5b9b3fdf24d7438396e81bcabdc83b9e

Sharing

Copy URL

Twitter E-mail

General

Target

5b9b3fdf24d7438396e81bcabdc83b9e
Size

1005KB
MD5

5b9b3fdf24d7438396e81bcabdc83b9e
SHA1

6e95d1f87709b832e1ddd6491f27643c4878d099
SHA256

f53130f38c7316e6eb4868bcb0d8dc67fab69d84f4edd82f659f703f6bbd53b6
SHA512

33dc08d782e251fcfdff31bb65f5bcecf63172766c655d5c0908c2ef1f187ed6d4b68dcb788258cbbeec0d1a633ad331919aca0b2dd25c492b7decca31c3f417
SSDEEP

12288:5C1kdSYo3RO+s5i4DFoUohA4bzUwHxRMLqbmpzo87Ts8hZA2iWm/nbGjI794Og0m:M1N0+upohA2FMLqyp8YT5hZ0Wab7ptl2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b9b3fdf24d7438396e81bcabdc83b9e

Files

5b9b3fdf24d7438396e81bcabdc83b9e
.exe windows:5 windows x86 arch:x86

3440f1b4f63a04ab05dbfacfa591639e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFlags
WritePrivateProfileStringW
SetErrorMode
GetStartupInfoW
HeapFree
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
RtlUnwind
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
TlsFree
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetCurrentDirectoryA
GetDriveTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetProcessHeap
FindResourceExA
FindResourceA
FileTimeToDosDateTime
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetFullPathNameW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetFileSizeEx
GetFileAttributesW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
InterlockedDecrement
GetThreadLocale
InterlockedIncrement
GetModuleHandleA
GetCurrentProcessId
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
GetSystemInfo
GetVolumeInformationW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
GetTempFileNameW
SetThreadPriority
ExitProcess
TerminateThread
CreateThread
FreeLibrary
Sleep
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
RaiseException
LocalFree
GetCurrentProcess
GetTempPathW
lstrcatW
WriteFile
SetFilePointer
GetLocalTime
GetVersionExW
DeleteFileW
CreateDirectoryW
FormatMessageW
CreateFileW
GetModuleFileNameW
lstrcpyW
RemoveDirectoryW
CopyFileW
MulDiv
CreateMutexW
OpenMutexW
SetLastError
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetComputerNameW
FindClose
FindNextFileW
FindFirstFileW
GetTickCount
CreateFileA
ReadFile
GetFileSize
CloseHandle
WideCharToMultiByte
LockResource
lstrlenA
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
GetLastError
HeapDestroy
lstrlenW

user32

PostThreadMessageW
RegisterClipboardFormatW
MessageBeep
UnregisterClassW
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableW
LoadCursorW
GetSysColorBrush
CharUpperW
DestroyMenu
SetCursor
GetMessageW
TranslateMessage
ValidateRect
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
GetCursorPos
WindowFromPoint
CharNextW
EndPaint
BeginPaint
ClientToScreen
GrayStringW
DrawTextExW
TabbedTextOutW
GetWindowThreadProcessId
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
ShowWindow
MoveWindow
IsDialogMessageW
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
TrackPopupMenu
SetMenu
MessageBoxW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
CreateWindowExW
SendMessageW
GetWindowTextLengthW
GetWindowTextW
DestroyWindow
EqualRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
GetWindowLongW
SetWindowLongW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetMenuItemID
GetSubMenu
GetActiveWindow
CheckMenuItem
wsprintfW
wvsprintfW
SetWindowPos
GetMenuItemCount
AppendMenuW
GetDesktopWindow
DrawEdge
GetMenuState
GetDC
DrawTextW
FillRect
SetWindowTextW
GetClassNameW
EnableWindow
SetRect
LoadImageW
SetForegroundWindow
GetSystemMetrics
GetWindowDC
GetClientRect
GetWindowRect
FrameRect
InflateRect
ReleaseDC
DrawStateW
DestroyIcon
GetParent
CopyRect
GetForegroundWindow
DrawIconEx
PtInRect
GetCapture
SetCapture
InvalidateRect
ReleaseCapture
IsWindowVisible
PostMessageW
GetNextDlgGroupItem
CreatePopupMenu
SetTimer
IsIconic
DrawIcon
KillTimer
IsZoomed
IsWindow
EnableMenuItem
GetKeyState
GetFocus
UpdateWindow
EnumWindows
FindWindowExW
SetFocus
GetWindow
IsCharAlphaW
keybd_event
VkKeyScanW
IsWindowEnabled

gdi32

GetTextColor
CreateRectRgnIndirect
GetMapMode
GetRgnBox
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetTextExtentPoint32W
MoveToEx
LineTo
SetMapMode
RestoreDC
SaveDC
CreateBitmap
GetObjectW
SetTextColor
GetClipBox
CreateFontIndirectW
GetStockObject
CreatePen
GetBkColor
DeleteDC
SetBkMode
SetBkColor
DeleteObject
CreateSolidBrush
SelectObject
CreateFontW
EndDoc
EndPage
StartPage
GetDeviceCaps
StartDocW
SetPixel
BitBlt
RoundRect
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
SetViewportExtEx

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFolderPathW
SHFileOperationW
ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

StrToIntExW
PathFileExistsW
PathFileExistsA
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleUninitialize
CoTaskMemFree
CoInitialize
CoCreateInstance
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoInitializeEx
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoUninitialize
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SafeArrayDestroy
VariantCopy
SysFreeString
SysAllocString
VariantInit
VariantClear
SysStringLen
SysAllocStringLen
VariantChangeType
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime

urlmon

URLDownloadToFileW

ws2_32

gethostname
send
recv
__WSAFDIsSet
select
WSAGetLastError
connect
ioctlsocket
gethostbyname
inet_addr
getservbyname
htons
socket
closesocket
WSACleanup
WSAStartup
shutdown

wininet

FtpPutFileW
InternetConnectW
InternetOpenW
InternetCloseHandle

wpcap

pcap_findalldevs
pcap_freealldevs

Sections

.text
Size: 540KB - Virtual size: 539KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3440f1b4f63a04ab05dbfacfa591639e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

ws2_32

wininet

wpcap

Sections

.text Size: 540KB - Virtual size: 539KB

.rdata Size: 150KB - Virtual size: 149KB

.data Size: 12KB - Virtual size: 28KB

.rsrc Size: 302KB - Virtual size: 301KB

.text
Size: 540KB - Virtual size: 539KB

.rdata
Size: 150KB - Virtual size: 149KB

.data
Size: 12KB - Virtual size: 28KB

.rsrc
Size: 302KB - Virtual size: 301KB