44df324fb6c5394ebf59fd5e82c3a5c5ce70d8e0d3f12f34cbbf9085646bc556

Sharing

Copy URL Twitter E-mail

General

Target

44df324fb6c5394ebf59fd5e82c3a5c5ce70d8e0d3f12f34cbbf9085646bc556
Size

3.2MB
MD5

7e8dc6caf1fa7f3093d27698e497dca5
SHA1

2245115c8be8ff5dab8de2141eebd44c3d9ee95f
SHA256

44df324fb6c5394ebf59fd5e82c3a5c5ce70d8e0d3f12f34cbbf9085646bc556
SHA512

782766abd81c1a003350b214e63f9d200bd2d91dab15fed3dd1d0fd373cfddb2f7af8c21efb8c352b2812c26f6ead57643f3f9591ec2b4dd820d420c7255fb6c
SSDEEP

49152:pc2es+/JEex7DxWsfOcLPCJ6wGRw+XoHeI1b1N5y3Je0sfA+t8PImak:pc2ejYsfO96Y9/ycZfAIcI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44df324fb6c5394ebf59fd5e82c3a5c5ce70d8e0d3f12f34cbbf9085646bc556

Files

44df324fb6c5394ebf59fd5e82c3a5c5ce70d8e0d3f12f34cbbf9085646bc556
.exe windows:5 windows x64 arch:x64

80ac0e87e005d69610883fc480394831

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

SetFileTime
WriteFile
CreateDirectoryA
GetFileAttributesA
LocalFileTimeToFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
SetFilePointer
MulDiv
GetCurrentDirectoryW
SearchPathA
Sleep
WinExec
WritePrivateProfileStringA
CreateMutexA
DeleteFileA
GetModuleFileNameA
lstrcatA
lstrcpyA
ActivateActCtx
GetProcAddress
GetModuleHandleA
LoadLibraryA
FindFirstFileExA
GetDriveTypeA
FreeLibrary
GetFileInformationByHandle
DeactivateActCtx
SetLastError
MultiByteToWideChar
lstrlenW
LocalFree
FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
CopyFileA
GlobalFree
GlobalReAlloc
lstrcmpA
lstrcmpW
lstrcpyW
GetThreadLocale
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
FreeResource
FindResourceA
GetCurrentProcessId
LoadLibraryW
CompareStringA
GetVersionExA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
CreateEventA
VirtualProtect
GetModuleHandleW
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GetPrivateProfileIntA
GetPrivateProfileStringA
lstrcmpiA
ReplaceFileA
GetFileTime
GetTempFileNameA
GetFullPathNameA
GetDiskFreeSpaceA
GetStringTypeExA
MoveFileA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
InitializeCriticalSection
TlsAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
FileTimeToSystemTime
GlobalFlags
GetCPInfo
GetOEMCP
GetACP
FindResourceExW
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileSizeEx
SetErrorMode
GetWindowsDirectoryA
GetNumberFormatA
GetTempPathA
GetProfileIntA
InitializeCriticalSectionAndSpinCount
DecodePointer
EncodePointer
HeapFree
HeapAlloc
GetCommandLineA
GetStartupInfoW
RtlLookupFunctionEntry
RtlUnwindEx
RaiseException
RtlPcToFileHeader
VirtualAlloc
SetThreadStackGuarantee
VirtualQuery
HeapReAlloc
ExitThread
CreateThread
SetStdHandle
GetFileType
ExitProcess
HeapQueryInformation
HeapSize
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
IsValidCodePage
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
LCMapStringW
GetConsoleCP
GetConsoleMode
GetStdHandle
GetStringTypeW
HeapSetInformation
GetVersion
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetTimeZoneInformation
CompareStringW
WriteConsoleW
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
FindClose
FindFirstFileA
GetSystemInfo
UnmapViewOfFile
CloseHandle
GetLastError
CreateFileA
lstrlenA
lstrcpynA
WaitForSingleObject
GetTickCount
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetDriveTypeW

