d8157bb0c7ff86babde328918ba0d5647fbc6b2c5dbb17ad39074c76c203a3b5

Sharing

Copy URL Twitter E-mail

General

Target

d8157bb0c7ff86babde328918ba0d5647fbc6b2c5dbb17ad39074c76c203a3b5
Size

14.5MB
MD5

77da93982398595a36eb2f41cf069bf7
SHA1

5be14e85aea5299a022b8548c969c63f7602ebea
SHA256

d8157bb0c7ff86babde328918ba0d5647fbc6b2c5dbb17ad39074c76c203a3b5
SHA512

b01b3f2b7d9b5e6f77d37e44c6b7772da5591d9a834cf48c3f33cca2a3484c6d15ba3716db6c022678e965644b168a789a9dcaa3eafeb45f36515ff86467d640
SSDEEP

393216:5VSr6JOV4FbvqxL85PEqQ4Un0QZ2jtJvZ6T:C6JOV4Fbvq9Wcq60q2jNM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d8157bb0c7ff86babde328918ba0d5647fbc6b2c5dbb17ad39074c76c203a3b5

Files

d8157bb0c7ff86babde328918ba0d5647fbc6b2c5dbb17ad39074c76c203a3b5
.exe windows:5 windows x86 arch:x86

49c0d28c5520c5684f7102598c9e7096

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

MiniDumpWriteDump

kernel32

GetProcessHeap
SetEndOfFile
SetStdHandle
WriteConsoleW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStringTypeW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetFileType
SetHandleCount
HeapCreate
HeapSize
IsValidCodePage
OutputDebugStringW
IsProcessorFeaturePresent
GetLocaleInfoW
GetStdHandle
lstrcpynW
UnhandledExceptionFilter
TerminateProcess
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCPInfo
LCMapStringW
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
MoveFileA
HeapAlloc
HeapFree
RtlUnwind
DecodePointer
EncodePointer
InitializeCriticalSection
Sleep
GetOEMCP
GetLocalTime
lstrcpyW
FormatMessageW
LocalFree
CloseHandle
GetCurrentProcess
GetCurrentProcessId
IsDebuggerPresent
GetCurrentThreadId
CreateFileW
WriteFile
SetFileTime
GetFileAttributesW
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFilePointer
GlobalAlloc
ExitProcess
MulDiv
GetTickCount
GlobalLock
GlobalUnlock
GetCurrentDirectoryW
GetACP
GetFileSize
ReadFile
WideCharToMultiByte
FreeResource
LockResource
FindNextFileW
FindFirstFileW
FindClose
CreateDirectoryW
DeleteFileW
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
GetTempPathW
LeaveCriticalSection
EnterCriticalSection
lstrlenW
FreeLibrary
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
CreateThread
LoadLibraryW
GetProcAddress
GetModuleHandleW
CopyFileW
SetUnhandledExceptionFilter

user32

SetForegroundWindow
GetKeyboardLayout
MapVirtualKeyExW
GetKeyNameTextW
GetCaretBlinkTime
CreatePopupMenu
AppendMenuW
EnableMenuItem
TrackPopupMenu
DestroyMenu
GetCaretPos
SetCaretPos
ShowCaret
HideCaret
CreateCaret
GetWindowRgn
DrawTextW
SetRect
CharPrevW
FillRect
GetWindowTextW
GetWindowTextLengthW
GetClassInfoExW
RegisterClassW
SetPropW
GetPropW
CallWindowProcW
EnableWindow
wsprintfW
IsWindowEnabled
EqualRect
GetMessageW
TranslateMessage
DrawTextA
wsprintfA
InvalidateRgn
ScreenToClient
PostQuitMessage
SetCursorPos
ClientToScreen
MoveWindow
GetWindowRect
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExW
GetSystemMetrics
PostMessageW
SetWindowTextW
GetGUIThreadInfo
SetWindowPos
GetMonitorInfoW
MonitorFromWindow
SetFocus
SetWindowRgn
DispatchMessageW
GetActiveWindow
GetWindow
GetUpdateRect
IsWindowVisible
GetSysColor
MapWindowPoints
GetFocus
IsZoomed
GetCursorPos
IsIconic
ReleaseDC
UpdateLayeredWindow
GetDC
GetClientRect
KillTimer
SetTimer
SendMessageW
ShowWindow
GetParent
CharNextW
UpdateWindow
CreateWindowExW
LoadStringW
FindWindowW
EndPaint
BeginPaint
DestroyWindow
DefWindowProcW
RegisterClassExW
LoadCursorW
SystemParametersInfoW
PtInRect
IntersectRect
OffsetRect
IsRectEmpty
SetCursor
InflateRect
ReleaseCapture
UnionRect
GetKeyState
SetWindowLongW
GetWindowLongW
InvalidateRect
IsWindow
SetCapture
CreateAcceleratorTableW
MessageBoxW
LoadImageW

