b33e39e060caa1cdce8299365c21cfebb88610206ec83b70a9064f9d4c2538bf

Sharing

Copy URL

Twitter E-mail

General

Target

b33e39e060caa1cdce8299365c21cfebb88610206ec83b70a9064f9d4c2538bf
Size

3.5MB
MD5

b785b4586ebb9e58a0702185bb11dc28
SHA1

1727df92f2eea0d48d404d7d745bf7b8bffe8628
SHA256

b33e39e060caa1cdce8299365c21cfebb88610206ec83b70a9064f9d4c2538bf
SHA512

7e25b4ad4eadfc58958e01dc8570c59a9d1cd5963a8e9b59c3ef6fc985d0d805b7fff0b304361a09a7f9167e8ca5af7717c1d357f55d5c68b765b2c6cb948185
SSDEEP

98304:1IoTeMtgDxxqbLWfvStz27T5M2mqLFLOAkGkzdnEVomFHKnP5:FKDxxq67T5M2HFLOyomFHKnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
b33e39e060caa1cdce8299365c21cfebb88610206ec83b70a9064f9d4c2538bf

Files

b33e39e060caa1cdce8299365c21cfebb88610206ec83b70a9064f9d4c2538bf
.exe windows:5 windows x86 arch:x86

3a79138b5eeb5ea8b19799140472acec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA

devmonitor

?DevMonitor_IsAndoidPhoneDeviceExist@@YAHPAD@Z
?DevMonitor_GetPortsDevicePortNumber@@YAHPADPAH@Z
?DevMonitor_IsPortsDeviceExist@@YAHPAD@Z

kernel32

RtlUnwind
RaiseException
GetSystemInfo
VirtualAlloc
VirtualQuery
HeapReAlloc
ExitProcess
GetModuleHandleExW
AreFileApisANSI
ExitThread
HeapSize
HeapQueryInformation
SetStdHandle
GetFileType
GetStdHandle
GetStartupInfoW
GetProcessHeap
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsValidCodePage
HeapFree
GetCommandLineA
GetConsoleMode
GetStringTypeW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDriveTypeW
ReadConsoleW
SetFilePointerEx
OutputDebugStringW
GetDateFormatW
GetTimeFormatW
LCMapStringW
WriteConsoleW
GetCurrentDirectoryW
SetEnvironmentVariableA
HeapAlloc
FindResourceExW
lstrlenA
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
GetConsoleCP
IsDebuggerPresent
GetTimeZoneInformation
SetEvent
GetLastError
CreateEventA
Sleep
WaitForSingleObject
CreateFileA
GetCommState
SetCommState
SetupComm
CreateThread
TerminateThread
CloseHandle
ResetEvent
WriteFile
GetOverlappedResult
ReadFile
ClearCommError
SetCommTimeouts
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceW
GetModuleFileNameA
InterlockedDecrement
FlushFileBuffers
GetTickCount
SuspendThread
SetThreadPriority
ResumeThread
CreatePipe
GetStartupInfoA
CreateProcessA
DeleteFileA
LocalFree
LocalAlloc
InitializeCriticalSectionAndSpinCount
LoadLibraryA
VirtualProtect
GetProfileIntA
SearchPathA
GetWindowsDirectoryA
GetTempFileNameA
GetTempPathA
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
GetCurrentDirectoryA
GetProcAddress
FreeLibrary
SetLastError
GetACP
GetCPInfo
GetOEMCP
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
InterlockedIncrement
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
FileTimeToSystemTime
FindNextFileA
FileTimeToLocalFileTime
GetThreadLocale
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
GetFileSize
FindFirstFileA
FindClose
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetVersionExA
GetCurrentThread
InterlockedExchange
CopyFileA
FormatMessageA
MulDiv
GlobalSize
GlobalAlloc
GetCurrentProcessId
GlobalFree
GlobalUnlock
GlobalLock
CompareStringA
MultiByteToWideChar
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
LoadLibraryW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
GetSystemDirectoryW
GetVersion
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DecodePointer
EncodePointer
OutputDebugStringA
GetFileAttributesW
CreateFileW

