a0d098bd1de98557541d7a2ecd31690f

Sharing

Copy URL

Twitter E-mail

General

Target

a0d098bd1de98557541d7a2ecd31690f
Size

848KB
MD5

a0d098bd1de98557541d7a2ecd31690f
SHA1

eafde9cbcdc1b5e93aa32acefb3a2923683ec7cc
SHA256

de85a9319ce35fdd508e1530d981b3f04085b075583b4732672e6bc8c6be4103
SHA512

43506e431efe19c563a43687846557e6b3a060c501edb5980bd96d70a7dc0fecf1a0e57dbb6b91907824818d05a54411d5cb2fdd5c0a0d6a9e152ca948db95a8
SSDEEP

24576:CaxN9MvTv1yZExUoZP/nf2eLVSJA/4VlK:CaxN9loBryi4K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0d098bd1de98557541d7a2ecd31690f

Files

a0d098bd1de98557541d7a2ecd31690f
.exe windows:5 windows x86 arch:x86

5352caf4b2dd7a387ecc8f63ddef2500

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceNamesW
LocalFileTimeToFileTime
GetStdHandle
SetEndOfFile
GetCurrentProcess
GetPrivateProfileSectionW
SetFileTime
SetVolumeLabelW
HeapSize
WriteConsoleW
CreateToolhelp32Snapshot
GetLocalTime
GetComputerNameW
SetHandleCount
GetProcessHeap
FreeEnvironmentStringsW
CopyFileW
SetEvent
GetEnvironmentVariableW
EnterCriticalSection
GetCurrentProcessId
OpenProcess
GetEnvironmentStringsW
GetProcAddress
WriteFile
CreateThread
VirtualAllocEx
FileTimeToSystemTime
LoadLibraryA
ExitThread
DeleteCriticalSection
TlsFree
RaiseException
OutputDebugStringW
SetFilePointerEx
SetEnvironmentVariableW
Process32FirstW
ReadProcessMemory
MoveFileW
SystemTimeToFileTime
GetFileType
GetDateFormatA
ExitProcess
GetTempPathW
GetModuleFileNameW
GetExitCodeProcess
CloseHandle
SetErrorMode
GetTimeZoneInformation
WideCharToMultiByte
LoadLibraryExW
GetSystemInfo
SetStdHandle
GetLocaleInfoA
UnhandledExceptionFilter
GlobalAlloc
DuplicateHandle
CreateFileW
Beep
MulDiv
Sleep
GlobalLock
HeapAlloc
FindClose
Process32NextW
CreateFileA
CompareStringW
VirtualFree
GetOEMCP
IsDebuggerPresent
GetStartupInfoW
VirtualProtect
GetCPInfo
GetConsoleOutputCP
WritePrivateProfileStringW
FlushFileBuffers
HeapReAlloc
SizeofResource
InterlockedDecrement
VirtualAlloc
GetDriveTypeW
GetModuleFileNameA
RemoveDirectoryW
SetEnvironmentVariableA
FindResourceW
GetCurrentDirectoryW
GetModuleHandleW
GetProcessIoCounters
FormatMessageW
GetCurrentThread
InterlockedIncrement
QueryPerformanceCounter
SetFileAttributesW
GetFileSize
WriteConsoleA
WaitForSingleObject
ReadFile
LockResource
TlsSetValue
GetShortPathNameW
GetWindowsDirectoryW
GetSystemTimeAsFileTime
DeleteFileW
RtlUnwind
CompareStringA
CreateDirectoryW
LCMapStringA
CreateHardLinkW
VirtualFreeEx
ResumeThread
GlobalFree
GetStartupInfoA
lstrcmpiW
HeapFree
LoadLibraryW
InitializeCriticalSectionAndSpinCount
TlsGetValue
DeviceIoControl
GetDiskFreeSpaceExW
WriteProcessMemory
FindFirstFileW
LCMapStringW
TerminateThread
GetFileAttributesW
WritePrivateProfileSectionW
GetLastError
SetPriorityClass
FreeLibrary
FileTimeToLocalFileTime
TerminateProcess
GetCommandLineW
QueryPerformanceFrequency
GetTickCount
GetVersionExW
GetPrivateProfileSectionNamesW
GlobalUnlock
GetModuleHandleA
GetTimeFormatA
FindNextFileW
GetConsoleCP
GetCurrentThreadId
GetPrivateProfileStringW
GlobalMemoryStatusEx
LoadResource
IsValidCodePage
SetFilePointer
InterlockedExchange
GetConsoleMode
SetCurrentDirectoryW
GetDiskFreeSpaceW
GetACP
MultiByteToWideChar
TlsAlloc
SetLastError
CreatePipe
SetUnhandledExceptionFilter
CreateProcessW
GetTempFileNameW
GetFullPathNameW
CreateEventW
LeaveCriticalSection
GetStringTypeA
GetSystemDirectoryW

