71e64dafce1f9c911936b95fe1c4b5778b

Files

a57ac0adc74c0911431aa99409f72e71e64dafce1f9c911936b95fe1c4b5778b
.exe windows:5 windows x64 arch:x64

a364e8bd9da01bc6ad270a3fc9cf4179

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetCurrentThread
GlobalDeleteAtom
lstrcmpiA
CreateFileA
GetModuleFileNameA
DeleteFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
FreeResource
FindResourceA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrcpyA
GetVersionExA
GetCurrentProcessId
SetThreadPriority
ResumeThread
WaitForSingleObject
GlobalAddAtomA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
TlsGetValue
InitializeCriticalSection
TlsAlloc
GlobalReAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
TlsFree
GetFileAttributesExA
GetFileAttributesA
GetFileSizeEx
GetFileTime
GetCurrentDirectoryA
GlobalFlags
SetErrorMode
GetACP
GetTempFileNameA
GetTempPathA
GetCPInfo
GetOEMCP
GetTickCount
GetProfileIntA
Sleep
SearchPathA
VirtualProtect
GetWindowsDirectoryA
GetNumberFormatA
FindResourceExW
GetUserDefaultLCID
EncodePointer
DecodePointer
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetStartupInfoW
HeapReAlloc
RtlLookupFunctionEntry
RtlUnwindEx
RaiseException
RtlPcToFileHeader
VirtualAlloc
SetThreadStackGuarantee
GetSystemInfo
VirtualQuery
ExitThread
CreateThread
SetStdHandle
GetFileType
HeapQueryInformation
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
TerminateProcess
HeapSetInformation
GetVersion
HeapCreate
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
GetStdHandle
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
IsValidCodePage
GetTimeZoneInformation
GetStringTypeW
LCMapStringW
CompareStringW
GetConsoleCP
GetConsoleMode
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
GetLocaleInfoA
CompareStringA
LoadLibraryA
lstrcmpA
GetModuleHandleW
GetProcAddress
LocalAlloc
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
ActivateActCtx
LoadLibraryW
DeactivateActCtx
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MulDiv
GetLastError
SetLastError
MultiByteToWideChar
lstrlenA
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemTimeAsFileTime
GetSystemDefaultUILanguage
ExitProcess
WinExec
CreateDirectoryA
FindClose
FindFirstFileA
OpenProcess
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
LockResource
SizeofResource
WideCharToMultiByte
LoadResource
GetModuleHandleA
FindResourceW

user32

TrackPopupMenu
ScrollWindow
MonitorFromWindow
GetMessagePos
GetMessageTime
SetWindowLongPtrA
GetWindowLongPtrA
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
GetForegroundWindow
RemovePropA
GetPropA
SetPropA
GetClassLongPtrA
GetClassLongA
GetCapture
IsChild
WinHelpA
LoadIconA
SetCapture
WindowFromPoint
ReleaseCapture
WaitMessage
DeleteMenu
RealChildWindowFromPoint
SetTimer
KillTimer
CopyAcceleratorTableA
SetRect
IntersectRect
GetNextDlgGroupItem
MessageBeep
LoadMenuW
NotifyWinEvent
GetAsyncKeyState
IsZoomed
CreatePopupMenu
BringWindowToTop
LockWindowUpdate
SetParent
MonitorFromPoint
IsMenu
UnionRect
OpenClipboard
CopyImage
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageA
LoadImageW
DestroyIcon
SetMenuDefaultItem
GetMenuDefaultItem
SetCursorPos
GetIconInfo
EnableScrollBar
CopyIcon
GetDoubleClickTime
SetClassLongPtrA
DestroyAcceleratorTable
GetUpdateRect
ToAsciiEx
MapVirtualKeyA
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
UpdateLayeredWindow
UnregisterClassA
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
RegisterClipboardFormatA
FrameRect
CharUpperBuffA
SubtractRect
IsClipboardFormatAvailable
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
GetKeyNameTextA
PostThreadMessageA
IsCharLowerA
MapVirtualKeyExA
InvertRect
HideCaret
CreateMenu
DestroyCursor
GetWindowRgn
InvalidateRect
UpdateWindow
ShowOwnedPopups
GetMessageA
GetClassInfoExA
SetMenu
GetKeyState
PeekMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
SetWindowsHookExA
UnhookWindowsHookEx
GetCursorPos
CallNextHookEx
PtInRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxA
LoadCursorA
GetClassInfoA
DefWindowProcA
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoA
GetMonitorInfoA
SetRectEmpty
CopyRect
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetNextDlgTabItem
EndDialog
DrawIconEx
GetSysColorBrush
RedrawWindow
IsWindowVisible
MapWindowPoints
GetWindowRect
SetWindowRgn
DrawFocusRect
DrawFrameControl
DrawEdge
FillRect
GetSysColor
OffsetRect
InflateRect
IsRectEmpty
DrawStateA
RegisterWindowMessageA
MapDialogRect
GetWindowTextLengthA
GetWindowTextA
GetFocus
SetFocus
SetWindowPos
GetParent
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
IsWindow
SetWindowTextA
GetWindowLongA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
CheckDlgButton
GetWindow
CharUpperA
PostQuitMessage
PostMessageA
GetDesktopWindow
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
LoadIconW
GetSystemMenu
AppendMenuA
SendMessageA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
EnableWindow
RegisterClassA
AdjustWindowRectEx
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
DispatchMessageA
CreateWindowExA
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
CallWindowProcA
GetMenu
DestroyMenu
GetMenuItemInfoA
TranslateMessage
GetClassNameA
SetCursor

