86e47a3626efbea7ad634f44c527db4f

Sharing

Copy URL

Twitter E-mail

General

Target

86e47a3626efbea7ad634f44c527db4f
Size

18.1MB
MD5

86e47a3626efbea7ad634f44c527db4f
SHA1

35dd64434e9c3b52364d36fdc07518dbeb6579f7
SHA256

8f7bc45cad1174cdaf1a7b52fa15b38c243043e5dc996929a6cb158cec9ee523
SHA512

58ed27962461943d7afd9edf242c21bad10fe5f0377db9cb40031d9cac3935129fa33fd6a1b11d397a832e8b53b8bf444b2062c24de312f36c15b016f6186176
SSDEEP

393216:v+Ea8A84puEkJ05lekUW3VP0m+DoOft5eYE2/a+8aLzov3qv0iq6JmYpleUB:v+ENtHJyDUWJuj1ffM3s0iqwmYp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86e47a3626efbea7ad634f44c527db4f

Files

86e47a3626efbea7ad634f44c527db4f
.exe windows:5 windows x86 arch:x86

9086d1db86b8994290fbd520252e5647

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

getservbyname
gethostbyname
htonl
WSACleanup
WSAGetLastError
socket
__WSAFDIsSet
select
WSASetLastError
recv
send
bind
closesocket
connect
getpeername
getsockname
getsockopt
htons
ntohs
setsockopt
WSAIoctl
getaddrinfo
freeaddrinfo
accept
listen
recvfrom
WSAStartup
sendto
ioctlsocket
gethostname
shutdown

wldap32

ord301
ord147
ord133
ord79
ord127
ord142
ord145
ord219
ord46
ord14
ord216
ord208
ord41
ord118
ord26
ord27
ord167

kernel32

TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
VirtualProtect
SetErrorMode
FindResourceExW
SearchPathW
GetProfileIntW
GetFileTime
GetUserDefaultLCID
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
WaitForSingleObjectEx
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlUnwind
GetStringTypeW
LCMapStringW
GetCPInfo
GetFileSizeEx
GetFileAttributesExW
LocalAlloc
ResumeThread
SetThreadPriority
CreateEventW
GetPrivateProfileIntW
GlobalGetAtomNameW
ResetEvent
GetCurrentThread
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
lstrcmpA
GetThreadLocale
lstrcmpiW
DuplicateHandle
UnlockFile
LockFile
GetFullPathNameW
FlushFileBuffers
GlobalSize
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleA
FreeResource
EncodePointer
OutputDebugStringA
VerifyVersionInfoW
VerSetConditionMask
FormatMessageA
PeekNamedPipe
GetFileType
WaitForMultipleObjects
ExpandEnvironmentStringsA
SleepEx
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetFileSize
LocalFileTimeToFileTime
SetFileTime
SetVolumeLabelW
SetEvent
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
SetLastError
ReadFile
GetCurrentProcess
GlobalUnlock
GlobalLock
FindClose
FindNextFileW
FindFirstFileW
MoveFileExW
CopyFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
RemoveDirectoryW
GetFileAttributesW
LocalFree
FormatMessageW
SetThreadExecutionState
GetTempPathW
GetLongPathNameW
GetTempFileNameW
ReleaseMutex
CreateMutexW
GetWindowsDirectoryW
GetSystemDirectoryW
MulDiv
WriteFile
GetStdHandle
WriteConsoleW
OutputDebugStringW
SetEndOfFile
SetFilePointer
MoveFileW
DeleteFileW
GetVolumeInformationW
DefineDosDeviceW
CreateDirectoryW
DeviceIoControl
CreateFileW
GlobalFree
GlobalAlloc
CloseHandle
GetLocalTime
GlobalMemoryStatus
GetTickCount
SystemTimeToFileTime
GetSystemTime
GetCurrentThreadId
GetCurrentProcessId
GetLastError
WritePrivateProfileStringW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetCurrentDirectoryW
GetModuleFileNameW
WinExec
lstrlenW
lstrcatW
GetDiskFreeSpaceExW
GetDriveTypeW
GetLogicalDriveStringsW
Sleep
GlobalMemoryStatusEx
GetModuleHandleW
GetVersionExW
GetSystemInfo
FreeLibrary
GetProcAddress
LoadLibraryW
WideCharToMultiByte
MultiByteToWideChar
CopyFileExW
SetFileAttributesW
lstrcpyW
FindResourceW
LoadResource
LockResource
SetConsoleMode
SizeofResource
SetFilePointerEx
SetStdHandle
HeapQueryInformation
QueryPerformanceFrequency
VirtualAlloc
VirtualQuery
ExitProcess
GetACP
GetConsoleMode
ReadConsoleW
GetConsoleCP
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetConsoleCtrlHandler
FlushConsoleInputBuffer
ReadConsoleInputA

