7437bdf50f9cd31d3fd973e730527d4f

Sharing

Copy URL Twitter E-mail

General

Target

7437bdf50f9cd31d3fd973e730527d4f
Size

409KB
MD5

7437bdf50f9cd31d3fd973e730527d4f
SHA1

ce4bf90271b368edf05c491e133eda10780226eb
SHA256

8fcdb83f621f76c424ea0560013c2b7a755e19690b30cfdc9d692553038391e9
SHA512

87f6ff3ee6e95f7d4156556bddce62c9cb56e2ec26416feb235c4cf1213f88bb25c88a9db222c4fc497b8ccc9b3064ae7657918e657bfc22d8a4836e16b9c27c
SSDEEP

6144:TGFWXnZZOosM1a7yi0b6R8DW3WFRjCWQ2Tua233mYEvXq1DyshhlZGoFbSw3uZek:T/ZZlO7yi0b6t3w7t23mXCByylZG6Je

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7437bdf50f9cd31d3fd973e730527d4f

Files

7437bdf50f9cd31d3fd973e730527d4f
.exe windows:5 windows x86 arch:x86

c55fc207c3f3cc8a491f97600b319f7f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shfolder

SHGetFolderPathW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
HeapSize
VirtualAlloc
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
GetCPInfo
GetTimeFormatA
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringW
SetEnvironmentVariableA
SetEnvironmentVariableW
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
SetStdHandle
CreateFileA
GetCurrentDirectoryA
GetDriveTypeA
TerminateProcess
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
WritePrivateProfileStringW
SystemTimeToFileTime
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetShortPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
lstrcmpiW
GetThreadLocale
GetStringTypeExW
DeleteFileW
MoveFileW
FindFirstFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
FindClose
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
GlobalGetAtomNameW
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
RaiseException
HeapReAlloc
RtlUnwind
GetStartupInfoW
SetErrorMode
GetFileSizeEx
LocalFileTimeToFileTime
GetFileAttributesExW
GetLocaleInfoW
CompareStringA
InterlockedExchange
FormatMessageW
LocalFree
GetModuleHandleA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
QueryPerformanceFrequency
QueryPerformanceCounter
lstrlenA
FindResourceExW
CreateMutexW
OpenMutexW
ReleaseMutex
GetSystemInfo
ResetEvent
GetACP
GetExitCodeThread
GlobalAlloc
MulDiv
GlobalLock
GlobalUnlock
GlobalFree
HeapFree
FreeResource
GetCurrentProcessId
OutputDebugStringA
Sleep
GetLocalTime
GetDateFormatA
SetLastError
GetCurrentThread
SetThreadPriority
GetDriveTypeW
SetFilePointer
GetFileSize
CreateFileW
ReadFile
lstrlenW
GetLastError
WaitForMultipleObjects
VirtualProtect
WriteProcessMemory
GetCurrentThreadId
GetProcessHeap
HeapAlloc
TryEnterCriticalSection
GetSystemTimeAsFileTime
CreateEventW
OutputDebugStringW
SetEvent
TerminateThread
CreateFileMappingW
MultiByteToWideChar
InterlockedIncrement
LoadLibraryW
GetProcAddress
FreeLibrary
CreateDirectoryW
GetTickCount
GetModuleHandleW
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
GetFileAttributesW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
GetModuleFileNameW
CreateThread
WaitForSingleObject
GetCurrentProcess
GetProcessWorkingSetSize
SetProcessWorkingSetSize
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetVersionExW
InterlockedDecrement
LoadResource
LockResource
SizeofResource
FindResourceW
GetTimeZoneInformation

user32

InsertMenuItemW
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorW
ShowOwnedPopups
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
DrawIcon
GetWindowThreadProcessId
ValidateRect
EndPaint
BeginPaint
IsWindowEnabled
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetForegroundWindow
SetActiveWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetClassInfoExW
AdjustWindowRectEx
SetScrollInfo
GetMenu
IntersectRect
LoadAcceleratorsW
wsprintfW
CreateWindowExW
DestroyWindow
SetWindowPos
RegisterClassW
GetClassNameW
SetWindowPlacement
GetWindowPlacement
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetKeyboardLayoutList
SetWindowTextW
GetWindowTextW
FindWindowExW
GetKeyboardLayout
IsIconic
SetWindowContextHelpId
ShowWindow
GetDlgCtrlID
GetWindowDC
IsRectEmpty
GetScrollInfo
ScreenToClient
SetWindowRgn
RegisterClipboardFormatW
InvertRect
GetClipCursor
GetCursorPos
ClipCursor
WindowFromPoint
GetCapture
GetActiveWindow
RedrawWindow
ClientToScreen
MapWindowPoints
DrawStateW
FrameRect
GetSysColor
DestroyCursor
MsgWaitForMultipleObjects
PeekMessageW
IsWindowUnicode
GetMessageA
DispatchMessageA
SetCapture
DrawFocusRect
DrawFrameControl
LoadBitmapW
PtInRect
FillRect
ReleaseCapture
GetWindow
GrayStringW
DrawTextExW
TabbedTextOutW
ReleaseDC
CharUpperW
GetMenuItemInfoW
GetSysColorBrush
MonitorFromRect
GetMonitorInfoW
DestroyMenu
LoadMenuW
ReuseDDElParam
UnpackDDElParam
SystemParametersInfoA
MapDialogRect
UnregisterClassW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
CharNextW
GetAsyncKeyState
InflateRect
LoadIconW
LoadImageW
DestroyIcon
GetIconInfo
CopyImage
GetDC
EqualRect
SetLayeredWindowAttributes
PostQuitMessage
PostThreadMessageW
IsWindowVisible
CallWindowProcW
GetMessageW
TranslateMessage
DispatchMessageW
CopyRect
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetGUIThreadInfo
SystemParametersInfoW
SetForegroundWindow
GetLastActivePopup
LoadCursorW
SetCursor
GetClassInfoW
DefWindowProcW
FlashWindowEx
SetFocus
GetFocus
SetRect
DrawTextW
GetSystemMetrics
UpdateWindow
SendMessageW
GetWindowLongW
SetWindowLongW
PostMessageW
GetWindowRect
GetDlgItem
IsWindow
EnableWindow
KillTimer
SetTimer
InvalidateRect
GetClientRect
OffsetRect
SetRectEmpty
GetParent
MoveWindow
MessageBoxW

