549422597b561cd4aab5dcdb810b2776

Sharing

Copy URL

Twitter E-mail

General

Target

549422597b561cd4aab5dcdb810b2776
Size

1.9MB
MD5

549422597b561cd4aab5dcdb810b2776
SHA1

5be64f8c3e2a0d6c0d9de93ef76dd6d0c8a6e0f1
SHA256

dc2060e286f48048f8a12ed332bdfa12b3c53692beb06ebfa4d774009b272e56
SHA512

332696bc3bfc44429f6386ea0ea253286f5608b9ed35dfe71551f6fa80780b3cf230858134ff212e0f01a2e2cc5ef581b78b2682cd5819f1396243cb55b2f002
SSDEEP

24576:N0fV6Lz9F0Yup//qA8EdXmX+5dqDGUSxCtxRMfaFIS/chlYJALELQgDWh0RWxKk:2fV6LzYdX7BdXmXYFXIx0anqh0I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
549422597b561cd4aab5dcdb810b2776

Files

549422597b561cd4aab5dcdb810b2776
.exe windows:5 windows x86 arch:x86

d2d0b1fc0e2bbf55f1fc5ce0bdab6d22

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
InternetOpenUrlA
InternetCloseHandle
InternetOpenA

kernel32

WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
SetErrorMode
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
RtlUnwind
VirtualAlloc
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
HeapReAlloc
Sleep
ExitProcess
ReadFile
HeapSize
VirtualFree
HeapCreate
GetStdHandle
GetACP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
WritePrivateProfileStringA
FileTimeToSystemTime
GetThreadLocale
GetModuleHandleW
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
FindResourceExA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
FormatMessageA
LocalFree
GetCurrentProcessId
GetModuleFileNameW
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetVersionExA
GetProcAddress
LoadLibraryA
GlobalFree
VirtualProtect
ResumeThread
SuspendThread
GetExitCodeThread
TerminateThread
CreateThread
GetVersion
IsDBCSLeadByte
lstrcmpiA
LoadLibraryExA
FreeLibrary
GetModuleHandleA
CreateMutexA
HeapAlloc
DeleteFileA
MoveFileExA
GetTempPathA
GetTempFileNameA
CreateFileA
CreateFileMappingA
MapViewOfFile
FreeResource
UnmapViewOfFile
CloseHandle
CreateEventA
CreateProcessA
WaitForSingleObject
GetProcessHeap
HeapFree
GetFileAttributesA
CreateDirectoryA
GetTickCount
LeaveCriticalSection
RaiseException
SetLastError
GetCurrentThreadId
InitializeCriticalSection
GetCurrentProcess
FlushInstructionCache
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
DeleteCriticalSection
GetModuleFileNameA
MulDiv
GetLastError
lstrcmpA
lstrlenW
MultiByteToWideChar
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenA
FindResourceA
LoadResource
LockResource
SizeofResource
InterlockedCompareExchange
IsProcessorFeaturePresent

user32

GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowThreadProcessId
IsDialogMessageA
SetDlgItemTextA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
SetMenu
IsRectEmpty
IsWindowVisible
UpdateWindow
GetMenuItemID
GetMenuItemCount
MessageBoxA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
CopyRect
GetDlgCtrlID
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetPropA
GetCapture
GetActiveWindow
SetActiveWindow
MapDialogRect
ShowWindow
GetPropA
RemovePropA
GetAsyncKeyState
IsWindowEnabled
GetMessageA
PeekMessageA
PostThreadMessageA
DrawIcon
GetSystemMetrics
LoadMenuA
GetSubMenu
SetMenuDefaultItem
GetCursorPos
SetForegroundWindow
TrackPopupMenu
LoadIconA
KillTimer
SetTimer
GetWindowDC
GetWindowRect
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetRect
PostMessageA
CallWindowProcA
DestroyWindow
GetDlgItem
SendMessageA
InvalidateRgn
InvalidateRect
SetCapture
CopyAcceleratorTableA
CharUpperA
UnregisterClassA
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
SetCursor
TranslateMessage
ValidateRect
PostQuitMessage
ReleaseCapture
ScreenToClient
ClientToScreen
MoveWindow
CreateAcceleratorTableA
GetDC
ReleaseDC
GetDesktopWindow
CharNextA
GetClassNameA
SetWindowPos
RedrawWindow
IsWindow
BeginPaint
FillRect
EndPaint
IsChild
SetFocus
GetFocus
GetWindow
GetSysColor
DestroyAcceleratorTable
EnableWindow
GetParent
GetClientRect
CreateWindowExA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
GetWindowLongA
SetWindowLongA
DefWindowProcA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
PtInRect

gdi32

SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
SetViewportExtEx
EnumFontFamiliesExA
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ScaleViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateCompatibleDC
SelectObject
BitBlt
GetWindowExtEx
CreateRectRgnIndirect
DeleteDC
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
Rectangle
CreateFontIndirectA
CreatePen
CreateDCA
GetStockObject
GetObjectA
GetDeviceCaps
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
GetViewportExtEx

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

shell32

ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
Shell_NotifyIconA
ShellExecuteA

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoTaskMemRealloc
CoTaskMemFree
OleLockRunning
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleInitialize
CreateStreamOnHGlobal
OleUninitialize
OleIsCurrentClipboard
CoFreeUnusedLibraries
CoRevokeClassObject
CoRegisterMessageFilter
OleFlushClipboard

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
VariantChangeType
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
SysAllocString
SysStringLen
SysAllocStringLen
SysFreeString

urlmon

URLDownloadToFileA

Sections

.text
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: 512B - Virtual size: 29B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2d0b1fc0e2bbf55f1fc5ce0bdab6d22

Headers

DLL Characteristics

File Characteristics

Imports

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

urlmon

Sections

.text Size: 330KB - Virtual size: 329KB

.rdata Size: 77KB - Virtual size: 76KB

.data Size: 14KB - Virtual size: 28KB

.udata Size: 512B - Virtual size: 29B

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.text
Size: 330KB - Virtual size: 329KB

.rdata
Size: 77KB - Virtual size: 76KB

.data
Size: 14KB - Virtual size: 28KB

.udata
Size: 512B - Virtual size: 29B

.rsrc
Size: 1.5MB - Virtual size: 1.5MB