user32

SystemParametersInfoW
GetMenuItemInfoW
DestroyMenu
ShowOwnedPopups
TranslateMessage
GetMessageW
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
MapVirtualKeyW
GetKeyNameTextW
CharUpperW
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
DrawStateW
RemoveMenu
InsertMenuW
GetMenuState
GetMenuStringW
GetWindowThreadProcessId
FillRect
GetWindowDC
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
EqualRect
MapWindowPoints
ScreenToClient
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
LoadImageW
SetScrollPos
ValidateRect
EndPaint
BeginPaint
GetForegroundWindow
SetActiveWindow
GetMenuItemCount
GetMenuItemID
SetMenu
GetMenu
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
DrawEdge
DrawFocusRect
DrawIconEx
GetWindowRgn
GetSubMenu
LoadMenuW
GetNextDlgGroupItem
ReleaseCapture
ClientToScreen
WindowFromPoint
GetCapture
GetWindowLongW
UnregisterClassW
ExitWindowsEx
TrackPopupMenu
SetForegroundWindow
AppendMenuW
CreatePopupMenu
GetCursorPos
DrawIcon
IsIconic
RegisterDeviceNotificationW
LoadIconW
SendMessageTimeoutW
EnumWindows
GrayStringW
DrawTextExW
TabbedTextOutW
CopyRect
UpdateWindow
GetScrollInfo
CopyImage
SendDlgItemMessageA
GetSysColorBrush
RealChildWindowFromPoint
GetAsyncKeyState
SetLayeredWindowAttributes
EnumDisplayMonitors
TrackMouseEvent
IsZoomed
SetCapture
GetSystemMenu
DeleteMenu
SetWindowRgn
MessageBeep
NotifyWinEvent
GetMenuDefaultItem
OffsetRect
PtInRect
SetRectEmpty
SetMenuDefaultItem
IsRectEmpty
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
CharNextW
CopyAcceleratorTableW
InvalidateRgn
SetRect
ScrollWindow
DestroyIcon
GetComboBoxInfo
DestroyCursor
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
GetDoubleClickTime
InvertRect
HideCaret
GetIconInfo
WaitMessage
PostThreadMessageW
FrameRect
CopyIcon
ReuseDDElParam
UnpackDDElParam
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation
InsertMenuItemW
TranslateAcceleratorW
ModifyMenuW
CharUpperBuffW
RegisterClipboardFormatW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetClassLongW
LockWindowUpdate
BringWindowToTop
SetParent
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
GetScrollPos
ReleaseDC
GetDC
IsWindow
SetCursor
SetWindowLongW
LoadCursorW
SetTimer
KillTimer
IntersectRect
DrawTextW
GetSystemMetrics
RedrawWindow
EnableWindow
GetClientRect
SendMessageW
InvalidateRect
RegisterWindowMessageW
PostMessageW
GetWindowRect
GetParent
GetSysColor
DrawFrameControl
InflateRect
ToUnicodeEx

gdi32

GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CopyMetaFileW
CreateDCW
GetPixel
CreateRectRgnIndirect
SetRectRgn
DPtoLP
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetTextMetricsW
CreateRoundRectRgn
CreateDIBSection
GetRgnBox
EnumFontFamiliesExW
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceW
GetDeviceCaps
GetClipBox
ExcludeClipRect
DeleteDC
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
CreateBitmap
SetBkColor
DeleteObject
Rectangle
GetBkColor
GetTextColor
Escape
ExtTextOutW
RectVisible
PtVisible
TextOutW
GetMapMode
GetTextExtentPoint32W
GetStockObject
SetBkMode
SetTextColor
SelectObject
BitBlt
RoundRect
CreatePen
PatBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetObjectW
CreateFontIndirectW
CombineRgn
GetObjectType
CreateSolidBrush

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
CryptEnumProvidersA
CryptSignHashA
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptAcquireContextA
ReportEventA
RegisterEventSourceA
DeregisterEventSource
RegQueryValueW
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptEncrypt
RegCloseKey
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
CryptDecrypt
CryptReleaseContext
CryptDestroyHash
CryptDestroyKey

shell32

DragFinish
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetFolderPathW
ShellExecuteW
Shell_NotifyIconW
SHGetFileInfoW
SHGetPathFromIDListW
SHBrowseForFolderW
SHCreateDirectoryExW
DragQueryFileW
SHAppBarMessage

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathFileExistsW
PathRemoveFileSpecW
PathFindFileNameW
PathCombineW
PathIsDirectoryW
PathFindExtensionW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW

uxtheme

IsAppThemed
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetThemePartSize

ole32

CoInitializeEx
CoUninitialize
CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitialize
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoSetProxyBlanket
CoInitializeSecurity
CreateStreamOnHGlobal
StringFromGUID2
CoCreateInstance
StgCreateDocfileOnILockBytes

oleaut32

SafeArrayUnaccessData
SafeArrayGetLBound
SafeArrayGetUBound
SysAllocStringLen
VariantChangeType
LoadTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayAccessData
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
VariantClear
VariantInit
VarBstrCat
SysStringLen
SysFreeString
SafeArrayDestroy
SysAllocString

oledlg

OleUIBusyW

gdiplus

GdiplusShutdown
GdipLoadImageFromStream
GdipSetInterpolationMode
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdipDrawString
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteFont
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipGetDpiY
GdipDeleteStringFormat
GdipCreateStringFormat
GdipGraphicsClear
GdipSetSolidFillColor
GdipAddPathEllipseI
GdipResetPath
GdipDrawPath
GdipClosePathFigure
GdipAddPathArcI
GdipDeletePen
GdipCreatePen1
GdipDeletePath
GdipCreatePath
GdipFillPath
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipSetSmoothingMode
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipReleaseDC
GdipDrawImageRectI
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipCloneImage
GdipDisposeImage
GdipFillRectangleI
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateSolidFill
GdipCloneBrush
GdipAlloc
GdipDeleteBrush
GdipFree

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

crypt32

CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 909KB - Virtual size: 908KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13.8MB - Virtual size: 13.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9086d1db86b8994290fbd520252e5647

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

wldap32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

setupapi

version

oleacc

imm32

winmm

crypt32

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 909KB - Virtual size: 908KB

.data Size: 67KB - Virtual size: 107KB

.gfids Size: 107KB - Virtual size: 106KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 13.8MB - Virtual size: 13.8MB

.reloc Size: 207KB - Virtual size: 206KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 909KB - Virtual size: 908KB

.data
Size: 67KB - Virtual size: 107KB

.gfids
Size: 107KB - Virtual size: 106KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 13.8MB - Virtual size: 13.8MB

.reloc
Size: 207KB - Virtual size: 206KB