5a00b236a33367e8e2b07fca88a6ca06

Sharing

Copy URL Twitter E-mail

General

Target

5a00b236a33367e8e2b07fca88a6ca06
Size

6.0MB
MD5

5a00b236a33367e8e2b07fca88a6ca06
SHA1

9899f1fd377f7f87364e775be9e6a38d84bcfc95
SHA256

c568e223140acb4e3993c3f0f205b147567f6db126c1fe783cfd1f6dd092cbdf
SHA512

28543dd41ed5787962ed38105c41d9a2e180805acd8222c9a90f4639654768c487904ec6ada8dbab3add7f51e964c5cf810d452f8b4db73c00a79931fa0f677a
SSDEEP

98304:29RV4kjrAyNmRu+CxBsECj9h3bZPmou0z7GniFyFFFFFF6FFFFFL/15UjFFFFIgP:ozbj0yNms+Cxob5oQ9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a00b236a33367e8e2b07fca88a6ca06

Files

5a00b236a33367e8e2b07fca88a6ca06
.exe windows:4 windows x86 arch:x86

79c0d7832ed4ad48216cbea8720569c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

kernel32

HeapDestroy
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetProcessHeap
SetStdHandle
CreateThread
ExitThread
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc
GetDateFormatA
GetTimeFormatA
PeekNamedPipe
GetFileInformationByHandle
GetFileType
TerminateProcess
HeapReAlloc
GetSystemTimeAsFileTime
GlobalFree
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
GetOEMCP
FreeResource
GetCurrentDirectoryA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsBadReadPtr
IsBadCodePtr
GetDriveTypeA
SetEnvironmentVariableA
SetThreadLocale
GetSystemDefaultLCID
GetPrivateProfileStringA
WritePrivateProfileStringA
SetEvent
GetExitCodeThread
TerminateThread
ResumeThread
SetUnhandledExceptionFilter
GetCurrentProcessId
GetCurrentProcess
ExitProcess
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
CompareStringA
SuspendThread
ReleaseSemaphore
MulDiv
InterlockedDecrement
SetThreadPriority
SetFilePointer
WaitForMultipleObjects
ResetEvent
QueryPerformanceFrequency
QueryPerformanceCounter
GetLocalTime
GetSystemDirectoryA
GetOverlappedResult
WriteFile
ReadFile
HeapFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFlags
VirtualProtect
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
GetCurrentThread
lstrcmpiA
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetFileTime
ReleaseMutex
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalDeleteAtom
GetVersionExA
lstrcmpA
GlobalSize
LocalAlloc
CreateFileA
SetEndOfFile
SetConsoleCtrlHandler
FreeLibrary
LoadLibraryA
InterlockedIncrement
RaiseException
GetFileSize
GetTickCount
GetCurrentThreadId
GetLastError
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CloseHandle
Sleep
WaitForSingleObject
HeapAlloc
Beep
DeviceIoControl
SetLastError
GetTimeZoneInformation
FindClose
LocalFree
HeapSize
lstrlenA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
LoadResource
LockResource
SizeofResource
GetStringTypeA
SetErrorMode

advapi32

RegCloseKey
LookupPrivilegeValueW
AdjustTokenPrivileges
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
OpenProcessToken

