fa7d6fe538f1955b9472eb9149e678f697b1326b6b2cfd9db0a5130b5bb3e998

Sharing

Copy URL Twitter E-mail

General

Target

fa7d6fe538f1955b9472eb9149e678f697b1326b6b2cfd9db0a5130b5bb3e998
Size

3.5MB
MD5

a228fb0636693a26dd0f323d268c5101
SHA1

a3ce7cb6e88277d10d1e65b45f05b1ea808e3bfb
SHA256

fa7d6fe538f1955b9472eb9149e678f697b1326b6b2cfd9db0a5130b5bb3e998
SHA512

d749250e9adafad057dc7296c182c8cd84362043cba35459f5ae82102eb416732288e6b01faacf47d42cbd72332a74f3a8c5ae712823707d34590e4f2e66bf40
SSDEEP

98304:cI+ZChFPP+opwKkflaqzvqwL6GE1b0mlppjhHLki/JF7:cIhFuKk36GE1b0Chg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa7d6fe538f1955b9472eb9149e678f697b1326b6b2cfd9db0a5130b5bb3e998

Files

fa7d6fe538f1955b9472eb9149e678f697b1326b6b2cfd9db0a5130b5bb3e998
.exe windows:5 windows x86 arch:x86

c58c989a02dbbb9941efd99a634b09b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MulDiv
LoadLibraryA
FreeResource
GlobalAddAtomW
GlobalFindAtomW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
SetThreadPriority
ResumeThread
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
OutputDebugStringA
GlobalFlags
lstrcmpiW
GlobalGetAtomNameW
VirtualProtect
FileTimeToSystemTime
lstrcpyW
FlushFileBuffers
GetFullPathNameW
GetVolumeInformationW
LockFile
SetEndOfFile
UnlockFile
DuplicateHandle
FileTimeToLocalFileTime
SystemTimeToTzSpecificLocalTime
GetWindowsDirectoryW
VerSetConditionMask
GetProfileIntW
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
InitializeSListHead
GetStringTypeW
LCMapStringW
GetCPInfo
RtlUnwind
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetCommandLineA
HeapQueryInformation
GetSystemInfo
VirtualAlloc
VirtualQuery
SetStdHandle
GetFileType
ExitProcess
GetStdHandle
GetACP
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
SetErrorMode
lstrcmpW
GlobalSize
GlobalDeleteAtom
LoadLibraryExW
GetCurrentThread
ReadFile
GetFileSize
VerifyVersionInfoW
SetFileAttributesW
CopyFileW
MoveFileExW
GetSystemDirectoryW
DeviceIoControl
GetFileTime
SizeofResource
LockResource
LoadResource
FindResourceExW
FindResourceW
GlobalFree
GlobalUnlock
GlobalLock
ProcessIdToSessionId
GlobalAlloc
LocalAlloc
GetUserDefaultLangID
SetCurrentDirectoryW
GetCurrentDirectoryW
GetComputerNameExW
WideCharToMultiByte
DeleteFileW
FindClose
FindNextFileW
FindFirstFileW
GetLocaleInfoW
GetUserDefaultLCID
GetSystemDefaultUILanguage
GetSystemDefaultLCID
FlushViewOfFile
OpenFileMappingW
GlobalMemoryStatusEx
GetStartupInfoW
CreatePipe
WaitForMultipleObjects
TryEnterCriticalSection
GetEnvironmentVariableW
PeekNamedPipe
WaitNamedPipeW
DisconnectNamedPipe
ConnectNamedPipe
CreateNamedPipeW
GetFileSizeEx
GetShortPathNameW
CreateDirectoryW
OpenMutexW
GetFileAttributesW
GetSystemTime
GetLocalTime
SetEvent
ResetEvent
OpenEventW
CreateEventW
TerminateThread
GetCurrentProcess
GetExitCodeProcess
GetExitCodeThread
CreateThread
GetDiskFreeSpaceExW
GetTempPathW
GetVersionExW
UnmapViewOfFile
ReleaseMutex
MapViewOfFile
CreateFileMappingW
WaitForSingleObject
CreateMutexW
LocalFree
FormatMessageW
SearchPathW
GetLongPathNameW
GetTempFileNameW
GetCommandLineW
GetFileAttributesExW
OpenProcess
GetCurrentThreadId
OutputDebugStringW
WriteFile
SetFilePointer
Sleep
CreateFileW
GetTickCount
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
InitializeCriticalSection
ExpandEnvironmentStringsW
QueryPerformanceFrequency
GetCurrentProcessId
QueryPerformanceCounter
SetLastError
GetModuleHandleW
GetModuleHandleA
lstrcmpA
EncodePointer
InterlockedExchange
GetPrivateProfileStringA
WritePrivateProfileStringA
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
FreeLibrary
SetThreadUILanguage
GetProcAddress
GetUserDefaultUILanguage
LoadLibraryW
CloseHandle
CreateProcessW
CompareStringW
GetModuleFileNameW

