9e8fc3ff2787e1a2bf0fb1605e387b1be6670884a4a27078dbe3e10a6c68b1b8

Sharing

Copy URL

Twitter E-mail

General

Target

9e8fc3ff2787e1a2bf0fb1605e387b1be6670884a4a27078dbe3e10a6c68b1b8
Size

2.2MB
MD5

20a9b5eea9676dbd44dfdcf104a1a4e8
SHA1

d79cc4effae499b4f0eac5c9dc8e923a272f6c91
SHA256

9e8fc3ff2787e1a2bf0fb1605e387b1be6670884a4a27078dbe3e10a6c68b1b8
SHA512

1434b989c9cddda24e9ed5f3708a6ec9349a550a43bf78bb576a25e8aa2a77671c22c6ed31e76b878f41b12a73bf3f85a6005b52d7ec679ee16bc2e6029107a5
SSDEEP

49152:9KpUhV1gjGlbqCLqIgQ55L/t7HdwcUh6ZiGwsa8DmrkE/sNgnDj5gsSUe:McgjGlblqIgQ5r79wcUh6ZiGws9akNgc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9e8fc3ff2787e1a2bf0fb1605e387b1be6670884a4a27078dbe3e10a6c68b1b8

Files

9e8fc3ff2787e1a2bf0fb1605e387b1be6670884a4a27078dbe3e10a6c68b1b8
.exe windows:5 windows x86 arch:x86

31ae73a8501b2dcf7b23fe9c4ab3d846

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathIsDirectoryA
PathRemoveFileSpecW

kernel32

HeapReAlloc
ExitThread
CreateThread
ExitProcess
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
IsValidCodePage
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStdHandle
GetStringTypeW
LCMapStringW
GetTimeZoneInformation
VirtualQuery
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetDriveTypeW
CompareStringW
WriteConsoleW
GetCurrentDirectoryW
CreateFileW
GetProcessHeap
SizeofResource
LockResource
HeapSetInformation
GetCommandLineA
HeapFree
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
GetSystemInfo
VirtualAlloc
HeapAlloc
HeapCreate
LoadResource
FindResourceW
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
Sleep
GetEnvironmentVariableA
DeleteFileA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetStartupInfoA
SetFileAttributesA
GetFileAttributesA
CopyFileA
GetLastError
SetThreadExecutionState
GetModuleFileNameA
MultiByteToWideChar
CloseHandle
SetFileTime
CreateFileA
SystemTimeToFileTime
GetSystemTime
lstrlenA
WriteFile
GetLocalTime
SetEndOfFile
SetFilePointer
GetFileSize
GetCurrentThreadId
CreateDirectoryA
GetSystemDirectoryA
lstrcpynA
lstrcpyA
SetEvent
Beep
ResetEvent
WaitForMultipleObjects
CreateEventA
PurgeComm
EscapeCommFunction
SetCommMask
GetCommModemStatus
OutputDebugStringA
ReadFile
DecodePointer
EncodePointer
RaiseException
SetCurrentDirectoryA
SetEnvironmentVariableA
RtlUnwind
SearchPathA
GetProfileIntA
GetTickCount
InitializeCriticalSectionAndSpinCount
GetTempPathA
GetTempFileNameA
GetNumberFormatA
GetWindowsDirectoryA
GetCurrentDirectoryA
SetErrorMode
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiA
FindResourceExW
GetSystemDirectoryW
GetACP
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
ClearCommError
FormatMessageA
SetCommTimeouts
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
InterlockedExchange
GetModuleHandleW
SuspendThread
ResumeThread
SetThreadPriority
GetFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
FindClose
lstrcmpA
FileTimeToSystemTime
VirtualProtect
GetCurrentProcessId
FindResourceA
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
FreeLibrary
CompareStringA
LoadLibraryW
LoadLibraryA
ActivateActCtx
DeactivateActCtx
lstrcmpW
SetLastError
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
LocalFree
lstrlenW
MulDiv
SetupComm
GetCommState
BuildCommDCBA
SetCommState
InitializeCriticalSection
DeleteCriticalSection
lstrcatA
GetModuleHandleA
GetProcAddress
GetCurrentProcess
GetStartupInfoW

