aa1ebde5d4ef30afd8b42961762a23feff064b9b3e60b31d5f643c7a7282b5bc

Sharing

Copy URL

Twitter E-mail

General

Target

aa1ebde5d4ef30afd8b42961762a23feff064b9b3e60b31d5f643c7a7282b5bc
Size

2.4MB
MD5

b2b48e8a9712c27faf04cc82ba4e413b
SHA1

3845bda6109d4bddeff5d9851adbfe2d128dc9c2
SHA256

aa1ebde5d4ef30afd8b42961762a23feff064b9b3e60b31d5f643c7a7282b5bc
SHA512

55d74c9f2bd18901f829d0b32e7c2a4f3991578881130133c0513293b916f6a08e73d3a7c6f10f0a0e0b19414e8da7b8c9deb6ad87803b63f3d8d865850e63d0
SSDEEP

49152:QJ7KGkD1LXRfUpSTlV5DncdqVvZE3/1f1JttSyiINaidY9t2kMtkL22jyB:3D1bWSRPcdqVvZM/1f1JttSfIhd+t2k9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa1ebde5d4ef30afd8b42961762a23feff064b9b3e60b31d5f643c7a7282b5bc

Files

aa1ebde5d4ef30afd8b42961762a23feff064b9b3e60b31d5f643c7a7282b5bc
.exe windows:5 windows x86 arch:x86

1424070d02aa182f601eab9db8a89c40

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomW
WriteFile
GetLastError
WaitForSingleObject
CancelIo
GetOverlappedResult
CloseHandle
ReadFile
Sleep
SizeofResource
LockResource
LoadResource
FindResourceW
SetEvent
ReleaseSemaphore
CreateSemaphoreW
WaitForMultipleObjects
QueryPerformanceFrequency
QueryPerformanceCounter
OutputDebugStringW
GetLocalTime
OutputDebugStringA
CreateFileW
CreateThread
FindFirstFileW
FindNextFileW
FindClose
GetPrivateProfileIntW
GetPrivateProfileStringW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalFree
GetFileSize
GetTickCount
GetModuleHandleW
lstrlenW
GetFileAttributesW
CreateDirectoryW
FormatMessageW
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameW
GetCommandLineW
LocalFree
SetLastError
CreateMutexW
WritePrivateProfileStringW
DeleteFileW
FreeResource
LoadLibraryW
GetProcAddress
FreeLibrary
GetVersionExW
GetSystemTimes
GlobalMemoryStatusEx
lstrcmpiW
InterlockedIncrement
InterlockedDecrement
CreateWaitableTimerW
SetWaitableTimer
MulDiv
GlobalSize
CopyFileW
GetModuleHandleA
GetCurrentProcessId
GetVersionExA
lstrcmpW
LoadLibraryA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
CreateEventW
GetCurrentThreadId
GetThreadLocale
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationW
GetFullPathNameW
InterlockedExchange
CompareStringA
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
ReleaseMutex
SetThreadPriority
ResumeThread
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileSizeEx
GetFileTime
GlobalGetAtomNameW
lstrlenA
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
SetErrorMode
GetCurrentDirectoryW
lstrcpyW
GetTempFileNameW
GetTempPathW
SearchPathW
GetProfileIntW
VirtualProtect
FindResourceExW
GetStartupInfoW
HeapAlloc
HeapFree
ExitThread
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
RtlUnwind
RaiseException
ExitProcess
SetStdHandle
GetFileType
HeapSize
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA

user32

MessageBeep
IsZoomed
PostQuitMessage
GetKeyNameTextW
CharUpperW
LoadMenuW
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetForegroundWindow
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
GetMenu
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetWindowThreadProcessId
IsWindowEnabled
EndPaint
MapDialogRect
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
OffsetRect
SetWindowTextW
ToAscii
MapVirtualKeyW
ShowScrollBar
ClientToScreen
GetWindowDC
DestroyMenu
TrackPopupMenu
CreatePopupMenu
GetLastActivePopup
RegisterDeviceNotificationW
DrawIcon
IsIconic
SetForegroundWindow
ShowWindow
LoadImageW
AppendMenuW
SetWindowContextHelpId
ValidateRect
GetSystemMenu
UnregisterDeviceNotification
FillRect
SetRect
GetClientRect
TrackMouseEvent
PostMessageW
LoadIconW
GetKeyState
ReleaseCapture
SetCapture
GetDoubleClickTime
SystemParametersInfoW
InflateRect
MoveWindow
RedrawWindow
GetSysColor
CreateWindowExW
CallWindowProcW
DestroyWindow
GetWindowTextW
SetTimer
SetRectEmpty
CopyRect
SetWindowLongW
GetWindowLongW
KillTimer
ReleaseDC
GetWindowTextA
TranslateMessage
GetMessageW
ShowOwnedPopups
GetMenuItemInfoW
WindowFromPoint
GetSysColorBrush
WaitMessage
DeleteMenu
PostThreadMessageW
CopyAcceleratorTableW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
GetAsyncKeyState
DestroyAcceleratorTable
IsWindowVisible
IsWindow
GetSystemMetrics
PtInRect
GetFocus
GetDC
SetFocus
SendMessageW
FrameRect
GetWindowRect
SetWindowRgn
LoadAcceleratorsW
CreateAcceleratorTableW
NotifyWinEvent
SetParent
SetClassLongW
IsMenu
IsRectEmpty
BringWindowToTop
LockWindowUpdate
EnumChildWindows
DestroyIcon
GetParent
UpdateWindow
GetCursorPos
ScreenToClient
LoadCursorW
SetCursor
EnableWindow
FindWindowW
MessageBoxW
RegisterClipboardFormatW
DrawStateW
OpenClipboard
CopyImage
DestroyCursor
GetWindowRgn
CreateMenu
GetIconInfo
SubtractRect
CopyIcon
CharUpperBuffW
GetUpdateRect
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
IsClipboardFormatAvailable
MapVirtualKeyExW
IsCharLowerW
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
SetCursorPos
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
UnregisterClassW
GetNextDlgGroupItem
InvalidateRgn
CharNextW
EmptyClipboard
CloseClipboard
SetClipboardData
BeginPaint
InvalidateRect

