5a1bb777d4127a871626f9276771ecca

Sharing

Copy URL

Twitter E-mail

General

Target

5a1bb777d4127a871626f9276771ecca
Size

818KB
MD5

5a1bb777d4127a871626f9276771ecca
SHA1

727930ec9e050478e53a99bef15bc035a0404dff
SHA256

e118e14e52a9fc203dc91df7ea00a8dd047379a56f9ddff0334cc16428f07d5e
SHA512

bc478bce7a24f68c585f413f5b33d8cbbade33d1f1c2b9b2c28bde4d38c4536cc958a1912a9d0cbea320e24ebfe0a4a1587e084da6950004178584e3b60555c3
SSDEEP

12288:EVWZDtv7F0izVusS8Av3KAXcpy9Hh9B2d:qQDt48Av6ECydj+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a1bb777d4127a871626f9276771ecca

Files

5a1bb777d4127a871626f9276771ecca
.exe windows:4 windows x86 arch:x86

f342e546d963ed4981b42342400681ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoTaskMemFree
StringFromIID
IIDFromString
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateBindCtx
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoDisconnectObject
CoCreateInstance
StringFromGUID2
CLSIDFromString

winmm

mmioOpenA
mmioDescend
mmioRead
mmioAscend
mmioClose

dplayx

ord1
ord2

msvfw32

DrawDibClose
DrawDibBegin
DrawDibEnd
DrawDibDraw
DrawDibGetBuffer
DrawDibProfileDisplay
DrawDibGetPalette
DrawDibSetPalette
DrawDibChangePalette
DrawDibRealize
DrawDibStart
DrawDibStop
DrawDibTime
DrawDibOpen

kernel32

GetAtomNameA
FormatMessageA
GlobalSize
CopyFileA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
ResumeThread
SuspendThread
GlobalReAlloc
FindNextFileA
FileTimeToLocalFileTime
ReleaseSemaphore
CreateMutexA
ReleaseMutex
lstrcmpA
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
LocalAlloc
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
InterlockedIncrement
GetCPInfo
GetOEMCP
GetThreadLocale
SetFileAttributesA
GetFileTime
MoveFileA
DeleteFileA
GetCurrentProcessId
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
GetShortPathNameA
SetErrorMode
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
TerminateProcess
IsDebuggerPresent
HeapFree
HeapAlloc
VirtualProtect
GetSystemInfo
VirtualQuery
HeapReAlloc
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RtlUnwind
RaiseException
ExitThread
CreateThread
HeapSize
GetStdHandle
SetConsoleCtrlHandler
GetACP
HeapDestroy
HeapCreate
FatalAppExitA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetTimeZoneInformation
GetDriveTypeA
GetLocaleInfoW
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetCurrentDirectoryA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetModuleFileNameA
MulDiv
InterlockedDecrement
GetModuleFileNameW
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcmpW
GetVersionExA
GetLocalTime
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileInformationByHandle
FileTimeToSystemTime
SetFileTime
WriteFile
GetFileAttributesA
LocalFileTimeToFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
SetFilePointer
QueryPerformanceCounter
QueryPerformanceFrequency
CreateSemaphoreA
OpenSemaphoreA
GetVersion
CompareStringA
lstrcmpiW
lstrcmpiA
InterlockedExchange
GetStringTypeExA
MultiByteToWideChar
CompareStringW
GetEnvironmentVariableA
GetStringTypeExW
lstrlenA
GetEnvironmentVariableW
LocalFree
LocalUnlock
GetModuleHandleA
SetLastError
ExitProcess
VirtualFree
ReadFile
VirtualAlloc
GetFileSize
CreateFileA
LoadLibraryA
GetProcAddress
lstrlenW
CreateDirectoryA
FindClose
FindFirstFileA
Sleep
FreeResource
GlobalLock
GlobalAlloc
GlobalFree
GlobalHandle
GlobalUnlock
GetLastError
GetTickCount
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
SetThreadPriority
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WaitForMultipleObjects
WaitForSingleObject
CloseHandle
CreateEventA
SetEvent
FlushFileBuffers

user32

DestroyMenu
GetCursorPos
TranslateMessage
GetMessageA
MsgWaitForMultipleObjects
PostQuitMessage
SetCursor
ShowOwnedPopups
GetSysColorBrush
LoadCursorA
UnregisterClassA
GetDialogBaseUnits
WindowFromPoint
WaitMessage
DeleteMenu
DestroyIcon
TranslateAcceleratorA
SetMenu
BringWindowToTop
CreatePopupMenu
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
SetParent
GetDCEx
LockWindowUpdate
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
MapVirtualKeyA
GetKeyNameTextA
ScrollWindowEx
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
RegisterWindowMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetMenuItemInfoA
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
CopyRect
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetDesktopWindow
GetMenuState
DrawIcon
GetSystemMetrics
IsIconic
CheckMenuItem
AppendMenuA
GetSystemMenu
CharUpperA
CharLowerW
CharLowerA
CharUpperW
SetTimer
KillTimer
MessageBeep
LoadIconA
GetAsyncKeyState
ChildWindowFromPoint
GetParent
IsRectEmpty
IntersectRect
ValidateRect
SetRectEmpty
InflateRect
GetMenuStringA
InsertMenuA
RemoveMenu
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
EndPaint
GetLastActivePopup
BeginPaint
ReleaseDC
GetDC
SetRect
SendDlgItemMessageA
GetMenu
EnableMenuItem
PostMessageA
UnionRect
ReleaseCapture
SetCapture
SendMessageA
PtInRect
GetWindowRect
ClientToScreen
OffsetRect
IsWindow
GetClientRect
EnableWindow
InvalidateRect
wsprintfA
EqualRect
GetScrollPos

gdi32

CreateRectRgnIndirect
PatBlt
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
SetViewportOrgEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBitmap
SetBkColor
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
SelectObject
GetDeviceCaps
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CopyMetaFileA
CreateDCA
CreateFontIndirectA
GetTextExtentPoint32A
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetTextMetricsA
CreateCompatibleBitmap
GetCharWidthA
CreateFontA
GetBkColor
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
StartDocA
GetStockObject
SetTextColor
GetClipBox
GetDCOrgEx
GetPaletteEntries
GetObjectA
GetNearestPaletteIndex
CreatePalette
StretchDIBits
SetDIBitsToDevice
RealizePalette
CreateCompatibleDC
CreatePen
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
OffsetViewportOrgEx

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegOpenKeyA
RegSetValueA
RegCloseKey
RegCreateKeyA

shell32

SHGetFileInfoA
ExtractIconA
DragFinish
DragQueryFileA
ShellExecuteA

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oleaut32

SysStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SysAllocStringByteLen
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SysStringLen
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayGetElement
SafeArrayGetDim
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
VarDateFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromDate

Sections

.text
Size: 528KB - Virtual size: 526KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f342e546d963ed4981b42342400681ea

Headers

File Characteristics

Imports

ole32

winmm

dplayx

msvfw32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oleaut32

Sections

.text Size: 528KB - Virtual size: 526KB

.rdata Size: 120KB - Virtual size: 118KB

.data Size: 24KB - Virtual size: 40KB

.rsrc Size: 60KB - Virtual size: 60KB

.text
Size: 528KB - Virtual size: 526KB

.rdata
Size: 120KB - Virtual size: 118KB

.data
Size: 24KB - Virtual size: 40KB

.rsrc
Size: 60KB - Virtual size: 60KB