user32

SetRect
WindowFromPoint
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
GetMenuItemInfoA
SystemParametersInfoA
GetAsyncKeyState
MapDialogRect
GetKeyNameTextA
MapVirtualKeyA
PostQuitMessage
RegisterClipboardFormatA
SetWindowContextHelpId
ShowOwnedPopups
IsClipboardFormatAvailable
CountClipboardFormats
InSendMessage
SetParent
IsRectEmpty
CharUpperA
GetSysColorBrush
CopyAcceleratorTableA
InvalidateRgn
RealChildWindowFromPoint
SetWindowRgn
UnregisterClassA
DrawIcon
EnumDisplayMonitors
SetLayeredWindowAttributes
DeleteMenu
GetSystemMenu
UnionRect
GetNextDlgGroupItem
SendNotifyMessageA
WaitMessage
LoadAcceleratorsW
CreateMenu
DrawStateA
DrawEdge
DrawFrameControl
DrawIconEx
MonitorFromPoint
EnableScrollBar
UpdateLayeredWindow
IsMenu
NotifyWinEvent
SetClassLongPtrA
DestroyAcceleratorTable
GetMenuDefaultItem
InvertRect
GetIconInfo
CopyImage
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableA
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
GetUpdateRect
CharUpperBuffA
SubtractRect
FrameRect
IsCharLowerA
MapVirtualKeyExA
GetWindowRgn
TranslateAcceleratorA
TranslateMDISysAccel
BringWindowToTop
GetActiveWindow
DrawMenuBar
CreateWindowExA
DefMDIChildProcA
GetMenu
DefFrameProcA
GetDlgItem
OffsetRect
GetDlgCtrlID
CharNextA
GetDesktopWindow
GetMessageA
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
EnableWindow
InvalidateRect
LoadImageA
DestroyIcon
LoadAcceleratorsA
InsertMenuItemA
UpdateWindow
IsWindow
SendMessageA
IntersectRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
CheckMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CheckDlgButton
RegisterWindowMessageA
LoadIconW
LoadIconA
SendDlgItemMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
SetFocus
SetWindowLongA
GetWindowTextA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
GetWindowTextLengthA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
GetClassInfoExA
GetClassInfoA
RegisterClassA
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxA
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetRectEmpty
GetSystemMetrics
GetKeyState
SetCursor
TranslateMessage
ValidateRect
UnpackDDElParam
ReuseDDElParam
LoadMenuA
GetMenuState
DestroyMenu
LoadCursorA
DestroyCursor
BeginDeferWindowPos
EndDeferWindowPos
SetScrollPos
GetScrollPos
IsChild
SetCapture
GetCapture
ScreenToClient
SetCursorPos
ReleaseCapture
EqualRect
InflateRect
LoadCursorW
ReleaseDC
GetDC
MessageBeep
UnhookWindowsHookEx
AdjustWindowRectEx
RedrawWindow
HideCaret
SetWindowPos
GetCursorPos
EnableMenuItem
GetSubMenu
LoadMenuW
IsZoomed
wsprintfA
GetWindow
LoadBitmapW
PtInRect
GetWindowLongA
DrawFocusRect
FillRect
CopyRect
LockWindowUpdate
GetSysColor
GetParent
PostThreadMessageA
IsIconic
PostMessageA
GetWindowRect
GetFocus
IsWindowVisible
AppendMenuA
CreatePopupMenu
ClientToScreen
KillTimer
SetTimer
GetClientRect

gdi32

CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectClipRgn
CopyMetaFileA
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateCompatibleBitmap
SetPixelV
GetTextFaceA
CreateFontIndirectA
GetTextExtentPoint32A
GetObjectA
CreateCompatibleDC
BitBlt
GetStockObject
StretchDIBits
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
SetPaletteEntries
ExtFloodFill
GetViewportOrgEx
StretchBlt
DeleteDC
CreateFontA
GetCharWidthA
DeleteObject
GetTextMetricsA
SelectObject
PatBlt
GetTextColor
GetBkColor
CreateDCA
SetDIBColorTable
SetPixel
Rectangle
OffsetRgn
CreateRoundRectRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Polyline
CreatePolygonRgn
GetWindowOrgEx
EnumFontFamiliesExA
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
Ellipse
LPtoDP
CreateEllipticRgn
GetMapMode
CombineRgn
SetRectRgn
CreateDIBSection
GetRgnBox
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
DPtoLP
CreateRectRgnIndirect
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
SelectPalette
CreateBitmap
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetDeviceCaps

shell32

SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
SHAppBarMessage
ShellExecuteA
SHAddToRecentDocs
SHGetFileInfoA
DragAcceptFiles
DragFinish
DragQueryFileA

odbc32

ord68
ord72
ord4
ord44
ord47
ord50
ord40
ord18
ord8
ord67
ord54
ord51
ord45
ord17
ord41
ord10
ord61
ord3
ord16
ord2
ord1
ord15
ord9
ord14
ord20
ord48
ord49
ord11
ord19
ord12
ord46
ord13
ord59
ord43
ord5

msimg32

AlphaBlend
TransparentBlt

comctl32

ImageList_DrawEx
ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW

oledlg

ord4
ord8
ord11
ord3

wldap32

ord41
ord27
ord301
ord33
ord79
ord35
ord32
ord200
ord30
ord26
ord50
ord60
ord143
ord211
ord22
ord46

ws2_32

bind
ntohs
htons
setsockopt
WSAIoctl
recv
select
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup
getsockopt
getpeername
closesocket
socket
connect
freeaddrinfo
getaddrinfo
sendto
recvfrom
accept
listen
ioctlsocket
gethostname
htonl
ntohl
getsockname
send

crypt32

CertFreeCertificateContext

gdiplus

GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA
GetJobA

comdlg32

GetFileTitleA

advapi32

RegDeleteValueA
CryptImportKey
CryptEncrypt
CryptDestroyKey
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegEnumKeyExA
RegEnumValueA
RegCloseKey
RegSetValueA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA

ole32

IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
DoDragDrop
RegisterDragDrop
RevokeDragDrop
OleGetClipboard
OleSetMenuDescriptor
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
CreateItemMoniker
CoLockObjectExternal
GetRunningObjectTable
OleIsRunning
StgIsStorageFile
StgOpenStorage
CreateFileMoniker
CreateILockBytesOnHGlobal
StgCreateDocfile
CoDisconnectObject
OleRegGetMiscStatus
OleRegEnumVerbs
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoCreateGuid
CoInitializeEx
CoUninitialize
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CreateGenericComposite
OleGetIconOfClass
OleCreateLinkToFile
OleCreateFromFile
OleSetContainedObject
GetHGlobalFromILockBytes
OleLoad
OleCreate
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleLockRunning
CreateStreamOnHGlobal
OleSaveToStream
WriteClassStm
OleSave
CoRegisterMessageFilter
CoRevokeClassObject
CoInitialize
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleTranslateAccelerator

oleaut32

VariantCopy
SafeArrayDestroy
VarBstrFromDate
VariantInit
SysAllocString
VariantClear
SysStringLen
VariantChangeType
OleCreateFontIndirect
SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringByteLen
SysFreeString

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 760KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80ac0e87e005d69610883fc480394831

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

odbc32

msimg32

comctl32

shlwapi

oledlg

wldap32

ws2_32

crypt32

gdiplus

oleacc

imm32

winmm

winspool.drv

comdlg32

advapi32

ole32

oleaut32

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 760KB - Virtual size: 760KB

.data Size: 42KB - Virtual size: 91KB

.pdata Size: 110KB - Virtual size: 110KB

text Size: 3KB - Virtual size: 2KB

data Size: 2KB - Virtual size: 1KB

.rsrc Size: 169KB - Virtual size: 168KB

.reloc Size: 89KB - Virtual size: 88KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 760KB - Virtual size: 760KB

.data
Size: 42KB - Virtual size: 91KB

.pdata
Size: 110KB - Virtual size: 110KB

text
Size: 3KB - Virtual size: 2KB

data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 169KB - Virtual size: 168KB

.reloc
Size: 89KB - Virtual size: 88KB