user32

UnregisterHotKey
GetMessageW
DestroyAcceleratorTable
GetWindowTextW
GetUserObjectSecurity
IsDialogMessageW
DrawFrameControl
wsprintfW
DefWindowProcW
IsWindowVisible
RedrawWindow
EnableWindow
CopyImage
GetCaretPos
GetMenuItemCount
GetKeyboardType
LoadStringW
IsWindow
IsClipboardFormatAvailable
GetDC
mouse_event
DestroyMenu
GetDlgCtrlID
DialogBoxParamW
MonitorFromRect
CharLowerBuffW
TranslateAcceleratorW
GetSysColor
VkKeyScanW
GetClassLongW
GetWindowTextLengthW
EnumWindows
CloseClipboard
AttachThreadInput
GetProcessWindowStation
GetWindowThreadProcessId
FrameRect
PeekMessageW
GetParent
InflateRect
ClientToScreen
OpenWindowStationW
GetCursorInfo
ReleaseCapture
LoadIconW
SendMessageW
DispatchMessageW
GetWindowDC
CreateAcceleratorTableW
DrawMenuBar
GetMenuItemID
AdjustWindowRectEx
GetWindowLongW
SetMenuItemInfoW
SystemParametersInfoW
DrawFocusRect
KillTimer
SetWindowTextW
PostMessageW
BlockInput
EndDialog
CopyRect
CheckMenuRadioItem
GetMenu
GetAsyncKeyState
SetClipboardData
IsMenu
CloseWindowStation
CountClipboardFormats
OpenDesktopW
ScreenToClient
SetLayeredWindowAttributes
TrackPopupMenuEx
GetMenuItemInfoW
DefDlgProcW
GetClassNameW
EnumChildWindows
LoadCursorW
InsertMenuItemW
CreateIconFromResourceEx
OpenClipboard
SetWindowPos
IsIconic
SetFocus
EnumThreadWindows
IsWindowEnabled
GetKeyboardLayoutNameW
SetWindowLongW
MessageBoxW
EmptyClipboard
SetMenu
GetWindowRect
SetCapture
GetCursorPos
SetForegroundWindow
LockWindowUpdate
CharNextW
GetMonitorInfoW
GetDlgItem
IsCharLowerW
RegisterHotKey
CreatePopupMenu
SetKeyboardState
DeleteMenu
IsDlgButtonChecked
RegisterClassExW
SetProcessWindowStation
MessageBoxA
GetSystemMetrics
FindWindowExW
SetRect
SetActiveWindow
GetMenuStringW
IsCharAlphaNumericW
CreateMenu
GetDesktopWindow
GetActiveWindow
FindWindowW
MapVirtualKeyW
DestroyWindow
SendMessageTimeoutW
SendDlgItemMessageW
IsCharAlphaW
SetUserObjectSecurity
ExitWindowsEx
ShowWindow
LoadImageW
ReleaseDC
MonitorFromPoint
GetKeyboardState
CreateWindowExW
GetClientRect
WindowFromPoint
GetForegroundWindow
CloseDesktop
keybd_event
SetMenuDefaultItem
PtInRect
BeginPaint
EndPaint
InvalidateRect
SetTimer
RegisterWindowMessageW
GetClipboardData
FlashWindow
MessageBeep
PostQuitMessage
IsZoomed
MoveWindow
GetSubMenu
DrawTextW
GetFocus
IsCharUpperW
DestroyIcon
SendInput
CharUpperBuffW
SetCursor
FillRect
TranslateMessage
GetKeyState

gdi32

AngleArc
SetBkMode
ExtCreatePen
EndPath
StrokePath
StretchBlt
CreateFontW
GetDeviceCaps
RoundRect
CreateSolidBrush
DeleteDC
CloseFigure
CreatePen
SetPixel
CreateCompatibleBitmap
SetTextColor
Ellipse
Rectangle
LineTo
PolyDraw
SetBkColor
BeginPath
CreateCompatibleDC
DeleteObject
CreateDCW
GetStockObject
GetPixel
SetViewportOrgEx
GetObjectW
GetTextExtentPoint32W
GetDIBits
StrokeAndFillPath
SelectObject
MoveToEx
GetTextFaceW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