user32

GetWindowRgn
DestroyCursor
SubtractRect
GetDoubleClickTime
CharUpperBuffA
CopyIcon
RegisterClipboardFormatA
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
CreateMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
PostThreadMessageA
IsMenu
MonitorFromPoint
UpdateLayeredWindow
UnionRect
MapVirtualKeyExA
IsCharLowerA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
DrawFrameControl
DrawEdge
LoadMenuW
SetClassLongA
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
DrawIconEx
GetNextDlgGroupItem
LoadImageA
CopyImage
GetIconInfo
OffsetRect
MessageBeep
NotifyWinEvent
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
IsRectEmpty
CreatePopupMenu
GetMenuDefaultItem
RedrawWindow
UnregisterClassA
DestroyIcon
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
KillTimer
SetTimer
InvalidateRect
DeleteMenu
CharUpperA
IntersectRect
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
RealChildWindowFromPoint
GetSysColorBrush
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
InflateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
ShowOwnedPopups
PostQuitMessage
GetMessageA
GetCursorPos
ValidateRect
MapVirtualKeyA
GetKeyNameTextA
ReleaseDC
GetDC
MapDialogRect
GetAsyncKeyState
GetWindowThreadProcessId
ShowWindow
MoveWindow
IsDialogMessageA
CheckDlgButton
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
IsWindowEnabled
GetNextDlgTabItem
EndDialog
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
EnableWindow
DispatchMessageA
TranslateMessage
SetCursor
LoadCursorA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetCursor
SendMessageA
MessageBoxA
GetFocus
GetParent
PostMessageA
SetWindowTextA
wsprintfA
GetWindowRect
DrawStateA
LoadBitmapW
DrawIcon
AppendMenuA
GetSystemMenu
IsIconic
GetClientRect
FlashWindow
LoadIconW
GetSystemMetrics
IsWindow
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
GetMenuStringA
GetMenuState
CheckMenuItem
EnableMenuItem
ModifyMenuA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetWindow
SetWindowPos
SetWindowLongA
GetWindowLongA
GetMenu
CallWindowProcA
DefWindowProcA
GetDlgCtrlID
GetWindowPlacement
SetWindowPlacement
PtInRect
CopyRect
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
GetSysColor
RegisterClassA
GetClassInfoA
CreateAcceleratorTableA

gdi32

OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
CreateDIBitmap
CreateCompatibleBitmap
EnumFontFamiliesA
GetTextCharsetInfo
EnumFontFamiliesExA
SetRectRgn
CombineRgn
DPtoLP
GetBkColor
CreatePalette
GetPaletteEntries
SetViewportOrgEx
RealizePalette
GetSystemPaletteEntries
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
Escape
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
OffsetRgn
GetRgnBox
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceA
GetNearestPaletteIndex
SelectObject
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
PatBlt
SetLayout
GetLayout
SetTextAlign
MoveToEx
CreateBitmap
GetTextColor
SetTextColor
CreateRectRgnIndirect
GetObjectA
SetBkColor
GetDeviceCaps
CopyMetaFileA
CreateDCA
LineTo

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey
RegQueryValueA
RegEnumKeyA

shell32

ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
SHGetFileInfoA
SHGetSpecialFolderLocation
DragFinish
DragQueryFileA
SHAppBarMessage

comctl32

ImageList_GetIconSize

ole32

DoDragDrop
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateStreamOnHGlobal
RegisterDragDrop
CoCreateGuid
CLSIDFromString
CoInitializeEx
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
OleGetClipboard
RevokeDragDrop
CoLockObjectExternal
CoTaskMemFree
CLSIDFromProgID
CoCreateInstance
OleRun
CoInitialize
CoUninitialize

oleaut32

VariantChangeType
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocString
SystemTimeToVariantTime
VarBstrFromDate
VariantTimeToSystemTime
VariantClear
VariantCopy
VariantInit

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 311KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31ae73a8501b2dcf7b23fe9c4ab3d846

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 311KB - Virtual size: 310KB

.data Size: 25KB - Virtual size: 59KB

.rsrc Size: 323KB - Virtual size: 323KB

.reloc Size: 186KB - Virtual size: 185KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 311KB - Virtual size: 310KB

.data
Size: 25KB - Virtual size: 59KB

.rsrc
Size: 323KB - Virtual size: 323KB

.reloc
Size: 186KB - Virtual size: 185KB