59001d3e0e7f19b7d36b4397e1935be9

Sharing

Copy URL Twitter E-mail

General

Target

59001d3e0e7f19b7d36b4397e1935be9
Size

1.1MB
MD5

59001d3e0e7f19b7d36b4397e1935be9
SHA1

dce5728eb6ce739a0ada77ee5a00b67a4ab847e1
SHA256

f2aa13f50f76e08363fbababa469329fd738b955bd33e27c834744c8a8ac236c
SHA512

7a68a8d76bc9510af8c06172077ff9a0ad76b44ea42fae85d383d031aefde01ad76cf218afde5b655e6eba422520db1710cd4144fa628ee7d7aaad359d16e113
SSDEEP

24576:c9Q+CQSFdj4QlRYfsxNWEa7saSZappqnTv:cKRdj4yRYfsxNWEa7oaKz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59001d3e0e7f19b7d36b4397e1935be9

Files

59001d3e0e7f19b7d36b4397e1935be9
.exe windows:4 windows x86 arch:x86

f4f631c5fd5eed3733382c6a053150f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
GetEnvironmentVariableA
LCMapStringW
UnhandledExceptionFilter
GetFileType
SetStdHandle
HeapSize
GetCommandLineA
GetStartupInfoA
RaiseException
HeapReAlloc
ExitProcess
ExitThread
CreateThread
GetLocalTime
GetTimeZoneInformation
GetProfileStringA
UnmapViewOfFile
DosDateTimeToFileTime
FlushInstructionCache
GetProcessHeap
GetTempPathA
VirtualQuery
FindResourceExW
DebugBreak
FreeResource
InterlockedExchange
RtlUnwind
FindResourceExA
SetErrorMode
SetFileTime
SystemTimeToFileTime
GetFileTime
lstrlenW
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
VirtualProtect
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GetCurrentThread
GetFullPathNameA
GetVolumeInformationA
FlushFileBuffers
DuplicateHandle
GetThreadLocale
FileTimeToLocalFileTime
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
FormatMessageA
InterlockedDecrement
InterlockedIncrement
CreateDirectoryA
FileTimeToSystemTime
GetSystemTime
GetSystemDirectoryA
lstrcmpA
lstrcmpiA
lstrcpynA
GetExitCodeProcess
GlobalMemoryStatus
GetWindowsDirectoryA
CopyFileA
GetCurrentProcess
GetPrivateProfileIntA
GetCurrentProcessId
OpenProcess
TerminateProcess
lstrcatA
CreateProcessA
GetLogicalDriveStringsA
GetDriveTypeA
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
SetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GlobalFree
CreateEventA
FindResourceA
LoadResource
SizeofResource
LockResource
LCMapStringA
WideCharToMultiByte
GetACP
GetCurrentDirectoryA
SetCurrentDirectoryA
LockFile
WriteFile
UnlockFile
ReadFile
MoveFileA
FindFirstFileA
FindNextFileA
FindClose
GetFileSize
SetFilePointer
SetEndOfFile
CreateFileA
GetFileAttributesA
MultiByteToWideChar
GetVersionExA
GetLastError
GetProcAddress
LoadLibraryA
FreeLibrary
LocalFree
LocalAlloc
OutputDebugStringA
lstrcpyA
ResetEvent
WaitForSingleObject
CloseHandle
LeaveCriticalSection
WritePrivateProfileStringA
EnterCriticalSection
GetExitCodeThread
DeleteCriticalSection
InitializeCriticalSection
lstrlenA
GetPrivateProfileStringA
GetTickCount
Sleep
DeleteFileA
GetModuleFileNameA

