95e741142a22dae509e5da2bf94b9dfb

Sharing

Copy URL Twitter E-mail

General

Target

95e741142a22dae509e5da2bf94b9dfb
Size

4.0MB
MD5

95e741142a22dae509e5da2bf94b9dfb
SHA1

19806e4f7eab03570d8177f50ed6862454013cb4
SHA256

e87caff40259a05448bfcb72e066986e34f352182a7e1f6382d904c57670ad08
SHA512

39e2923e3ebc29c7ec5763d0e35f30fdcbe7f05ac0a04bc7a2fb73772a246f0515b2670e18457668c70da1e9a7d3973201981b5061ad18c2987b3acc7ab1eae4
SSDEEP

98304:xetJJeP3bKH7uBdNnHR+Hw/ngrmqCXX9O1sUAAUJU1JhBh:xyJJeP3+b+oQNO1sHJUT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95e741142a22dae509e5da2bf94b9dfb

Files

95e741142a22dae509e5da2bf94b9dfb
.exe windows:5 windows x86 arch:x86

2047cbcf02df81c27e864dfa0d191688

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostbyaddr
closesocket
shutdown
__WSAFDIsSet
select
sendto
send
recvfrom
recv
setsockopt
getsockopt
connect
listen
ntohs
getsockname
htonl
bind
htons
accept
socket
WSAGetLastError
ioctlsocket
WSACleanup
WSAStartup
ntohl
inet_addr
inet_ntoa
gethostbyname
gethostname
WSASetLastError
WSAAsyncSelect

msimg32

TransparentBlt
AlphaBlend

kernel32

ReadConsoleInputA
FindFirstFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FlushConsoleInputBuffer
GlobalMemoryStatus
SetEnvironmentVariableA
GetConsoleOutputCP
WriteConsoleA
GetConsoleMode
GetConsoleCP
IsValidLocale
QueryPerformanceCounter
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
SetConsoleCtrlHandler
GetOEMCP
GetACP
HeapCreate
IsDebuggerPresent
TerminateProcess
GetModuleFileNameA
UnhandledExceptionFilter
SetStdHandle
GetStartupInfoA
SetHandleCount
RtlUnwind
GetStdHandle
ExitThread
GetDateFormatA
GetTimeFormatA
ExitProcess
HeapSize
HeapDestroy
IsProcessorFeaturePresent
SetConsoleMode
MapViewOfFile
UnmapViewOfFile
CreateFileA
GetFileType
GetFileInformationByHandle
GetStringTypeA
EnumSystemLocalesA
GetLocaleInfoA
InterlockedExchangeAdd
LocalAlloc
InterlockedCompareExchange
TlsFree
TlsAlloc
GetSystemInfo
WaitForMultipleObjects
TlsSetValue
SetWaitableTimer
TlsGetValue
LCMapStringA
GetStringTypeExA
GetUserDefaultLCID
DuplicateHandle
CreateSemaphoreA
GetSystemTimeAsFileTime
ResetEvent
VirtualFree
VirtualAlloc
GetOverlappedResult
GetTickCount
LocalFree
FlushFileBuffers
SetEndOfFile
WriteFile
ReadFile
SetFilePointer
GetFileSize
SystemTimeToFileTime
GetFileTime
CreateFileMappingA
GetModuleHandleA
InterlockedExchange
CompareStringA
LoadLibraryA
GetProcessTimes
GlobalUnlock
GlobalLock
GetVersionExA
GetCurrentProcessId
CreateThread
SetPriorityClass
SetProcessWorkingSetSize
GetCommandLineW
GetVersion
SetUnhandledExceptionFilter
DeleteCriticalSection
InitializeCriticalSection
LoadResource
SizeofResource
GetLastError
FindClose
GetLogicalDrives
FreeLibrary
SetThreadPriority
HeapFree
GetProcessHeap
HeapAlloc
ResumeThread
SuspendThread
GetCurrentThread
GlobalFree
GlobalAlloc
GetEnvironmentVariableA
MulDiv
lstrlenA
lstrcpynA
Sleep
InterlockedDecrement
InterlockedIncrement
ReleaseSemaphore
GetCurrentThreadId
VirtualQuery
RaiseException
SetLastError
LeaveCriticalSection
EnterCriticalSection
FlushInstructionCache
GetCurrentProcess
WaitForSingleObject
CloseHandle
SetEvent
CreateEventA
GetFullPathNameA
PeekNamedPipe
GetCurrentDirectoryA
HeapReAlloc

