56029598e7003b07f944fc6b0ff4531a

Sharing

Copy URL Twitter E-mail

General

Target

56029598e7003b07f944fc6b0ff4531a
Size

985KB
MD5

56029598e7003b07f944fc6b0ff4531a
SHA1

1f8ac780600a19a6dc715eb0d3fc5c4ac9fc34fc
SHA256

0d8aec9be8cb99ca557cad592f30bfa4dba0b5afda847329ce0d5fcd7a9fa277
SHA512

903fa678b19ef6c595388f01a6bc05b16ac55c75f00ef5a9a2b2cc5742e0132d8dc99543ad8668769d1b8d89a7d258cc195bd936182f2048eb3997bf2063b745
SSDEEP

24576:0v2QXejXuuTjFkX7znII6p9DwYtH3VU/MJMN:e2QujnRkrznIIIJrH3VUki

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56029598e7003b07f944fc6b0ff4531a

Files

56029598e7003b07f944fc6b0ff4531a
.exe windows:5 windows x86 arch:x86

cbf98a3c8008d13cec4db7869256baba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleW
CommDlgExtendedError
ChooseFontW
ChooseColorW

advapi32

CryptDecrypt
RegDeleteKeyW
GetUserNameA
AllocateAndInitializeSid
AdjustTokenPrivileges
RegEnumKeyExW
RegQueryValueExW
EqualSid
CryptEncrypt
RegSetValueExA
CryptHashData
RegSetValueExW
CryptDestroyHash
RegisterEventSourceW
CryptReleaseContext
CryptCreateHash
CryptDestroyKey
CryptDeriveKey
ReportEventW
RegQueryValueExA
OpenProcessToken
CryptAcquireContextW
RegCloseKey
RegCreateKeyExW
RegQueryInfoKeyW
GetTokenInformation
RegOpenKeyExW
RegEnumValueW
FreeSid
RegCreateKeyExA
LookupPrivilegeValueW

ole32

CoInitialize
CreateClassMoniker
CoCreateInstance
GetRunningObjectTable
CoSetProxyBlanket
CoGetObject
CoInitializeSecurity
CoTaskMemAlloc
CoUninitialize
ReleaseStgMedium
CoTaskMemFree
OleUninitialize
OleInitialize
StringFromGUID2

avifil32

AVIFileGetStream
AVIStreamRelease
AVIStreamInfoW
AVIFileExit
AVIFileRelease
AVIFileOpenW
AVIStreamReadFormat
AVIStreamRead
AVIFileInit

gdi32

GetWindowExtEx
ExtTextOutW
GetStockObject
Escape
RectVisible
GetViewportExtEx
TextOutW
SetTextAlign
GetCurrentObject
PtInRegion
SetTextColor
CreateCompatibleBitmap
CreateDIBSection
SetBkMode
CreateRectRgnIndirect
CreateICW
GetTextColor
StretchBlt
CreateDCW
RealizePalette
CreatePalette
CreatePen
PatBlt
GetDeviceCaps
PtVisible
CreateCompatibleDC
CreateHalftonePalette
GetDIBColorTable
GetMapMode
CreateRectRgn
CreateSolidBrush
GetTextMetricsW
OffsetRgn
DPtoLP
GetPixel
DeleteObject
GetTextExtentPoint32W
GetCharABCWidthsW
GetDIBits
CombineRgn
SetStretchBltMode
CreateBitmap
ExtCreatePen
SelectObject
SetDIBits
DeleteDC
BitBlt
CreateBitmapIndirect
GetObjectW
Rectangle
CreateFontIndirectW
LPtoDP

winmm

mciGetErrorStringW
mciSendCommandA
timeGetTime
mmioOpenW
mmioClose
mmioDescend

shell32

ILGetSize
ILGetSize
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFileInfoW
SHBrowseForFolderW
SHGetMalloc
ShellExecuteExW
DragQueryFileW
SHGetDesktopFolder
DragAcceptFiles
SHGetSpecialFolderPathW
SHFileOperationW
SHBindToParent
ShellExecuteW