user32

SetRectEmpty
DrawEdge
GetFocus
OffsetRect
ReleaseCapture
GetParent
GetNextDlgGroupItem
DestroyWindow
CreatePopupMenu
MessageBoxA
GetSystemMetrics
EnumWindows
SetForegroundWindow
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
DestroyIcon
GetDlgItem
GetClientRect
InvalidateRect
CallNextHookEx
UnhookWindowsHookEx
KillTimer
SetTimer
ExitWindowsEx
SetRect
GetSysColorBrush
RedrawWindow
CopyRect
GetWindowRect
PtInRect
SetCursor
GetCursorPos
GetDC
ReleaseDC
ClientToScreen
GetClassNameA
FillRect
GetDesktopWindow
GetSysColor
wsprintfA
IsWindow
UpdateWindow
FrameRect
DestroyCursor
DestroyMenu
GetNextDlgTabItem
GetActiveWindow
GetSubMenu
InflateRect
DrawFocusRect
GetIconInfo
CreateIconIndirect
SetParent
SetFocus
SetWindowPos
GetAsyncKeyState
IsWindowVisible
GetCapture
ScreenToClient
DrawFrameControl
LockWindowUpdate
GetDCEx
UnpackDDElParam
ReuseDDElParam
SetMenu
InvalidateRgn
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
WaitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ValidateRect
EndPaint
BeginPaint
SendDlgItemMessageA
GetForegroundWindow
GetLastActivePopup
GetTopWindow
GetMessageTime
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetScrollInfo
SetWindowPlacement
SystemParametersInfoA
GetWindowPlacement
EndDialog
IsWindowEnabled
MoveWindow
GetDlgCtrlID
IsDlgButtonChecked
SetDlgItemInt
GetDlgItemInt
CheckRadioButton
CheckDlgButton
GetMenuState
GetMenuItemID
SetCapture
GetMessagePos
GetWindow
GetWindowDC
MapWindowPoints
GetKeyState
GetDoubleClickTime
IsIconic
DrawIcon
FlashWindow
MessageBeep
BringWindowToTop
CreateMenu
SetActiveWindow
IntersectRect
EqualRect
WindowFromPoint
CheckMenuItem
EnableMenuItem
GetSystemMenu
RemoveMenu
GetScrollInfo
GetWindowRgn
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsZoomed
GetMenu
IsMenu
IsChild
ChildWindowFromPointEx
SubtractRect
ShowWindow
SetWindowRgn
TranslateMessage
ShowCursor
GetMenuItemCount
SetMenuDefaultItem
EnableScrollBar
SetWindowTextA
SetDlgItemTextA
GetWindowTextA
ScrollDC
CheckMenuRadioItem
AdjustWindowRectEx
DrawIconEx
IsRectEmpty
CopyIcon
ShowScrollBar
GetCaretPos

gdi32

OffsetRgn
SetRectRgn
CreatePolygonRgn
SetTextAlign
SetPixelV
SetBoundsRect
SetBitmapDimensionEx
GetBitmapDimensionEx
SetBkMode
CombineRgn
Escape
RectVisible
PtVisible
CreateRectRgn
GetViewportOrgEx
GetWindowOrgEx
GetBkColor
GetViewportExtEx
GetWindowExtEx
GetMapMode
SetBitmapBits
GetBitmapBits
SetDIBColorTable
CreateDIBSection
GdiFlush
CreateRectRgnIndirect
CreatePen
RealizePalette
GetTextColor
Ellipse
LPtoDP
CreateEllipticRgn
GetRgnBox
PatBlt
SelectPalette
CreatePatternBrush
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectClipRgn
MoveToEx
LineTo
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
GetClipBox
ExtSelectClipRgn
SetStretchBltMode
SetDIBitsToDevice
GetObjectA
GetDIBits
CreateDIBitmap
Rectangle
CreatePalette
CreateSolidBrush
Polygon
SetPixel
FillRgn
GetPixel
SetTextColor
SetBkColor
DeleteDC
CreateCompatibleBitmap
SelectObject
DeleteObject
DPtoLP
GetDeviceCaps
StretchBlt
BitBlt
CreateCompatibleDC
CreateBrushIndirect
CreateBitmap
GetStockObject