user32

LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
CharUpperBuffA
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
GetKeyboardLayout
GetUpdateRect
SetClassLongA
DestroyAcceleratorTable
ModifyMenuA
CopyIcon
GetIconInfo
GetDoubleClickTime
LockWindowUpdate
BringWindowToTop
SetCursorPos
LoadImageW
LoadImageA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetParent
PostThreadMessageA
IsClipboardFormatAvailable
GetNextDlgGroupItem
SetRect
InvalidateRgn
CopyAcceleratorTableA
CharNextA
WaitMessage
UnregisterClassA
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
IsMenu
SetMenuDefaultItem
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
WindowFromPoint
MessageBeep
DeleteMenu
LoadMenuW
ReleaseCapture
SetCapture
GetAsyncKeyState
IsZoomed
TrackMouseEvent
IntersectRect
RealChildWindowFromPoint
CopyImage
EnumDisplayMonitors
LoadCursorW
LoadCursorA
SetRectEmpty
SetLayeredWindowAttributes
MapVirtualKeyA
GetKeyNameTextA
CharUpperA
SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
SetCursor
ShowOwnedPopups
GetMessageA
DrawIconEx
IsRectEmpty
OffsetRect
InflateRect
DrawFocusRect
GetSysColorBrush
SetWindowRgn
DrawFrameControl
DrawEdge
RegisterClipboardFormatA
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
GetCursorPos
ClientToScreen
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
RemoveMenu
InsertMenuA
GetMenuState
GetMenuStringA
GetWindowThreadProcessId
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
SendDlgItemMessageA
CheckDlgButton
SetDlgItemTextA
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassLongA
SetWindowLongA
GetWindowLongA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
EnableWindow
GetParent
SendMessageA
LoadIconW
GetSystemMenu
MessageBoxA
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
GetWindowRgn
DestroyCursor
CreateMenu
InsertMenuItemA
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
SetForegroundWindow
GetForegroundWindow
MapVirtualKeyExA
IsCharLowerA
SubtractRect
InvertRect
HideCaret
FrameRect
ReuseDDElParam
UnpackDDElParam
AppendMenuA
SetTimer
PeekMessageA
KillTimer
TranslateMessage
DispatchMessageA
IsIconic
EndPaint
GetSystemMetrics
GetClientRect
DrawIcon
PostMessageA
FindWindowA
GetFocus
DrawStateA
UpdateWindow
InvalidateRect
FillRect
GetClassNameA
LoadBitmapW
RegisterWindowMessageA
GetMessagePos
GetMessageTime
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsWindow
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
GetDlgItem
GetDlgCtrlID
SetFocus
GetKeyState
GetCapture
GetMenu
SetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
TrackPopupMenu
SetActiveWindow
DestroyIcon

gdi32

GetClipBox
CopyMetaFileA
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateEllipticRgn
CreateRectRgnIndirect
CreatePatternBrush
GetBkColor
GetTextColor
ExcludeClipRect
PatBlt
CreatePolygonRgn
Polygon
Polyline
GetTextMetricsA
CreateFontIndirectA
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetMapMode
SetRectRgn
DPtoLP
CreateRoundRectRgn
CreateDIBSection
GetRgnBox
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
Rectangle
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExA
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
SetPixelV
GetTextFaceA
CreatePen
CreateHatchBrush
Escape
DeleteDC
GetTextExtentPoint32A
CreateRectRgn
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateBitmap
SetTextColor
SetBkColor
GetObjectA
GetStockObject
DeleteObject
Ellipse
CreateSolidBrush
CreateDCA

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegEnumKeyExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegEnumValueA
RegCloseKey

shell32

SHGetFileInfoA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetDesktopFolder
SHAppBarMessage
DragQueryFileA
DragFinish
ShellExecuteA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathRemoveFileSpecW
StrFormatKBSizeA
PathFindExtensionA

uxtheme

GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground
DrawThemeText

ole32

CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoInitialize
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
OleRun
CoCreateInstance
StgCreateDocfile
CoUninitialize
CoInitializeEx
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CreateStreamOnHGlobal
DoDragDrop
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
ReleaseStgMedium
CoLockObjectExternal

oleaut32

SysAllocStringByteLen
VariantInit
VariantCopy
VariantClear
SysAllocStringLen
VariantChangeType
SysStringLen
SafeArrayDestroy
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
SysFreeString
SystemTimeToVariantTime
VarUdateFromDate
VariantTimeToSystemTime
GetErrorInfo

oledlg

ord8

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipDrawImageRectI

skinplusplusdll

?InitializeSkin@@YGHPAD@Z

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 327KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 398KB - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a79138b5eeb5ea8b19799140472acec

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

devmonitor

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

skinplusplusdll

oleacc

imm32

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 327KB - Virtual size: 327KB

.data Size: 25KB - Virtual size: 120KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 398KB - Virtual size: 398KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 327KB - Virtual size: 327KB

.data
Size: 25KB - Virtual size: 120KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 398KB - Virtual size: 398KB