gdi32

DeleteObject
CombineRgn
ExtCreateRegion
SelectObject
CreateDIBSection
GetObjectW
SetPixel
CreateFontW
PtInRegion
CreateEllipticRgn
GetPixel
CreateSolidBrush
BitBlt
CreateCompatibleBitmap
RealizePalette
SetPixelV
GetTextFaceW
EnumFontFamiliesExW
GetSystemPaletteEntries
GetNearestPaletteIndex
SetPaletteEntries
ExtFloodFill
LPtoDP
GetViewportOrgEx
GetBoundsRect
FrameRgn
FillRgn
GetWindowOrgEx
GetPaletteEntries
CreatePalette
RoundRect
Rectangle
Polygon
Ellipse
GetBkColor
SetDIBColorTable
GetTextColor
CreateRoundRectRgn
GetTextCharsetInfo
CreateDIBitmap
GetRgnBox
OffsetRgn
DPtoLP
GetMapMode
SetRectRgn
PatBlt
CreateRectRgnIndirect
GetDCOrgEx
CreateHatchBrush
CreatePen
GetObjectType
CreateBitmap
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CopyMetaFileW
GetDeviceCaps
GetTextExtentPoint32W
EnumFontFamiliesW
Polyline
RemoveFontResourceW
CreateFontIndirectW
CreateRectRgn
GetTextMetricsW
CreatePolygonRgn
GetDIBits
DeleteDC
SelectPalette
GetStockObject
StretchBlt
CreateCompatibleDC

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegDeleteValueW
RegDeleteKeyW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW
RegQueryValueW
RegEnumKeyExW
RegEnumKeyW

shell32

SHAppBarMessage
SHGetSpecialFolderPathW
SHGetSpecialFolderPathA
SHBrowseForFolderW
SHGetPathFromIDListW
CommandLineToArgvW
Shell_NotifyIconW
DragQueryFileW
DragFinish
SHGetSpecialFolderLocation
SHGetFileInfoW
ShellExecuteW

comctl32

ImageList_GetIconSize
InitCommonControlsEx

shlwapi

PathFindExtensionW
StrStrIW
StrStrIA
PathFileExistsW
StrStrW
PathStripToRootW
PathIsUNCW
PathRemoveExtensionW
PathFindFileNameW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoInitializeEx
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleLockRunning
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleGetClipboard
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoCreateGuid
CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemFree
CreateStreamOnHGlobal
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoRevokeClassObject
CoRegisterMessageFilter

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SysFreeString
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect
SysStringLen

urlmon

URLDownloadToFileW

gdiplus

GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipCreateBitmapFromHBITMAP
GdipGetAllPropertyItems
GdipGetPropertySize
GdipScaleWorldTransform
GdipGraphicsClear
GdipDrawImageI
GdipSaveImageToFile
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipImageSelectActiveFrame
GdipDrawImageRect
GdipFillRectangleI
GdipDrawLineI
GdipSetPixelOffsetMode
GdipSetInterpolationMode
GdipSetImageAttributesWrapMode
GdipCreatePath
GdipDeletePath
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipCreateSolidFill
GdipDeleteBrush
GdipFree
GdipAlloc
GdipCloneBrush
GdipFillPath
GdipResetPath
GdipDisposeImage
GdipCloneImage
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageRectRect
GdipCreateBitmapFromFile
GdipCreateHBITMAPFromBitmap
GdipCloneBitmapAreaI
GdipCreatePen1
GdipDeletePen
GdipDrawPath
GdipDrawRectangle
GdipFillRectangle
GdipSetPenColor
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipAddPathLineI
GdipIsVisiblePathPointI
GdipDrawImageRectI
GdipAddPathArcI
GdiplusStartup
GdiplusShutdown
GdipBitmapGetPixel
GdipAddPathRectangleI
GdipCreateImageAttributes
GdipDisposeImageAttributes

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

hid

HidD_GetAttributes
HidD_GetHidGuid
HidD_GetPreparsedData
HidP_GetCaps
HidD_FreePreparsedData
HidP_GetSpecificButtonCaps
HidP_GetSpecificValueCaps
HidD_SetFeature
HidD_GetFeature

wininet

DeleteUrlCacheEntryW

pdh

PdhGetRawCounterValue
PdhCollectQueryData
PdhAddCounterW
PdhOpenQueryW
PdhCalculateCounterFromRawValue
PdhCloseQuery

winmm

timeEndPeriod
timeKillEvent
PlaySoundW
timeGetDevCaps
timeBeginPeriod

ws2_32

WSAGetLastError
socket
WSAStartup
htons
inet_addr
connect
send
recv
shutdown
closesocket
WSACleanup

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
ImmGetVirtualKey

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 392KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1424070d02aa182f601eab9db8a89c40

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

urlmon

gdiplus

setupapi

hid

wininet

pdh

winmm

ws2_32

imm32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 392KB - Virtual size: 392KB

.data Size: 28KB - Virtual size: 130KB

.rsrc Size: 96KB - Virtual size: 96KB

.reloc Size: 180KB - Virtual size: 180KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 392KB - Virtual size: 392KB

.data
Size: 28KB - Virtual size: 130KB

.rsrc
Size: 96KB - Virtual size: 96KB

.reloc
Size: 180KB - Virtual size: 180KB