5886bb1be3ecb182711f40cee07b3ef0

Sharing

Copy URL

Twitter E-mail

General

Target

5886bb1be3ecb182711f40cee07b3ef0
Size

978KB
MD5

5886bb1be3ecb182711f40cee07b3ef0
SHA1

52aac383bfaee91573f8007ebdf03cbee2abe8cf
SHA256

3f5a252513f60cbb4b19caf221f27ba0f3b97ef36178f5c2d4a80f06387f3bb4
SHA512

0cfeb4c9cc89eeba57c655862c75cfa33ce81dadbd9a087eb65b340ff87f7a96586f325cfcfd1f0828702e2a04fd576920d535de1c51160cf3f9ea1fc87486dc
SSDEEP

24576:CmT3CK+0EyJqrBcapU1JNzT5b/EQBwk1vJo:C+3D4yJqyaup5b/9wcJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5886bb1be3ecb182711f40cee07b3ef0

Files

5886bb1be3ecb182711f40cee07b3ef0
.exe windows:5 windows x86 arch:x86

0f5dded1250877d62f4583ce74b17580

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

tapi32

lineUncompleteCall
lineAccept

shlwapi

PathRenameExtensionW
StrStrIW
PathRemoveFileSpecW
PathRemoveExtensionW
PathAppendW
PathIsRootW
PathAppendA
PathCompactPathW
PathFindFileNameW
PathAddBackslashW
StrCmpIW
PathFileExistsW
PathIsRelativeW
SHDeleteKeyW
PathIsDirectoryW
PathAddExtensionW
PathFindExtensionW
PathRemoveBackslashW
PathRemoveFileSpecA

comctl32

ImageList_DragMove
ImageList_DragEnter
ImageList_GetIcon
ImageList_AddMasked
ImageList_SetBkColor
ImageList_GetIconSize
ImageList_DragLeave
ImageList_BeginDrag
ImageList_EndDrag
ImageList_ReplaceIcon
ImageList_Replace
ImageList_Add
ImageList_Draw
FlatSB_GetScrollInfo
_TrackMouseEvent

kernel32

SetFilePointer
lstrlenA
TerminateProcess
GetTimeFormatW
OpenProcess
LocalAlloc
EnterCriticalSection
GetThreadLocale
GetProcessHeap
_llseek
lstrcmpiW
InitializeCriticalSection
OutputDebugStringW
QueryPerformanceCounter
GetSystemTime
CreateFileW
FormatMessageW
GetVersionExA
GetLongPathNameW
GetShortPathNameW
MoveFileW
WideCharToMultiByte
CreateEventW
GetLocalTime
GetVersionExW
GlobalUnlock
GetACP
GetExitCodeProcess
WriteFile
CreateFileA
CreateProcessW
UnmapViewOfFile
GetDiskFreeSpaceA
InterlockedIncrement
GetWindowsDirectoryW
FileTimeToLocalFileTime
GetDriveTypeW
GetPrivateProfileStringW
Thread32Next
SetCurrentDirectoryW
LoadLibraryW
DeleteFileW
SystemTimeToFileTime
MulDiv
GetProcessAffinityMask
Process32NextW
GetTempFileNameW
LoadResource
GetComputerNameA
GetCurrentProcessId
lstrcpynW
CopyFileW
GetFullPathNameW
Sleep
GetProcAddress
GetModuleFileNameA
GetSystemDefaultLangID
GetLastError
QueryPerformanceFrequency
GetCurrentDirectoryW
GetModuleHandleA
GetSystemTimeAsFileTime
GetCPInfo
GetFileAttributesW
SetProcessAffinityMask
IsBadWritePtr
VirtualAlloc
LocalFileTimeToFileTime
GetModuleHandleW
IsBadReadPtr
CreateFileMappingA
FindClose
SetFileAttributesW
LockResource
lstrlenW
lstrcpyW
CreateMutexW
GetModuleFileNameW
LoadLibraryA
CreatePipe
InterlockedExchange
GetNumberFormatW
ResumeThread
FreeLibrary
InterlockedDecrement
GetCurrentProcess
FindFirstFileW
GlobalAlloc
HeapAlloc
VirtualFree
GetStartupInfoW
Process32FirstW
CreateDirectoryW
DeleteCriticalSection
SuspendThread
GetLocaleInfoA
LeaveCriticalSection
WaitForSingleObject
RemoveDirectoryW
GetLocaleInfoW
SetEvent
GetFullPathNameA
FreeResource
GetCurrentThreadId
RaiseException
Thread32First
GetCurrentThread
FindResourceW
GetTickCount
ReadFile
GetLogicalDriveStringsW
GlobalLock
LocalFree
DeviceIoControl
SetThreadPriority
GetDiskFreeSpaceExW
GetVolumeInformationW
GlobalMemoryStatus
MultiByteToWideChar
MapViewOfFile
GetTempPathW
CloseHandle
ResetEvent
GlobalFree
FileTimeToSystemTime
HeapFree
FindNextFileW
GetFileSize
GetDateFormatW
GetSystemInfo
CreateToolhelp32Snapshot

