718f7970950ecefd161b0d2a505807d9

Sharing

Copy URL Twitter E-mail

General

Target

718f7970950ecefd161b0d2a505807d9
Size

671KB
MD5

718f7970950ecefd161b0d2a505807d9
SHA1

d65e8be2d39d9bc4e0a75642dea9cd8b3941dc9d
SHA256

d3d137f07c13271ad901cac0926fcce4f1bdda61b084afd9d7088a54e2c77e89
SHA512

9d7e671aaddd380da47499ef6a9025ce3abbf9f489f86bbcb2933d5ffbe3613c3ca0a3aa396c20f3728005bfd1d1454bb511259e6e02098ce251865598aecfc2
SSDEEP

12288:6ewTaPp1N++k4g7tBneG6WxflSTFSPvqG7mUZ9:KS+t1/JfMkn7tT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
718f7970950ecefd161b0d2a505807d9

Files

718f7970950ecefd161b0d2a505807d9
.exe windows:4 windows x86 arch:x86

21b237aa42baa350ac0204a204ba8bc6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
TerminateProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileTime
GetFileAttributesW
SetErrorMode
InterlockedIncrement
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
LocalAlloc
FileTimeToLocalFileTime
LoadLibraryW
GetModuleFileNameW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
lstrcmpiW
InterlockedDecrement
SetLastError
MulDiv
GlobalLock
GlobalUnlock
FormatMessageW
lstrcpynW
LocalFree
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetModuleHandleA
LoadLibraryA
FreeLibrary
GetModuleHandleW
GetProcAddress
GetVersionExA
ExitProcess
SetEvent
CreateEventW
CreateDirectoryW
lstrcmpW
GetFileSize
WideCharToMultiByte
WritePrivateProfileStringW
GetTempPathA
CreateFileA
ReadFile
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
DeleteFileW
DeleteFileA
FindResourceA
GlobalAlloc
CreateFileW
WriteFile
CloseHandle
GlobalFree
Sleep
LeaveCriticalSection
EnterCriticalSection
CreateThread
GetTempPathW
GetTickCount
FileTimeToSystemTime
lstrlenA
MultiByteToWideChar
WaitForSingleObject
FindResourceW
LoadResource
LockResource
SizeofResource
GetLastError
lstrlenW
lstrcatW
FindFirstFileW
FindNextFileW
FindClose
GetDriveTypeW
lstrcpyW
GetDiskFreeSpaceExW
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
HeapDestroy
InterlockedExchange

user32

MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
SetRect
IsRectEmpty
CharNextW
ReleaseCapture
SetCapture
LoadCursorW
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
GetMessageW
TranslateMessage
ValidateRect
SetCursor
PostQuitMessage
CharUpperW
wsprintfW
DestroyMenu
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetMenuItemBitmaps
ModifyMenuW
CheckMenuItem
GetMenuCheckMarkDimensions
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
CallNextHookEx
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetFocus
IsWindow
SetFocus
IsChild
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
MessageBoxW
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
PostMessageW
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
EqualRect
GetScrollInfo
PostThreadMessageW
RegisterClipboardFormatW
SetScrollInfo
GetClassInfoW
RegisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetWindowLongW
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetMenuState
GetWindowPlacement
CopyRect
PtInRect
GetWindow
LoadBitmapW
GetDlgItem
GetSystemMetrics
IsIconic
DrawIcon
GetParent
InvalidateRect
SetTimer
GetSystemMenu
AppendMenuW
GetCursorPos
TrackPopupMenu
LoadIconW
GetWindowRect
LoadMenuW
GetSubMenu
EnableMenuItem
UnregisterClassW
SendMessageW
EnableWindow
RedrawWindow
GetClientRect
SetWindowsHookExW

gdi32

CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
GetWindowExtEx
GetViewportExtEx
GetStockObject
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateSolidBrush
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
GetDeviceCaps
SetBkColor
SetTextColor
GetClipBox
CreateDCW
CreateDIBitmap
DeleteDC
DeleteObject
StretchBlt
BitBlt
CreateCompatibleDC
GetObjectW
Rectangle

comdlg32

GetSaveFileNameW
GetOpenFileNameW
GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExW
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
ExtractIconW
ShellExecuteW
DragQueryFileW
DragAcceptFiles

comctl32

ImageList_ReplaceIcon
ord17
ImageList_Destroy
ImageList_Create

shlwapi

PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoTaskMemAlloc
CoTaskMemFree
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
SysStringLen
SysFreeString
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen

ws2_32

accept
socket
bind
closesocket
ntohl
ntohs
getpeername
inet_ntoa
htonl
select
send
recv
WSACleanup
WSAStartup
htons
listen

wininet

InternetConnectW
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
FtpPutFileW

iphlpapi

GetBestInterface
GetIpAddrTable

Sections

.text
Size: 265KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21b237aa42baa350ac0204a204ba8bc6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

wininet

iphlpapi

Sections

.text Size: 265KB - Virtual size: 268KB

.rdata Size: 68KB - Virtual size: 72KB

.data Size: 8KB - Virtual size: 24KB

.rsrc Size: 328KB - Virtual size: 328KB

.text
Size: 265KB - Virtual size: 268KB

.rdata
Size: 68KB - Virtual size: 72KB

.data
Size: 8KB - Virtual size: 24KB

.rsrc
Size: 328KB - Virtual size: 328KB