user32

GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
GetUpdateRect
EnumChildWindows
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
GrayStringW
DrawTextExW
DrawTextW
NotifyWinEvent
FillRect
DrawFocusRect
InvalidateRect
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
OffsetRect
SetRectEmpty
SendDlgItemMessageA
LoadMenuW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetParent
GetClassLongW
SetWindowLongW
GetWindowLongW
PtInRect
EqualRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxW
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
CloseClipboard
ShowScrollBar
CopyAcceleratorTableW
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetMenuDefaultItem
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
CopyRect
GetClientRect
ReleaseDC
GetDC
MapVirtualKeyW
GetKeyNameTextW
IsWindow
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
PostQuitMessage
EnableWindow
SendMessageW
PostMessageW
IsWindowVisible
GetAsyncKeyState
WaitForInputIdle
MsgWaitForMultipleObjectsEx
OpenClipboard
SetParent
SetWindowRgn
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
PostThreadMessageW
SendMessageCallbackW
MsgWaitForMultipleObjects
AllowSetForegroundWindow
ExitWindowsEx
CloseDesktop
OpenDesktopW
SetThreadDesktop
GetThreadDesktop
SetProcessWindowStation
SetClassLongW
EnumDisplayMonitors
SetLayeredWindowAttributes
GetMenuDefaultItem
GetProcessWindowStation
CloseWindowStation
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
UnionRect
ReuseDDElParam
OpenWindowStationW
EndPaint
LockWindowUpdate
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
DrawIcon
FrameRect
CopyIcon
SetCursorPos
BringWindowToTop
GetSystemMenu
IsZoomed
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
GetScrollRange
FlashWindowEx
SetClipboardData
CreatePopupMenu
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DrawIconEx
IsRectEmpty
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
CharUpperW
LoadImageW
DestroyIcon
TrackMouseEvent
MapDialogRect
GetMenuItemInfoW
DestroyMenu
IntersectRect
InflateRect
LoadCursorW
TabbedTextOutW
GetSystemMetrics
SetRect
MessageBeep
IsClipboardFormatAvailable
KillTimer
SetTimer
RealChildWindowFromPoint
DeleteMenu
GetWindowThreadProcessId
SetCursor
ShowOwnedPopups
GetCursorPos
TranslateMessage
GetMessageW
SystemParametersInfoW
CopyImage
ClientToScreen
SetPropW
GetWindowDC
GetSysColorBrush

ole32

OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoInitializeEx
CreateStreamOnHGlobal
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoCreateGuid
CLSIDFromString
CoCreateInstance
OleUninitialize
OleInitialize
CoInitializeSecurity
CoSetProxyBlanket
CoUninitialize
CoInitialize

msimg32

AlphaBlend
GradientFill
TransparentBlt

comctl32

ord17

shlwapi

StrFormatKBSizeW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathIsFileSpecW
PathFindFileNameW
PathFindExtensionW

uxtheme

GetThemeSysColor
GetWindowTheme
CloseThemeData
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
DrawThemeParentBackground
DrawThemeText
IsAppThemed
GetThemePartSize
DrawThemeBackground
OpenThemeData

psapi

EnumProcesses
GetModuleFileNameExW
EnumProcessModules
GetModuleBaseNameW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

msi

ord72
ord94
ord88
ord49
ord19
ord32
ord159
ord116
ord137
ord8
ord232
ord160
ord114
ord118
ord205
ord141
ord70

gdi32

GetClipBox
CreateSolidBrush
ExcludeClipRect
GetObjectType
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
GetTextMetricsW
SelectObject
CreateCompatibleDC
BitBlt
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
DeleteDC
CreateBitmap
GetObjectW
SetTextColor
SetBkColor
PatBlt
CreateRectRgnIndirect
GetDeviceCaps
CreateDCW
CopyMetaFileW
Escape
GetTextFaceW
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
DPtoLP
CombineRgn
SetRectRgn
GetTextExtentPoint32W
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
DeleteObject

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

SetEntriesInAclW
RegEnumKeyExW
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
OpenProcessToken
CheckTokenMembership
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
BackupEventLogW
CloseEventLog
OpenEventLogW
FreeSid
AllocateAndInitializeSid
CreateProcessAsUserW
RegQueryValueW
RegEnumValueW
ChangeServiceConfigW
QueryServiceConfigW
ControlService
StartServiceW
QueryServiceStatus
CloseServiceHandle
OpenServiceW
OpenSCManagerW
GetUserNameW
RegQueryInfoKeyW
RegQueryValueExW

shell32

DragFinish
DragQueryFileW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHBrowseForFolderW
ShellExecuteW
SHGetFileInfoW
ExtractIconW
CommandLineToArgvW
SHGetFolderPathW
SHAppBarMessage
ShellExecuteExW
SHGetPathFromIDListW
SHGetSpecialFolderPathW

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
LoadTypeLi
VariantCopy
VarBstrFromDate
VariantInit
VariantClear
VariantChangeType
SysAllocStringLen
SysAllocString
SysFreeString

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

secur32

GetUserNameExW

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 393KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 745KB - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 700KB - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c58c989a02dbbb9941efd99a634b09b7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

msimg32

comctl32

shlwapi

uxtheme

psapi

oleacc

imm32

winmm

msi

gdi32

winspool.drv

advapi32

shell32

oleaut32

version

secur32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 393KB - Virtual size: 392KB

.data Size: 24KB - Virtual size: 60KB

.gfids Size: 105KB - Virtual size: 105KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 745KB - Virtual size: 744KB

.reloc Size: 700KB - Virtual size: 704KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 393KB - Virtual size: 392KB

.data
Size: 24KB - Virtual size: 60KB

.gfids
Size: 105KB - Virtual size: 105KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 745KB - Virtual size: 744KB

.reloc
Size: 700KB - Virtual size: 704KB