shell32

SHGetMalloc
SHBindToParent
DragAcceptFiles
SHGetFileInfoW
SHGetSpecialFolderLocation
SHFileOperationW
DragQueryFileW
ShellExecuteExW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
ShellExecuteW
SHGetDesktopFolder

msacm32

acmDriverDetailsW

comdlg32

ChooseColorW
ChooseFontW
GetFileTitleW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

ole32

CoGetObject
OleInitialize
CreateClassMoniker
CoCreateInstance
OleUninitialize
GetRunningObjectTable
StringFromGUID2
CoTaskMemFree
ReleaseStgMedium
CoSetProxyBlanket
StgOpenStorage
StgCreateDocfile
CoInitialize
CoInitializeSecurity
CoTaskMemAlloc
CoUninitialize

winmm

mmioOpenW
mciGetErrorStringW
mmioClose
mciSendCommandA
mmioDescend
timeGetTime

user32

LoadImageW
UnregisterClassA
CheckMenuItem
MessageBoxW
DrawTextExW
TabbedTextOutW
SetCapture
BeginPaint
IsClipboardFormatAvailable
GetWindowRect
LoadStringW
AdjustWindowRectEx
SetActiveWindow
ScreenToClient
GetParent
IsIconic
SetClassLongW
DeferWindowPos
SetDlgItemTextW
EnableMenuItem
SetWindowRgn
RegisterWindowMessageW
RegisterClipboardFormatW
UnregisterClassW
LoadIconW
PeekMessageW
DrawIconEx
CopyRect
GetDC
GetComboBoxInfo
GrayStringW
GetMenuItemCount
OffsetRect
GetDlgItemInt
GetDlgCtrlID
GetWindowTextW
ClientToScreen
TranslateMessage
SendDlgItemMessageW
InsertMenuW
GetKeyState
UpdateLayeredWindow
GetSystemMetrics
ShowWindow
GetClientRect
DestroyIcon
UpdateWindow
MoveWindow
GetCursorPos
LoadBitmapW
IsRectEmpty
GetWindowDC
GetCapture
DispatchMessageW
ModifyMenuW
SetCursor
SetWindowLongW
SetRectEmpty
EqualRect
GetActiveWindow
GetWindowLongW
ExitWindowsEx
EndDialog
DrawStateW
ReleaseDC
CloseClipboard
IsWindowVisible
SetMenuDefaultItem
SetWindowTextW
SendMessageW
RedrawWindow
UnionRect
IsWindow
GetDlgItem
TrackPopupMenu
FindWindowW
LoadCursorW
LockWindowUpdate
IsWindowEnabled
GetSubMenu
WindowFromPoint
EnableWindow
PostMessageW
FillRect
wsprintfA
InvalidateRect
SetClipboardData
GetSystemMenu
RemoveMenu
CheckDlgButton
IntersectRect
GetDlgItemTextW
KillTimer
SystemParametersInfoW
SendMessageTimeoutW
wsprintfW
DrawFocusRect
OpenClipboard
EndDeferWindowPos
IsZoomed
GetFocus
PtInRect
GetWindow
LoadMenuW
GetMessagePos
BeginDeferWindowPos
GetClipboardData
SetMenu
FindWindowExW
ReleaseCapture
BringWindowToTop
EndPaint
GetMenuItemID
PostThreadMessageW
SetForegroundWindow
SetDlgItemInt
SetRect
SetWindowPos
GetOpenClipboardWindow
GetMessageW
DefWindowProcW
MapDialogRect
GetSysColor
DrawTextW
InflateRect
GetDesktopWindow
SetTimer
PostQuitMessage
IsDlgButtonChecked

