887f7d3895fd327ba6e9c66d699229b3

Sharing

Copy URL

Twitter E-mail

General

Target

887f7d3895fd327ba6e9c66d699229b3
Size

552KB
MD5

887f7d3895fd327ba6e9c66d699229b3
SHA1

42a169bcbb231dd9b64bd93186a4569804cd1557
SHA256

32a1e1d1164542cdf20388876a04c99e848f5b2e07ab6e593b4b491296b6ff06
SHA512

53cfa282e2691cf26f856f171d01e2ff98db498b78bc52f7a6949970abee2b2fe953669d8cf667dcf84a14916ffd8d120567d7715434ee861c6c07b1ca667a51
SSDEEP

12288:SN1gavN1gt5uN1ggJ9jN1gdw7XN1g/N1g72FyN1g5N1gpwf/kaLgq:SN7NZNXjNXzNeNM+yNgNJEaLgq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
887f7d3895fd327ba6e9c66d699229b3

Files

887f7d3895fd327ba6e9c66d699229b3
.exe windows:5 windows x86 arch:x86

bf121d177d6bc8602ed31620faffd582

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msacm32

acmMetrics

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3
__setusermatherr
memset

winmm

timeGetTime
mixerGetLineControlsA
mixerSetControlDetails
mixerOpen
mixerGetNumDevs
mixerGetLineInfoA
mixerGetDevCapsA

comctl32

ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_Write
ord17

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

GetStartupInfoA
GetModuleHandleA
GetLastError
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCurrentThreadId
SetErrorMode
LoadLibraryA
LeaveCriticalSection
GetTickCount
InitializeCriticalSection
GetVersion
GetCurrentDirectoryA
GetCPInfo
GetComputerNameA
GetCommandLineA
GetACP
FreeResource
GetOEMCP
FreeLibrary
FreeEnvironmentStringsA
FormatMessageA
FlushInstructionCache
FindResourceA
FindNextFileA
FindNextChangeNotification
FindFirstFileA
FindFirstChangeNotificationA
FindCloseChangeNotification
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsA
ExitThread
EnumSystemLocalesA
EnumCalendarInfoA
EnterCriticalSection
DuplicateHandle
DeviceIoControl
DeleteFileA
DeleteCriticalSection
CreateThread
CreateProcessA
CreateMutexA
CreateFileMappingA
CreateFileA
CreateEventA
CreateDirectoryA
CopyFileA
CompareStringW
ExitProcess

user32

CreateCaret
CopyRect
CreateDialogParamA
DefWindowProcA
DeleteMenu
DestroyCaret
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DialogBoxParamA
CloseClipboard
ClientToScreen
ChildWindowFromPoint
CheckMenuItem
CreateIcon
CharUpperA
CharToOemA
CharNextW
CharNextA
CharLowerBuffA
CharLowerA
CallWindowProcA
CallNextHookEx
BeginPaint
BeginDeferWindowPos
GetWindowLongW
CreateMenu
CreatePopupMenu
CreateWindowExA
DefFrameProcA
DispatchMessageA
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIconEx
CharUpperBuffA
DrawMenuBar
DefMDIChildProcA

gdi32

GetWinMetaFileBits
IntersectClipRect
LineTo
MaskBlt
GetWindowOrgEx
GetTextMetricsA
GetTextExtentPointA
GetTextExtentPoint32W
GetTextExtentPoint32A
GetSystemPaletteEntries
GetStockObject
MoveToEx
GetPixel
GetPaletteEntries
GetObjectA
GetNearestPaletteIndex
GetNearestColor
GetMapMode
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileBits
GetDIBits
GetDIBColorTable
GetDeviceCaps
GetDCOrgEx
GetCurrentPositionEx
GetCurrentObject
GetClipRgn
GetClipBox
GetBrushOrgEx
GetBkColor
GetBitmapBits
GdiFlush
FrameRgn
ExtTextOutW
ExtTextOutA
ExtCreatePen
ExcludeClipRect
EndDoc
Ellipse
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreateRoundRectRgn
CreateRectRgnIndirect
CreatePolygonRgn
CreatePenIndirect
CreatePalette
CreateICA
CreateHalftonePalette
CreateFontIndirectA
CreateFontA
CreateEllipticRgn
CreateDIBSection
CreateDIBitmap
CreateDCA
CreateCompatibleDC
OffsetClipRgn
PatBlt
Pie
PlayEnhMetaFile
Polygon
Polyline
EndPage
PolyPolyline
RealizePalette
Rectangle
RectVisible
RestoreDC
RoundRect
SaveDC
SelectClipRgn
GetRgnBox
TranslateCharsetInfo
TextOutA
StretchDIBits
StretchBlt
StartPage
StartDocA
SetWinMetaFileBits
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
SetTextJustification
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetMapMode
SetEnhMetaFileBits
SetDIBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SetAbortProc
SelectPalette
CopyEnhMetaFileA
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
SelectObject

winspool.drv

ClosePrinter
OpenPrinterA
EnumPrintersA
DocumentPropertiesA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
ChooseFontA

advapi32

GetUserNameA
ControlService
CreateServiceA
DeleteService
EqualSid
FreeSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetTokenInformation
LookupAccountNameA
LookupPrivilegeNameA
LookupPrivilegeValueA
OpenProcessToken
OpenSCManagerA
OpenServiceA
CloseServiceHandle
OpenThreadToken
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
StartServiceA
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegFlushKey
RegEnumValueA
RegEnumKeyExA

shell32

DragQueryFileA
ShellExecuteA
ShellExecuteExA
SHFileOperationA
SHGetFileInfoA
Shell_NotifyIconA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
DoDragDrop
OleGetClipboard
OleInitialize
OleSetClipboard
CoInitialize
StringFromCLSID
StgOpenStorage
StgIsStorageFile
StgCreateDocfile
RevokeDragDrop
ReleaseStgMedium
RegisterDragDrop
PropVariantClear
OleUninitialize
CoLockObjectExternal

oleaut32

GetErrorInfo
SafeArrayCreate
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayUnaccessData
SysAllocStringLen
SysFreeString
SysReAllocStringLen
VariantChangeType
VariantClear
VariantCopyInd
VariantInit

ws2_32

WSAAsyncSelect
socket
send
recv
WSACleanup
inet_ntoa
htons
gethostname
gethostbyname
WSAGetLastError
WSAStartup
ioctlsocket

Sections

.text
Size: 424KB - Virtual size: 423KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sif
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf121d177d6bc8602ed31620faffd582

Headers

File Characteristics

Imports

msacm32

msvcrt

winmm

comctl32

version

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

Sections

.text Size: 424KB - Virtual size: 423KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 12.1MB

.data1 Size: 4KB - Virtual size: 648B

.sif Size: 8KB - Virtual size: 4KB

.rsrc Size: 96KB - Virtual size: 94KB

.text
Size: 424KB - Virtual size: 423KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 12.1MB

.data1
Size: 4KB - Virtual size: 648B

.sif
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 96KB - Virtual size: 94KB