user32

IsWindow
CopyRect
MoveWindow
GetDlgItem
GetClientRect
CreatePopupMenu
TrackPopupMenu
SetClipboardData
InvalidateRect
CloseClipboard
RedrawWindow
EmptyClipboard
OpenClipboard
SystemParametersInfoA
GetSystemMetrics
ScrollWindow
DrawFocusRect
SetDlgItemInt
GetDlgItemInt
GetSystemMenu
GetMenuDefaultItem
SetRect
GetWindowThreadProcessId
GetMenuItemID
IsWindowEnabled
ExitWindowsEx
CreateMenu
EnableMenuItem
GetWindowRect
SetWindowPos
MapWindowPoints
GetParent
GetWindow
MessageBoxA
GetProcessWindowStation
GetUserObjectInformationW
UnregisterClassA
EndDialog
SetFocus
GetActiveWindow
PtInRect
SetMenuDefaultItem
DestroyMenu
GetScrollInfo
SetCursor
ClientToScreen
ScreenToClient
GetMenuItemCount
GetSubMenu
GetMenuState
FillRect
GetSysColor
GetDC
GetKeyState
GetSysColorBrush
IsDlgButtonChecked
CallNextHookEx
UnhookWindowsHookEx
DrawFrameControl
InflateRect
FrameRect
WindowFromPoint
DrawIconEx
GetUpdateRect
BringWindowToTop
TranslateMDISysAccel
GetWindowPlacement
IsZoomed
ChildWindowFromPoint
SetMenu
IsMenu
CloseWindow
EnumWindows
SetProcessDefaultLayout
HideCaret
TranslateMessage
GetDesktopWindow
DestroyWindow
SetForegroundWindow
IsWindowVisible
ShowWindow
IsIconic
KillTimer
SetTimer
OffsetRect
CheckRadioButton
LockWindowUpdate
DrawEdge
DestroyIcon
CheckMenuItem
SetMenuInfo
GetWindowDC
TrackPopupMenuEx
MessageBeep
ReleaseCapture
SetCapture
UpdateWindow
GetCapture
GetMessagePos
LoadStringA
PostQuitMessage
DrawMenuBar
AdjustWindowRectEx
EndPaint
BeginPaint
SetRectEmpty
RemoveMenu
GetFocus
ReleaseDC
CheckDlgButton

gdi32

CreateSolidBrush
SetTextColor
GetPixel
CreateDIBSection
SetBitmapBits
GetBitmapBits
PatBlt
CreateBitmap
CreatePatternBrush
CreatePen
Polyline
Rectangle
CreateCompatibleDC
SelectObject
DeleteObject
GetBkColor
SetBkColor
DeleteDC
GetViewportOrgEx
SetStretchBltMode
StretchBlt
CreateDIBitmap
SetPixelV
SetBkMode
BitBlt
GetStockObject
GetCurrentObject
LineTo
PolylineTo
BeginPath
CloseFigure
EndPath
FillPath
SetViewportOrgEx
SetBrushOrgEx
CreateCompatibleBitmap
MoveToEx

advapi32

RegisterEventSourceA
DeregisterEventSource
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
ReportEventA

shell32

DragFinish
SHGetMalloc
SHGetDesktopFolder
SHGetSpecialFolderLocation

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
OleCreateStaticFromData
OleSetContainedObject
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
ReleaseStgMedium
CLSIDFromString

shlwapi

PathIsDirectoryW
SHDeleteKeyW

comctl32

CreatePropertySheetPageW
DestroyPropertySheetPage
ImageList_GetImageCount
ImageList_DrawIndirect
PropertySheetW
ImageList_LoadImageW
ImageList_Destroy
InitCommonControlsEx
ImageList_Draw
CreateStatusWindowW
ImageList_ReplaceIcon

iphlpapi

GetAdaptersInfo

mpr

WNetCloseEnum

shfolder

SHGetFolderPathW

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 496KB - Virtual size: 495KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

STLPORT_
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 543KB - Virtual size: 542KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2047cbcf02df81c27e864dfa0d191688

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

msimg32

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

comctl32

iphlpapi

mpr

shfolder

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.rdata Size: 496KB - Virtual size: 495KB

.data Size: 67KB - Virtual size: 192KB

STLPORT_ Size: 512B - Virtual size: 32B

.rsrc Size: 543KB - Virtual size: 542KB

.reloc Size: 180KB - Virtual size: 180KB

.text
Size: 2.7MB - Virtual size: 2.7MB

.rdata
Size: 496KB - Virtual size: 495KB

.data
Size: 67KB - Virtual size: 192KB

STLPORT_
Size: 512B - Virtual size: 32B

.rsrc
Size: 543KB - Virtual size: 542KB

.reloc
Size: 180KB - Virtual size: 180KB