gdi32

SelectObject
DeleteDC
CreateDIBSection
CreateRectRgn
DeleteObject
RestoreDC
BitBlt
SaveDC
CreateSolidBrush
CreatePatternBrush
SetTextColor
SetBkMode
SelectClipRgn
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
CreateCompatibleDC
StretchBlt
SetStretchBltMode
LineTo
MoveToEx
CreatePenIndirect
TextOutW
GetTextExtentPoint32W
GetCharABCWidthsW
SetBkColor
GetObjectA
GdiFlush
PtInRegion
GetBitmapBits
SetBitmapBits
GetTextExtentPointA
GetTextMetricsW
GetObjectW
CreateFontIndirectW
GetStockObject
PlayEnhMetaFile
CreateCompatibleBitmap
GetDeviceCaps
GetEnhMetaFileHeader
CreateDIBitmap
CreatePen
AddFontMemResourceEx
RemoveFontMemResourceEx
SetWindowOrgEx
CloseEnhMetaFile
CreateEnhMetaFileW
CombineRgn
CreateRoundRectRgn
Rectangle

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegQueryInfoKeyW
RegCreateKeyExW
RegDeleteKeyW
RegQueryValueExW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegDeleteValueW

shell32

DragQueryFileW
ShellExecuteW

ole32

OleLockRunning
CLSIDFromProgID
CLSIDFromString
ReleaseStgMedium
CreateStreamOnHGlobal
OleDuplicateData
DoDragDrop
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
OleInitialize
OleUninitialize
CoUninitialize

oleaut32

SysFreeString
VarUI4FromStr
VariantInit
VariantClear
SysAllocString

comctl32

_TrackMouseEvent
ord17
InitCommonControlsEx

gdiplus

GdipDrawPath
GdipFillRectangleI
GdipFillPath
GdipDrawString
GdipMeasureString
GdipDrawImageRectRect
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCloneBrush
GdipCloneImage
GdipCreatePen2
GdipCreateBitmapFromScan0
GdipSetPenStartCap
GdipSetPenEndCap
GdipGetImageGraphicsContext
GdipDrawLine
GdipDrawImageI
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipDrawRectangleI
GdipResetWorldTransform
GdipSetWorldTransform
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipReleaseDC
ord1
GdipAddPathLine
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipSetPenMode
GdipCreateSolidFill
GdipTranslateMatrix
GdipRotateMatrix
GdipSetImageAttributesColorMatrix
GdipDisposeImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipDeleteFont
GdipDeletePath
GdipCreatePath
GdipStringFormatGetGenericTypographic
GdipDeleteStringFormat
GdipCloneStringFormat
GdipDeletePen
GdipCreatePen1
GdipDeleteBrush
GdipDeleteMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipAlloc
GdipFree
GdipDrawImageRectI
GdipCreateFromHDC
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteGraphics
GdiplusShutdown
GdiplusStartup
GdipCreateMatrix

imm32

ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow

shlwapi

PathIsDirectoryW
PathFindFileNameW

ws2_32

WSAStartup
gethostname
gethostbyname

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 491KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13.0MB - Virtual size: 13.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49c0d28c5520c5684f7102598c9e7096

Headers

DLL Characteristics

File Characteristics

Imports

dbghelp

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

gdiplus

imm32

shlwapi

ws2_32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 266KB - Virtual size: 266KB

.data Size: 13KB - Virtual size: 491KB

.tls Size: 512B - Virtual size: 17B

.rsrc Size: 13.0MB - Virtual size: 13.0MB

.reloc Size: 147KB - Virtual size: 146KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 266KB - Virtual size: 266KB

.data
Size: 13KB - Virtual size: 491KB

.tls
Size: 512B - Virtual size: 17B

.rsrc
Size: 13.0MB - Virtual size: 13.0MB

.reloc
Size: 147KB - Virtual size: 146KB