285b0961ceee6adba7780e9fbd78f2eaceb1c3821112a45e19e8f3da21eacf15

Sharing

Copy URL Twitter E-mail

General

Target

285b0961ceee6adba7780e9fbd78f2eaceb1c3821112a45e19e8f3da21eacf15
Size

3.0MB
MD5

a0797366897caad2f6915f821f390997
SHA1

146d95d5adfe6a0601a89aac3489636b3ed7ee29
SHA256

285b0961ceee6adba7780e9fbd78f2eaceb1c3821112a45e19e8f3da21eacf15
SHA512

078a395558b6f25059640dbffa5f4b87fae06fb054dbff68387fbbc18339a276f061bcb963858201568693334a52eecb5cd5b6965b078d8f4d2fe6ae06182833
SSDEEP

49152:qVLgPq7Ukhj9Fal4gCtvCtcmnGhefXnymnGZ+Xs7TmnGMefXn9:Lq7UkhZNknyNX7TNdn9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
285b0961ceee6adba7780e9fbd78f2eaceb1c3821112a45e19e8f3da21eacf15

Files

285b0961ceee6adba7780e9fbd78f2eaceb1c3821112a45e19e8f3da21eacf15
.exe windows:6 windows x86 arch:x86

7f70ffbf2f05d176472c9ab8c4c62559

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
GetCurrentDirectoryW
GetTickCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
WriteConsoleW
ReadConsoleW
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetDriveTypeW
SetFilePointerEx
GlobalFlags
GetConsoleCP
GetTimeZoneInformation
GetFileType
ExitProcess
GetStdHandle
HeapQueryInformation
VirtualQuery
GetSystemInfo
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
CreateThread
RtlUnwind
LCMapStringW
lstrlenW
MoveFileExW
FindNextFileW
RemoveDirectoryW
CreateDirectoryW
OutputDebugStringW
SetErrorMode
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
FileTimeToSystemTime
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
CreateEventW
CompareStringA
GetVersionExW
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
GetLocaleInfoW
lstrcmpW
GlobalDeleteAtom
GetSystemDirectoryW
EncodePointer
GetCurrentProcessId
GetThreadLocale
LoadLibraryA
LoadLibraryExW
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
lstrcmpA
GlobalFree
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
SetLastError
OutputDebugStringA
GetACP
DeleteCriticalSection
DecodePointer
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
CopyFileW
TerminateProcess
GetCurrentThreadId
SetFileAttributesW
SetFileTime
SetCurrentDirectoryW
ReadFile
DuplicateHandle
GetExitCodeProcess
WaitForSingleObject
GetPriorityClass
ExitThread
DeleteFileW
GetExitCodeThread
LocalFree
FormatMessageW
lstrcpynW
RaiseException
AssignProcessToJobObject
CreateJobObjectW
CreateProcessW
GlobalUnlock
GlobalLock
GlobalAlloc
VirtualFreeEx
ReadProcessMemory
WriteProcessMemory
VirtualAllocEx
OpenProcess
MulDiv
QueryInformationJobObject
VirtualAlloc
GetModuleHandleW
VirtualFree
HeapFree
CloseHandle
GetProcessHeap
HeapAlloc
GetCurrentProcess
GetCurrentThread
GetTempFileNameW
GetTempPathW
ExpandEnvironmentStringsW
WideCharToMultiByte
Sleep
GetModuleFileNameW
FreeLibrary
GetProcAddress
GetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
GetConsoleMode
LoadLibraryW