msimg32

AlphaBlend

kernel32

FileTimeToLocalFileTime
GetDriveTypeA
GetTempPathW
QueryPerformanceFrequency
MulDiv
GetProcAddress
FindNextFileW
GetDiskFreeSpaceExW
Thread32Next
GlobalMemoryStatus
LockResource
GetDateFormatW
_llseek
lstrlenW
WaitForSingleObject
MapViewOfFile
LocalAlloc
OutputDebugStringW
Thread32First
EnterCriticalSection
GetCurrentThread
GetModuleHandleW
GetModuleFileNameA
SetCurrentDirectoryW
CreateFileMappingW
GetStartupInfoW
AllocConsole
lstrlenA
GetNumberFormatW
FatalAppExitW
GetComputerNameA
OpenProcess
FreeLibrary
GetSystemTimeAsFileTime
GetLogicalDriveStringsW
Process32NextW
GetLongPathNameW
CreateFileA
SystemTimeToFileTime
IsBadWritePtr
GetSystemTime
TerminateProcess
InitializeCriticalSection
ResetEvent
SetThreadPriority
GetVersion
GetCurrentDirectoryW
GetExitCodeProcess
GetVolumeInformationW
LoadResource
GetDriveTypeW
DeviceIoControl
GetLocaleInfoA
WaitForMultipleObjects
SetFileAttributesW
DeleteCriticalSection
CreateDirectoryW
GetSystemDefaultLangID
ResumeThread
CreateToolhelp32Snapshot
GetModuleHandleA
CreateEventW
InterlockedExchange
DebugBreak
GetACP
FindClose
InterlockedIncrement
MoveFileW
Process32FirstW
Sleep
GetCurrentThreadId
FindResourceW
DeleteFileW
GetVersionExW
GetFullPathNameW
GetCurrentProcess
GlobalAlloc
LocalFree
SetFilePointer
VirtualFree
CreatePipe
GetTempFileNameW
LoadLibraryExW
GetStdHandle
HeapFree
GetFileAttributesA
LocalFileTimeToFileTime
GlobalUnlock
lstrcatA
GetCurrentProcessId
CreateProcessW
GetExitCodeThread
GetLocalTime
QueryPerformanceCounter
GetProcessAffinityMask
GetSystemInfo
FileTimeToSystemTime
GetLocaleInfoW
CreateMutexW
ReleaseMutex
VirtualAlloc
SetConsoleTitleW
RemoveDirectoryW
WideCharToMultiByte
SetProcessAffinityMask
GetProfileIntW
lstrcmpiW
lstrcatW
InterlockedDecrement
FreeResource
FlushFileBuffers
CloseHandle
CreateFileMappingA
RaiseException
GetFileAttributesW
UnmapViewOfFile
ReadFile
HeapAlloc
SetEvent
GetShortPathNameW
GetModuleFileNameW
GetFileSize
LeaveCriticalSection
SuspendThread
GetLastError
GlobalLock
OpenFileMappingW
IsBadReadPtr
FindFirstFileW
GetThreadLocale
FormatMessageW
MultiByteToWideChar
LoadLibraryW
GetTimeFormatW
LoadLibraryA
GetProcessHeap
CreateThread
WriteFile
CopyFileW
lstrcpyW
GlobalFree
CreateFileW
GetVersionExA
GetDiskFreeSpaceA
GetPrivateProfileStringW
GetTickCount

gdiplus

GdipGetImageBounds
GdipLoadImageFromFileICM
GdipGetImageHeight
GdipAlloc
GdipCloneImage
GdipGetImageWidth
GdipDeleteGraphics
GdiplusShutdown
GdipBitmapGetPixel
GdipFree
GdipDrawImageRectRect
GdipDisposeImage
GdipImageRotateFlip
GdipCreateFromHDC
GdiplusStartup
GdipLoadImageFromFile
GdipGetImageThumbnail
GdipCreateHBITMAPFromBitmap

comctl32

ImageList_Replace
ImageList_SetBkColor
ImageList_Draw
FlatSB_GetScrollInfo
ImageList_BeginDrag
_TrackMouseEvent
ImageList_DragLeave
ImageList_GetIconSize
ImageList_DragMove
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_GetIcon
ImageList_AddMasked
ImageList_EndDrag