advapi32

GetLengthSid
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
SetTokenInformation
OpenProcessToken

shell32

SHGetFileInfoA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHAppBarMessage
DragFinish
DragQueryFileA
ShellExecuteA
SHGetDesktopFolder

ole32

RevokeDragDrop
OleGetClipboard
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoLockObjectExternal
RegisterDragDrop
DoDragDrop
CreateStreamOnHGlobal
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateGuid
CoCreateInstance
CoInitializeSecurity
CoInitializeEx
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium

oleaut32

VariantChangeType
SysStringLen
SysAllocStringLen
SysFreeString
SysAllocString
VariantClear
VariantInit
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathFindExtensionA
UrlUnescapeA
PathRemoveFileSpecW

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipDrawImageRectI

winmm

PlaySoundA

wininet

InternetQueryDataAvailable
InternetSetOptionExA
InternetOpenUrlA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetCloseHandle

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

gdi32

GetTextColor
Polyline
Ellipse
Polygon
PatBlt
ExtTextOutA
GetTextExtentPoint32A
GetTextMetricsA
CreateDIBitmap
GetStockObject
CreatePen
CreatePatternBrush
CreateFontIndirectA
GetObjectA
GetBkColor
CombineRgn
CreatePolygonRgn
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
CreateSolidBrush
CreateDCA
CopyMetaFileA
OffsetViewportOrgEx
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
EnumFontFamiliesA
GetTextCharsetInfo
DeleteObject
SaveDC
RestoreDC
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetLayout
GetDeviceCaps
GetTextFaceA
SetPixelV
GetWindowOrgEx
EnumFontFamiliesExA
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
LPtoDP
GetViewportOrgEx
SetPaletteEntries
ExtFloodFill
GetSystemPaletteEntries
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
SetTextAlign
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreateBitmap
SelectPalette
GetObjectType
GetRgnBox
OffsetRgn
CreateRoundRectRgn
SetRectRgn
DPtoLP
CreateDIBSection
Rectangle
SetPixel
SetDIBColorTable
RealizePalette
StretchBlt
GetLayout

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 535KB - Virtual size: 535KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a364e8bd9da01bc6ad270a3fc9cf4179

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

gdiplus

winmm

wininet

oleacc

imm32

gdi32

winspool.drv

comdlg32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 535KB - Virtual size: 535KB

.data Size: 33KB - Virtual size: 83KB

.pdata Size: 77KB - Virtual size: 76KB

text Size: 3KB - Virtual size: 2KB

data Size: 2KB - Virtual size: 1KB

.rsrc Size: 188KB - Virtual size: 188KB

.reloc Size: 77KB - Virtual size: 77KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 535KB - Virtual size: 535KB

.data
Size: 33KB - Virtual size: 83KB

.pdata
Size: 77KB - Virtual size: 76KB

text
Size: 3KB - Virtual size: 2KB

data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 188KB - Virtual size: 188KB

.reloc
Size: 77KB - Virtual size: 77KB