user32

GetScrollPos
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetMenu
GetMenu
GetCapture
GetKeyState
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsChild
IsMenu
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
IsDialogMessageW
GetWindow
SetWindowLongW
GetWindowTextW
SetWindowTextW
GetFocus
SetFocus
GetDlgCtrlID
SendDlgItemMessageW
DestroyWindow
SetDlgItemTextW
MoveWindow
UnhookWindowsHookEx
GetSysColor
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetDesktopWindow
SetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
IsWindow
GetLastActivePopup
GetWindowLongW
MessageBoxW
IsWindowEnabled
CharUpperW
GetMenuItemCount
GetMenuItemID
SetPropW
GetPropW
RemovePropW
AdjustWindowRectEx
MapWindowPoints
EqualRect
PtInRect
GetClassLongW
GetClassNameW
GetTopWindow
SetWindowsHookExW
CallNextHookEx
WinHelpW
MonitorFromWindow
GetMonitorInfoW
InvalidateRgn
CheckMenuItem
RegisterClassExW
CreateWindowExW
DefWindowProcW
ShowWindow
CopyRect
SetWindowPos
GetWindowThreadProcessId
IsWindowVisible
EnumWindows
ScreenToClient
PostMessageW
GetClientRect
SendMessageW
ClientToScreen
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
LoadIconW
IsIconic
GetSystemMetrics
DrawIcon
GetDC
ReleaseDC
LoadImageW
GetWindowRect
SetTimer
KillTimer
EnableWindow
GetThreadDesktop
CreateDesktopW
SetThreadDesktop
CloseDesktop
CreateMenu
CreatePopupMenu
AppendMenuW
GetSubMenu
GetCursorPos
UpdateWindow
TrackPopupMenu
UnregisterClassW
SendDlgItemMessageA
SetRectEmpty
OffsetRect
GetParent
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
DestroyMenu
PostQuitMessage
SetWindowContextHelpId
MapDialogRect
GetMessageW
TranslateMessage
SetCursor
GetSysColorBrush
LoadCursorW
RealChildWindowFromPoint
IntersectRect
InvalidateRect
SetCapture
ReleaseCapture
CharNextW
PostThreadMessageW
RegisterClipboardFormatW
CopyAcceleratorTableW
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
SetRect
GetActiveWindow

gdi32

ExtSelectClipRgn
SelectObject
SetBkColor
SetMapMode
GetObjectW
TextOutW
SaveDC
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
RestoreDC
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetClipBox
Escape
DeleteObject
CreateBitmap
DeleteDC
GetStockObject
SetBkMode
SetTextColor
CreateFontW
GetDeviceCaps
ExtTextOutW
CreateSolidBrush

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

ReportEventW
DeregisterEventSource
OpenThreadToken
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegUnLoadKeyW
RegLoadKeyW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueW
CopySid
GetLengthSid
GetTokenInformation
OpenProcessToken
RegisterEventSourceW

shell32

SHGetFolderPathW
ShellExecuteW
ord51

comctl32

InitCommonControlsEx
ImageList_AddMasked

shlwapi

PathFindFileNameW
PathFileExistsW
PathMatchSpecW
PathFindExtensionW
UrlUnescapeW
PathIsUNCW
PathStripToRootW

ole32

CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
OleInitialize
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoCreateInstance
CoInitializeEx
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
OleUninitialize
CoFreeUnusedLibraries
CoRevokeClassObject
CoInitialize

oleaut32

SysAllocString
SysFreeString
OleCreateFontIndirect
SysStringLen
VariantCopy
VariantChangeType
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
SafeArrayDestroy
VariantClear
VariantInit
SafeArrayPutElement
SafeArrayCreateVector

oledlg

OleUIBusyW

rpcrt4

UuidToStringW
RpcStringFreeW
UuidCreate

winhttp

WinHttpQueryDataAvailable
WinHttpCloseHandle
WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpOpenRequest
WinHttpConnect
WinHttpSetOption
WinHttpOpen
WinHttpReadData
WinHttpCrackUrl

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 442KB - Virtual size: 442KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f70ffbf2f05d176472c9ab8c4c62559

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

rpcrt4

winhttp

oleacc

Sections

.text Size: 442KB - Virtual size: 442KB

.rdata Size: 109KB - Virtual size: 108KB

.data Size: 11KB - Virtual size: 22KB

.rsrc Size: 171KB - Virtual size: 170KB

.reloc Size: 29KB - Virtual size: 28KB

.text
Size: 442KB - Virtual size: 442KB

.rdata
Size: 109KB - Virtual size: 108KB

.data
Size: 11KB - Virtual size: 22KB

.rsrc
Size: 171KB - Virtual size: 170KB

.reloc
Size: 29KB - Virtual size: 28KB