949d32ac22d934b75153a4c8e85b1ed66ec584abfb1b6c038e3b15f5ea68d8b0

Sharing

Copy URL

Twitter E-mail

General

Target

949d32ac22d934b75153a4c8e85b1ed66ec584abfb1b6c038e3b15f5ea68d8b0
Size

13.2MB
MD5

86220fc1b41eb16bab1aa789cd7ed270
SHA1

08c8dd1149ea70236df916b8456a77d72a3995b8
SHA256

949d32ac22d934b75153a4c8e85b1ed66ec584abfb1b6c038e3b15f5ea68d8b0
SHA512

6ea6381093238ec0b9e876a5724a3fd2e7c9b80141b4744c397318652d77faade5c2afe4780dacba8611a15f206fd7c506738ad237fe1dad2fcff029fef8bd76
SSDEEP

196608:fdFalMTgJul1Rw4B5Rx1DJIT0yBOSlUJQxNheKU0rrqW02:fe0d+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
949d32ac22d934b75153a4c8e85b1ed66ec584abfb1b6c038e3b15f5ea68d8b0

Files

949d32ac22d934b75153a4c8e85b1ed66ec584abfb1b6c038e3b15f5ea68d8b0
.exe windows:5 windows x86 arch:x86

5e4cb9af54c8f4d1f0c9afd35f542072

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus
ImmAssociateContext

kernel32

GetCommandLineA
GetSystemInfo
VirtualAlloc
VirtualQuery
CreateThread
ExitThread
SetStdHandle
GetFileType
HeapQueryInformation
IsValidCodePage
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetStdHandle
GetFileAttributesExW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDriveTypeW
ReadConsoleW
SetFilePointerEx
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
WriteConsoleW
OutputDebugStringW
GetCurrentDirectoryW
CreateFileW
SetEnvironmentVariableA
LockResource
LoadResource
lstrlenA
AreFileApisANSI
GetModuleHandleExW
GetSystemTimeAsFileTime
SizeofResource
FindResourceW
WideCharToMultiByte
GetLastError
Sleep
GetTempPathW
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
MultiByteToWideChar
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
SetThreadPriority
InterlockedDecrement
ExitProcess
GetModuleFileNameA
GetLocaleInfoA
InterlockedIncrement
DecodePointer
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
RaiseException
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LocalFree
FindClose
FormatMessageA
FindFirstFileA
GetCurrentProcess
WriteFile
ReadFile
CloseHandle
ClearCommError
SetupComm
EscapeCommFunction
GetCommProperties
GetCommState
GetCommTimeouts
PurgeComm
SetCommState
SetCommTimeouts
IsProcessorFeaturePresent
IsDebuggerPresent
RtlUnwind
FindResourceExW
VirtualProtect
SearchPathA
GetTempPathA
GetProfileIntA
VerifyVersionInfoA
VerSetConditionMask
GetWindowsDirectoryA
lstrcpyA
SetErrorMode
GetCurrentDirectoryA
LocalFileTimeToFileTime
GetTickCount
CreateFileA
SetPriorityClass
GetFileSizeEx
GetFileAttributesExA
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetACP
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetStringTypeExA
GetVolumeInformationA
MoveFileA
lstrcmpiA
GetShortPathNameA
LoadLibraryExA
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFileSize
FlushFileBuffers
GlobalFlags
GetUserDefaultLCID
SystemTimeToFileTime
ReplaceFileA
GetTempFileNameA
SetFileTime
GetFullPathNameA
GetFileTime
GetFileAttributesA
GetDiskFreeSpaceA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetCurrentThread
FileTimeToSystemTime
FindNextFileA
FileTimeToLocalFileTime
GetThreadLocale
GetCurrentProcessId
ResumeThread
SuspendThread
CreateEventA
WaitForSingleObject
SetEvent
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
LoadLibraryW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
FreeResource
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
EncodePointer
OutputDebugStringA
CopyFileA
GlobalFree
GlobalSize
SetLastError
LoadLibraryA
ExpandEnvironmentStringsA
Beep
GetVersionExA
GetModuleHandleA
GetLocalTime
GetProcAddress
BuildCommDCBA
GetPriorityClass
GetTimeZoneInformation