gdiplus

GdipGetImageWidth
GdipDrawImageRectRect
GdipBitmapGetPixel
GdipGetImageBounds
GdipImageRotateFlip
GdipDeleteGraphics
GdipAlloc
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipCreateFromHDC
GdipDisposeImage
GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdipCloneImage
GdiplusShutdown
GdipFree
GdipGetImageThumbnail
GdipGetImageHeight

gdi32

RealizePalette
PtVisible
LPtoDP
GetMapMode
CreatePen
StretchDIBits
CreateRectRgn
OffsetRgn
SelectClipRgn
EnumFontFamiliesW
CreateCompatibleDC
GetObjectW
ExtCreatePen
SetDIBits
ExtTextOutW
GetCurrentObject
SetBkMode
RectVisible
GetCharABCWidthsW
GetTextExtentPoint32W
CreateICW
CreateBrushIndirect
SetBkColor
CreateBitmap
GetTextExtentPoint32A
CreatePolygonRgn
PatBlt
SetROP2
GetStockObject
CombineRgn
DeleteObject
CreateDIBSection
StretchBlt
CreateDIBitmap
Escape
CreateRectRgnIndirect
PtInRegion
DeleteDC
Rectangle
DPtoLP
GetWindowExtEx
CreateCompatibleBitmap
SetTextColor
CreatePalette
GetTextMetricsW
GetDeviceCaps
CreateDCW
GetTextColor
GetDIBits
CreateFontIndirectW
CreateSolidBrush
CreateHalftonePalette
BitBlt
GetPixel
SelectPalette
SetStretchBltMode
SetTextAlign
TextOutW
CreateBitmapIndirect
SelectObject
GetViewportExtEx
GetTextMetricsA
GetDIBColorTable

advapi32

RegCreateKeyExA
RegCloseKey
CryptAcquireContextA
RegQueryValueExW
OpenProcessToken
RegOpenKeyExW
FreeSid
RegCreateKeyExW
CryptExportKey
RegDeleteValueW
CryptDestroyHash
CryptGetUserKey
RegEnumKeyExW
RegQueryInfoKeyW
CryptReleaseContext
RegEnumValueW
ReportEventW
CryptDestroyKey
GetUserNameW
CryptHashData
CryptAcquireContextW
AllocateAndInitializeSid
GetTokenInformation
CryptGenKey
CryptDeriveKey
RegDeleteKeyW
EqualSid
RegisterEventSourceW
RegSetValueExA
CryptDecrypt
CryptGenRandom
RegQueryValueExA
CryptEncrypt
CryptImportKey
RegSetValueExW
CryptCreateHash
GetUserNameA

Sections

.text
Size: 676KB - Virtual size: 675KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f5dded1250877d62f4583ce74b17580

Headers

File Characteristics

Imports

tapi32

shlwapi

comctl32

kernel32

shell32

msacm32

comdlg32

version

ole32

winmm

user32

gdiplus

gdi32

advapi32

Sections

.text Size: 676KB - Virtual size: 675KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 275KB - Virtual size: 3.5MB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 676KB - Virtual size: 675KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 275KB - Virtual size: 3.5MB

.rsrc
Size: 13KB - Virtual size: 13KB