user32

RegisterClassA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
IntersectRect
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
UnhookWindowsHookEx
wsprintfA
SetFocus
IsWindowEnabled
MoveWindow
GetDlgCtrlID
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemInt
SendDlgItemMessageA
GetDlgItem
CheckDlgButton
UpdateWindow
SetCursor
DestroyCursor
DestroyIcon
InflateRect
LoadCursorA
OffsetRect
GetSysColor
DispatchMessageA
PeekMessageA
MessageBoxA
SendMessageA
TrackPopupMenu
GetMenuState
GetMenuItemCount
DeleteMenu
GetWindowDC
SetWindowPos
RemovePropA
LockWindowUpdate
GetKeyState
GetFocus
IsChild
MessageBeep
GetClassInfoA
SetRectEmpty
DrawIcon
LoadAcceleratorsA
GetSystemMenu
SetClassLongA
GetWindowLongA
IsWindow
GetPropA
ShowWindow
GetLastActivePopup
FlashWindow
GetMenuStringA
InsertMenuItemA
EnableMenuItem
AppendMenuA
WinHelpA
GetCapture
ScreenToClient
GetTopWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetScrollInfo
GetScrollInfo
LoadImageA
GetMenu
InsertMenuA
CreatePopupMenu
SetWindowLongA
SetWindowRgn
GrayStringA
DrawTextA
TabbedTextOutA
LoadBitmapA
GetDesktopWindow
FillRect
GetDC
ReleaseDC
RegisterWindowMessageA
PostMessageA
SetMenuItemInfoA
GetSubMenu
LoadMenuA
EnableWindow
LoadIconA
GetClientRect
IsWindowVisible
SystemParametersInfoA
SetForegroundWindow
IsIconic
GetCursorPos
RegisterHotKey
GetParent
UnregisterHotKey
KillTimer
IsRectEmpty
SetTimer
GetSystemMetrics
SetRect
CopyRect
GetWindowRect
TranslateAcceleratorA
PtInRect
GetAsyncKeyState
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
MonitorFromPoint
GetMonitorInfoA
GetMenuItemRect
GetMenuDefaultItem
EqualRect
AdjustWindowRectEx
MapWindowPoints
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
wvsprintfA
CharNextA
DestroyMenu
ClientToScreen
BeginPaint
EndPaint
CharUpperA
LoadStringA
PostQuitMessage
ValidateRect
GetMessageA
GetNextDlgGroupItem
SetWindowContextHelpId
MapDialogRect
CopyAcceleratorTableA
ReleaseCapture
SetMenu
GetClassNameA
PostThreadMessageA
RemoveMenu
RegisterClipboardFormatA
WindowFromPoint
SetCapture
GetSysColorBrush
ExitWindowsEx
UnionRect
RedrawWindow
DrawFocusRect
DrawStateA
CreateIconIndirect
SendMessageTimeoutA
IsMenu
GetIconInfo
LoadCursorFromFileA
FindWindowExA
WindowFromDC
MessageBoxIndirectA
FrameRect
ModifyMenuW
AppendMenuW
DrawTextExW
DrawTextExA
DrawTextW
TrackPopupMenuEx
LoadBitmapW
LoadImageW
LoadIconW
DrawIconEx
LoadStringW
InsertMenuW
InsertMenuItemW
DrawFrameControl
EnableScrollBar
SetPropA
CheckMenuItem
TranslateMessage
SetParent
CloseClipboard
GetClipboardData
OpenClipboard
InvalidateRect
GetWindow
ModifyMenuA
GetMenuItemID
GetMenuStringW
GetMenuItemInfoA

gdi32

ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetViewportExtEx
GetWindowExtEx
CreatePen
CreatePatternBrush
SetViewportExtEx
GetMapMode
DPtoLP
LPtoDP
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
RestoreDC
SaveDC
CreateRectRgnIndirect
GetBkColor
GetTextColor
GetClipBox
CreateEllipticRgn
CreatePolygonRgn
FillRgn
FrameRgn
GetTextExtentPoint32A
CreateFontIndirectA
CreateFontA
SetBkMode
GetObjectA
GetDIBits
GetStockObject
CreateRectRgn
GetPixel
CombineRgn
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SetBkColor
CreateBitmap
StretchBlt
CreateCompatibleDC
GetTextExtentPoint32W
GetTextExtentPointA
GetTextExtentPointW
TextOutW
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
CreateDIBSection
SetBrushOrgEx
CreateBitmapIndirect
SetPixel
GetNearestColor
RoundRect
OffsetRgn
GetCharWidthA
Rectangle
ExtCreateRegion
CreateICA
SetBoundsRect
GetBkMode
PlgBlt
GetCurrentObject
CreateDIBitmap
SetDIBitsToDevice
CreateCompatibleBitmap
BitBlt
DeleteDC
SetTextColor
DeleteObject
GetDeviceCaps
CreateSolidBrush
SelectObject
PatBlt

comdlg32

GetSaveFileNameA
GetFileTitleA
ChooseColorW
ChooseColorA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegCreateKeyA
RegQueryValueExW
RegSetValueExW
RegQueryInfoKeyA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegQueryValueA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegCreateKeyExA
OpenProcessToken

shell32

Shell_NotifyIconA
DragQueryFileA
DragFinish
ShellExecuteExA
SHGetSpecialFolderLocation
ShellExecuteA
SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetDesktopFolder

comctl32

ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create
ImageList_GetImageInfo
ImageList_Duplicate
_TrackMouseEvent
ImageList_GetIcon
ImageList_Draw

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemAlloc
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoUninitialize
CoInitialize
CreateStreamOnHGlobal
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CoTaskMemFree
CoRevokeClassObject

olepro32

ord253
ord251

oleaut32

VariantChangeType
SysAllocStringByteLen
VariantCopy
VariantTimeToSystemTime
SysAllocStringLen
SysStringLen
VariantClear
SysAllocString
SysFreeString

ws2_32

bind
WSAGetLastError
getsockname
WSAStartup
WSACleanup
recv
send
sendto
closesocket
socket
setsockopt
htons
inet_addr
gethostbyname
connect
inet_ntoa
recvfrom
gethostname
shutdown

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA

Exports

Exports

?interfaceMap@CCustomControlSite@@1UAFX_INTERFACEMAP@@B

Sections

.text
Size: 676KB - Virtual size: 676KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HookSec
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4f631c5fd5eed3733382c6a053150f7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

ws2_32

version

wininet

Exports

Exports

Sections

.text Size: 676KB - Virtual size: 676KB

.rdata Size: 163KB - Virtual size: 163KB

.data Size: 46KB - Virtual size: 65KB

.HookSec Size: 512B - Virtual size: 4B

.rsrc Size: 220KB - Virtual size: 219KB

.text
Size: 676KB - Virtual size: 676KB

.rdata
Size: 163KB - Virtual size: 163KB

.data
Size: 46KB - Virtual size: 65KB

.HookSec
Size: 512B - Virtual size: 4B

.rsrc
Size: 220KB - Virtual size: 219KB