user32

GetUpdateRect
SubtractRect
GetWindowRgn
WaitMessage
RegisterClipboardFormatA
GetMenuDefaultItem
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DrawIconEx
DrawFocusRect
GetTabbedTextExtentW
GetNextDlgGroupItem
UnionRect
InvalidateRgn
CopyAcceleratorTableA
CopyImage
CharUpperA
RealChildWindowFromPoint
DestroyCursor
MapDialogRect
SetWindowContextHelpId
LoadAcceleratorsW
ShowOwnedPopups
PostQuitMessage
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
LoadCursorW
SetWindowRgn
DrawIcon
SetParent
ReuseDDElParam
UnpackDDElParam
LoadImageA
DestroyIcon
SetRectEmpty
InsertMenuItemA
CreatePopupMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
SetRect
WindowFromPoint
CharNextA
GetWindowThreadProcessId
IntersectRect
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
MapVirtualKeyA
GetKeyNameTextA
GetMessageA
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
FrameRect
CallNextHookEx
SetWindowsHookExA
GetLastActivePopup
GetTopWindow
GetClassNameA
SetWindowLongA
GetWindowLongA
EqualRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetDlgCtrlID
GetDlgItem
DeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
SendDlgItemMessageA
GetMenuItemInfoA
UnhookWindowsHookEx
GetMenuState
GetMenuStringA
LockWindowUpdate
AppendMenuA
InsertMenuA
DestroyMenu
CreateMenu
LoadBitmapW
PeekMessageA
DispatchMessageA
SendMessageA
PostMessageA
EnableWindow
GetSystemMenu
EnableMenuItem
TranslateMessage
RemoveMenu
LoadMenuW
SetClassLongA
GetWindow
UnregisterClassA
GetMenuItemCount
GetMenuItemID
GetSubMenu
DrawMenuBar
GetCapture
IsIconic
SetActiveWindow
IsZoomed
MessageBoxA
ModifyMenuA
CharUpperBuffA
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
SetLayeredWindowAttributes
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableA
ToAsciiEx
MapVirtualKeyExA
GetKeyboardLayout
GetComboBoxInfo
TrackMouseEvent
MonitorFromPoint
SetTimer
PostThreadMessageA
UpdateLayeredWindow
IsMenu
DrawFrameControl
DrawEdge
LoadImageW
DrawStateA
EnumDisplayMonitors
SetScrollInfo
UpdateWindow
InvalidateRect
GetWindowRect
GetFocus
GetSysColor
DeleteMenu
GetDC
ReleaseDC
LoadIconA
SetCursor
GetCursor
LoadCursorA
KillTimer
BringWindowToTop
InflateRect
GetParent
IsCharLowerA
IsWindowVisible
GetClientRect
LoadIconW
BeginDeferWindowPos
EndDeferWindowPos
GetKeyState
SetCapture
ReleaseCapture
GetDCEx
RedrawWindow
GetCursorPos
ClientToScreen
GetSysColorBrush
FillRect
CopyRect
OffsetRect
IsRectEmpty
PtInRect
GetClassLongA
SystemParametersInfoA
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
IsClipboardFormatAvailable
SetFocus
GetAsyncKeyState
GetKeyboardState
ToAscii
keybd_event
GetSystemMetrics
GetDesktopWindow
MessageBeep

gdi32

CreateFontIndirectA
ExtTextOutA
CreateBitmap
SetBkColor
SetTextColor
CreateRectRgnIndirect
CreateHatchBrush
CreatePatternBrush
CreateRectRgn
DeleteDC
DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetCurrentPositionEx
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
StartDocA
MoveToEx
TextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
CreateDCA
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
GetBkColor
CreateCompatibleBitmap
CreateEllipticRgn
Ellipse
CreateDIBSection
LPtoDP
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetViewportOrgEx
Rectangle
GetTextMetricsA
StretchDIBits
GetRgnBox
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextExtentPointA
GetTextExtentPoint32W
GetWindowOrgEx
GetTextFaceA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
SetDIBColorTable
CreatePolygonRgn
Polygon
Polyline
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
CopyMetaFileA
GetStockObject
CreateCompatibleDC
BitBlt
GetObjectA
CreateSolidBrush
SelectObject
EnumFontFamiliesExA
PatBlt
GetDeviceCaps
GetTextExtentPoint32A
GetTextColor
GetCurrentObject
GetCharWidthA
CreatePen
SetWindowOrgEx
CreateFontA

msimg32

TransparentBlt
AlphaBlend

winspool.drv

GetJobA
DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExW
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueA
RegQueryValueExA
RegCloseKey

shell32

SHGetFileInfoA
SHGetSpecialFolderPathA
DragQueryFileA
DragFinish
ExtractIconA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHAppBarMessage
SHBrowseForFolderA
SHGetDesktopFolder
ShellExecuteA

comctl32

ImageList_ReplaceIcon

shlwapi

PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathFindFileNameA
PathFindExtensionA

uxtheme

GetWindowTheme
GetThemeSysColor
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetCurrentThemeName
GetThemeColor
DrawThemeText
DrawThemeParentBackground

ole32

CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoCreateGuid
CoInitializeEx
CLSIDFromProgID
CLSIDFromString
OleDuplicateData
CoTaskMemAlloc
StringFromCLSID
OleRun
CoCreateInstance
CoUninitialize
CoInitialize
OleGetClipboard
CoLockObjectExternal
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoFreeUnusedLibraries
OleInitialize
RevokeDragDrop
RegisterDragDrop
DoDragDrop
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoTaskMemFree
ReleaseStgMedium
OleUninitialize

oleaut32

SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SysStringByteLen
SysAllocStringByteLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VarUdateFromDate
VariantInit
VariantClear
VariantChangeType
OleCreateFontIndirect
SysAllocString
SysStringLen
LoadTypeLi
SafeArrayGetUBound
VariantCopy
VarBstrFromDate
SafeArrayDestroy
SafeArrayCreate
SysAllocStringLen
SysFreeString
GetErrorInfo

oledlg

ord8

winmm

PlaySoundA
mciSendCommandA
waveOutGetNumDevs

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI

Sections

.text
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 659KB - Virtual size: 659KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 513KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7.6MB - Virtual size: 7.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e4cb9af54c8f4d1f0c9afd35f542072

Headers

DLL Characteristics

File Characteristics

Imports

imm32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

winmm

oleacc

gdiplus

Sections

.text Size: 4.5MB - Virtual size: 4.5MB

.rdata Size: 659KB - Virtual size: 659KB

.data Size: 144KB - Virtual size: 513KB

.rsrc Size: 7.6MB - Virtual size: 7.6MB

.reloc Size: 261KB - Virtual size: 261KB

.text
Size: 4.5MB - Virtual size: 4.5MB

.rdata
Size: 659KB - Virtual size: 659KB

.data
Size: 144KB - Virtual size: 513KB

.rsrc
Size: 7.6MB - Virtual size: 7.6MB

.reloc
Size: 261KB - Virtual size: 261KB