GetAce
AddAce
CloseServiceHandle
RegConnectRegistryW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
OpenSCManagerW
LookupPrivilegeValueW
InitiateSystemShutdownExW
InitializeAcl
DuplicateTokenEx
RegDeleteKeyW
RegQueryValueExW
GetUserNameW
GetSecurityDescriptorDacl
GetTokenInformation
RegCreateKeyExW
LockServiceDatabase
RegSetValueExW
CreateProcessAsUserW
OpenProcessToken
AdjustTokenPrivileges
OpenThreadToken
UnlockServiceDatabase
LogonUserW
GetAclInformation
CreateProcessWithLogonW
CopySid
GetLengthSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExW
RegCloseKey

shell32

Shell_NotifyIconW
SHGetFolderPathW
SHGetSpecialFolderLocation
ord193
SHGetPathFromIDListW
DragQueryFileW
ShellExecuteW
ExtractIconExW
SHEmptyRecycleBinW
SHBrowseForFolderW
DragFinish
SHGetDesktopFolder
DragQueryPoint
SHGetMalloc
SHFileOperationW
ShellExecuteExW

ole32

CoUninitialize
StringFromIID
IIDFromString
OleInitialize
MkParseDisplayName
CoInitializeSecurity
CoSetProxyBlanket
StringFromCLSID
CoTaskMemFree
CoInitialize
CreateBindCtx
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
OleUninitialize
CoTaskMemAlloc
CreateStreamOnHGlobal
OleSetContainedObject
OleSetMenuDescriptor
CoCreateInstanceEx

oleaut32

SafeArrayAccessData
LoadRegTypeLi
VarR8FromDec
OleLoadPicture
SafeArrayAllocDescriptorEx
VariantTimeToSystemTime
GetActiveObject
VariantClear
OACreateTypeLib2
SysAllocString
SafeArrayUnaccessData
VariantInit
SafeArrayGetVartype
SafeArrayDestroyDescriptor
SafeArrayAllocData
VariantCopy

comctl32

ImageList_ReplaceIcon
ImageList_Remove
ImageList_Create
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragMove
ImageList_Destroy
ImageList_DragEnter
InitCommonControlsEx
ImageList_BeginDrag
ImageList_SetDragCursorImage

shlwapi

SHQueryInfoKeyA

winmm

mciSendStringW
timeGetTime
waveOutSetVolume

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

wininet

HttpOpenRequestW
FtpGetFileSize
InternetSetOptionW
InternetReadFile
HttpQueryInfoW
InternetOpenUrlW
HttpSendRequestW
InternetOpenW
InternetConnectW
InternetCrackUrlW
InternetCloseHandle
InternetQueryDataAvailable
FtpOpenFileW
InternetQueryOptionW

wsock32

send
recvfrom
__WSAFDIsSet
WSACleanup
sendto
bind
select
WSAStartup
htons
accept
listen
WSAGetLastError
setsockopt
connect
closesocket
gethostbyname
ioctlsocket
ntohs
socket
gethostname
inet_addr
recv

mpr

WNetUseConnectionW
WNetAddConnection2W
WNetGetConnectionW
WNetCancelConnection2W

psapi

EnumProcessModules
GetModuleBaseNameW
EnumProcesses
GetProcessMemoryInfo

userenv

CreateEnvironmentBlock
UnloadUserProfile
LoadUserProfileW
DestroyEnvironmentBlock

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kyup
Size: 295KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ryuw
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kyupl
Size: 512B - Virtual size: 459B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kuyul
Size: 508KB - Virtual size: 508KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5352caf4b2dd7a387ecc8f63ddef2500

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

winmm

version

wininet

wsock32

mpr

psapi

userenv

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 512B - Virtual size: 165KB

.kyup Size: 295KB - Virtual size: 295KB

.ryuw Size: 12KB - Virtual size: 11KB

.kyupl Size: 512B - Virtual size: 459B

.kuyul Size: 508KB - Virtual size: 508KB

.rsrc Size: 1024B - Virtual size: 640B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 512B - Virtual size: 165KB

.kyup
Size: 295KB - Virtual size: 295KB

.ryuw
Size: 12KB - Virtual size: 11KB

.kyupl
Size: 512B - Virtual size: 459B

.kuyul
Size: 508KB - Virtual size: 508KB

.rsrc
Size: 1024B - Virtual size: 640B

.reloc
Size: 5KB - Virtual size: 4KB