gdi32

ExtSelectClipRgn
CreatePen
RestoreDC
SetWindowExtEx
CreateEllipticRgn
LPtoDP
Ellipse
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
SaveDC
GetClipBox
ScaleWindowExtEx
IntersectClipRect
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
MoveToEx
LineTo
SetMapMode
GetTextExtentPoint32W
CreateSolidBrush
SetPixel
GetTextMetricsW
BitBlt
SelectObject
CreateCompatibleDC
CreateFontIndirectW
ExcludeClipRect
GetWindowOrgEx
SelectClipRgn
SetWindowOrgEx
CreateFontW
GetStockObject
SetBrushOrgEx
CreateRectRgnIndirect
CreateBitmap
CreatePatternBrush
CombineRgn
CreatePolygonRgn
CreateRectRgn
CreateHalftonePalette
GetSystemPaletteEntries
CreatePalette
GetDIBColorTable
DeleteDC
CreateDIBitmap
SetBkColor
SetStretchBltMode
StretchDIBits
SelectPalette
RealizePalette
GetDIBits
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateCompatibleBitmap
GetDeviceCaps
SetTextColor
SetBkMode
GetCurrentObject
GetPixel
StretchBlt
GetObjectW
CreateDIBSection
DeleteObject

msimg32

AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

CryptDeriveKey
RegCreateKeyW
GetFileSecurityW
SetFileSecurityW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegSetValueW
CryptReleaseContext
CryptEncrypt
CryptDestroyKey
CryptCreateHash
CryptHashData
GetUserNameW
CryptDestroyHash
CryptAcquireContextW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
OpenProcessToken
GetTokenInformation
CreateWellKnownSid

shell32

ExtractIconW
SHGetFileInfoW
DragQueryFileW
DragFinish
SHGetSpecialFolderPathA
ShellExecuteExW
ShellExecuteW

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CLSIDFromProgID
CoTaskMemAlloc
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
CoTaskMemFree
StringFromGUID2
CoGetObject
StgOpenStorage
CoInitializeSecurity
CoInitializeEx
CoUninitialize
CoCreateInstance
OleRun
CLSIDFromString

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysAllocString
SysFreeString
SysAllocStringByteLen
SysStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
VariantInit
VariantClear
VariantCopy
SafeArrayDestroy
SysAllocStringLen
VariantChangeType
GetErrorInfo

urlmon

CreateURLMoniker

pdh

PdhCloseQuery
PdhOpenQueryW
PdhMakeCounterPathW
PdhLookupPerfNameByIndexW
PdhAddCounterW
PdhRemoveCounter
PdhGetFormattedCounterValue
PdhCollectQueryData

imm32

ImmGetCompositionStringW
ImmSetCompositionStringW
ImmSetOpenStatus
ImmAssociateContext
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetProperty
ImmNotifyIME
ImmGetContext
ImmReleaseContext

msvfw32

DrawDibClose
DrawDibOpen
ICImageDecompress
DrawDibDraw

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aaa1
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aaa2
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aaa3
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aa03
Size: 512B - Virtual size: 210B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0a0a
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0b0a
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0b0c
Size: 512B - Virtual size: 214B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0d0c
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0e0c
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0e1c
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 198B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c55fc207c3f3cc8a491f97600b319f7f

Headers

DLL Characteristics

File Characteristics

Imports

shfolder

version

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

urlmon

pdh

imm32

msvfw32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 1024B - Virtual size: 968B

.aaa1 Size: 121KB - Virtual size: 120KB

.aaa2 Size: 121KB - Virtual size: 120KB

.aaa3 Size: 121KB - Virtual size: 120KB

.aa03 Size: 512B - Virtual size: 210B

.0a0a Size: 512B - Virtual size: 182B

.0b0a Size: 512B - Virtual size: 204B

.0b0c Size: 512B - Virtual size: 214B

.0d0c Size: 512B - Virtual size: 236B

.0e0c Size: 512B - Virtual size: 236B

.0e1c Size: 512B - Virtual size: 236B

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 512B - Virtual size: 198B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 1024B - Virtual size: 968B

.aaa1
Size: 121KB - Virtual size: 120KB

.aaa2
Size: 121KB - Virtual size: 120KB

.aaa3
Size: 121KB - Virtual size: 120KB

.aa03
Size: 512B - Virtual size: 210B

.0a0a
Size: 512B - Virtual size: 182B

.0b0a
Size: 512B - Virtual size: 204B

.0b0c
Size: 512B - Virtual size: 214B

.0d0c
Size: 512B - Virtual size: 236B

.0e0c
Size: 512B - Virtual size: 236B

.0e1c
Size: 512B - Virtual size: 236B

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 512B - Virtual size: 198B