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

StrCmpIW
PathFindFileNameW
PathAppendW
PathAddExtensionW
PathFileExistsW
PathAddBackslashW
PathIsDirectoryW
PathRenameExtensionW
PathRemoveExtensionW
PathRemoveFileSpecA
PathAppendA
StrStrIW
PathIsRelativeW
PathCompactPathW
PathRemoveFileSpecW
PathFindExtensionW
PathIsRootW

user32

DestroyMenu
SetActiveWindow
GetMenu
GetComboBoxInfo
EndDialog
CopyRect
GetClipboardData
GetWindowTextW
OpenClipboard
DrawIconEx
GetSubMenu
MapDialogRect
ReleaseCapture
UpdateLayeredWindow
SetClassLongW
BringWindowToTop
LoadStringW
FindWindowExW
UnregisterClassW
GetOpenClipboardWindow
SetDlgItemTextW
IsWindow
GetSystemMetrics
UpdateWindow
GrayStringW
RegisterHotKey
SetMenu
DestroyIcon
GetLastActivePopup
LoadMenuW
EnableMenuItem
IsZoomed
BeginPaint
IsClipboardFormatAvailable
ClientToScreen
SetDlgItemInt
GetSysColor
InflateRect
TrackPopupMenu
DispatchMessageW
GetClassInfoW
GetKeyState
PostThreadMessageW
IsRectEmpty
SetCursor
wsprintfW
SetTimer
LoadImageW
GetDlgItemInt
RemoveMenu
GetDesktopWindow
WaitForInputIdle
RegisterClipboardFormatW
SetClipboardData
PeekMessageW
SetCapture
SetRect
ReleaseDC
PostMessageW
SetForegroundWindow
DrawStateW
LoadBitmapW
SetWindowLongW
SendDlgItemMessageW
CloseClipboard
EnableWindow
SystemParametersInfoW
TabbedTextOutW
GetFocus
WindowFromPoint
IsWindowEnabled
ScreenToClient
LockWindowUpdate
PtInRect
KillTimer
OffsetRect
wsprintfA
SetWindowTextW
GetParent
wvsprintfA
CheckDlgButton
CheckMenuItem
IsDlgButtonChecked
LoadCursorW
GetDC
GetWindowLongW
LoadIconW
DrawTextExW
GetCursorPos
RedrawWindow
InvalidateRect
EndPaint
RegisterWindowMessageW
DrawTextW
GetWindowRect
EqualRect
MoveWindow
SendMessageTimeoutW
GetDlgItem
GetWindow
GetDlgItemTextW
TranslateMessage
GetDlgCtrlID
IsIconic
MessageBoxW
SetWindowRgn
GetCapture
DrawFocusRect
ShowWindow
SendMessageW
GetSystemMenu
GetWindowDC
PostQuitMessage
GetMessagePos
SetWindowPos
FillRect
IsWindowVisible
ExitWindowsEx
FindWindowW
AdjustWindowRectEx
GetClientRect
GetActiveWindow
SetRectEmpty

Sections

.text
Size: 622KB - Virtual size: 622KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 320KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cbf98a3c8008d13cec4db7869256baba

Headers

File Characteristics

Imports

comdlg32

advapi32

ole32

avifil32

gdi32

winmm

shell32

msimg32

kernel32

gdiplus

comctl32

version

shlwapi

user32

Sections

.text Size: 622KB - Virtual size: 622KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 320KB - Virtual size: 3.6MB

.rsrc Size: 29KB - Virtual size: 29KB

.text
Size: 622KB - Virtual size: 622KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 320KB - Virtual size: 3.6MB

.rsrc
Size: 29KB - Virtual size: 29KB