shell32

SHGetMalloc
DragFinish

winmm

timeEndPeriod
timeBeginPeriod
timeGetDevCaps
timeGetTime

ws2_32

setsockopt
ioctlsocket
accept
listen
shutdown
getpeername
connect
WSAAsyncGetHostByName
send
recv
ntohl
closesocket
bind
htonl
WSAAsyncSelect
socket
ntohs
inet_ntoa
WSASetLastError
htons
gethostbyname
inet_addr
WSAGetLastError
WSACancelAsyncRequest
WSACleanup
gethostname
WSAAccept
WSAAsyncGetHostByAddr
recvfrom
sendto
WSAStartup
WSACloseEvent
WSASocketW
gethostbyaddr
getservbyport
getservbyname
WSAConnect
WSAEnumNetworkEvents
WSACreateEvent
WSAEventSelect

crypt32

CertFreeCertificateContext
CryptEncryptMessage
CertOpenSystemStoreW
CertGetCertificateContextProperty
CertGetNameStringW
CertNameToStrW
CertFindCertificateInStore
CertCloseStore

comctl32

ImageList_Destroy
CreatePropertySheetPageW
DestroyPropertySheetPage
ImageList_SetOverlayImage
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragLeave
ImageList_EndDrag
ImageList_AddMasked
ImageList_Remove
ImageList_Create
ImageList_LoadImageW
ImageList_GetIconSize
ImageList_SetBkColor
ImageList_ReplaceIcon
ord17
_TrackMouseEvent
PropertySheetW
ImageList_GetImageInfo
ImageList_Draw
ImageList_GetIcon
ImageList_GetImageCount

shlwapi

PathStripPathW
PathAddBackslashW
PathStripToRootW
PathCanonicalizeW
PathRemoveBackslashW
PathFindFileNameW
PathGetArgsW
PathFindExtensionW
PathIsRelativeW
PathCombineW
PathRemoveFileSpecW
PathRenameExtensionW
PathMatchSpecW
PathFileExistsW
SHDeleteKeyW
PathIsUNCW
UrlUnescapeW
PathRemoveExtensionW

ole32

OleUninitialize
StgOpenStorageOnILockBytes
CoInitialize
CoInitializeSecurity
CoCreateInstance
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
StgOpenStorage
CreateStreamOnHGlobal
ReleaseStgMedium
OleDuplicateData
CoGetClassObject
CoFreeUnusedLibraries
OleInitialize
CLSIDFromProgID
CLSIDFromString
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoDisconnectObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes

oleaut32

OleCreateFontIndirect
LoadTypeLi
VariantClear
VariantInit
SysFreeString
SystemTimeToVariantTime
SysAllocStringLen
SysAllocString
SysStringLen
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
OleLoadPicture
VariantChangeType
VariantCopy
DispCallFunc
LoadRegTypeLi
SafeArrayGetElemsize
SafeArrayCreate
VariantTimeToSystemTime

urlmon

FindMimeFromData

wsock32

select

wininet

InternetSetFilePointer
InternetWriteFile
InternetCrackUrlW
InternetOpenW
InternetCloseHandle
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
HttpQueryInfoW
InternetReadFile
InternetCanonicalizeUrlW
InternetSetStatusCallbackW
HttpAddRequestHeadersW
InternetErrorDlg
InternetQueryOptionW
InternetQueryDataAvailable
InternetGetLastResponseInfoW
InternetOpenUrlW

winspool.drv

ClosePrinter

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 612KB - Virtual size: 609KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UpdateAp
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79c0d7832ed4ad48216cbea8720569c3

Headers

File Characteristics

Imports

iphlpapi

kernel32

advapi32

user32

gdi32

shell32

winmm

ws2_32

crypt32

comctl32

shlwapi

ole32

oleaut32

urlmon

wsock32

wininet

winspool.drv

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 612KB - Virtual size: 609KB

.data Size: 56KB - Virtual size: 2.2MB

UpdateAp Size: 4KB - Virtual size: 4B

.rsrc Size: 2.5MB - Virtual size: 2.5MB

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 612KB - Virtual size: 609KB

.data
Size: 56KB - Virtual size: 2.2MB

UpdateAp
Size: 4KB - Virtual size: 4B

.rsrc
Size: 2.5MB - Virtual size: 2.5MB