ab4feafd8c6bd735ba5cfa5e024217d1

Sharing

Copy URL

Twitter E-mail

General

Target

ab4feafd8c6bd735ba5cfa5e024217d1
Size

191KB
MD5

ab4feafd8c6bd735ba5cfa5e024217d1
SHA1

a9c3c1a5367da0dcf1bfad5ad285dc89200f7764
SHA256

0556eb3e1570d23f05428258ec72af505340ecde3050603d91ab2e0382743885
SHA512

c26beaf8573a36f448d18d375e0312169fa499bffea8f6418c151356cf2c73a60c58253d7e0fb13c5c64e876df18f16da34c4a924951211977c5c8da1147d284
SSDEEP

3072:yDd/K83g6qZ2BoBgXuK8UU72lrwWvvn+ZT0knkhMTfzGr02mCq8Dt/fRQb/:+/KV+vnrwq+ZT0UfTfSMCXt3RQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab4feafd8c6bd735ba5cfa5e024217d1

Files

ab4feafd8c6bd735ba5cfa5e024217d1
.exe windows:5 windows x86 arch:x86

e3b7ca844a9e9e2652d449a1eac12031

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\SanHNmlgqfxvI\aeuctzfov\oQbbukBdlan.pdb

Imports

gdi32

CreateDIBSection
RectInRegion
CreateICW
StartDocW
IntersectClipRect
GetWindowOrgEx
SetTextAlign
Rectangle
DeleteObject
Ellipse
SetWindowExtEx
CreateCompatibleBitmap
CreateBrushIndirect
ScaleViewportExtEx
CreatePatternBrush
CreateRectRgn
GetClipBox
GetTextExtentPointA
GetLayout
WidenPath
SetDIBitsToDevice
PathToRegion
RectVisible
StartPage
GetDIBColorTable
SetStretchBltMode
GetCurrentObject
CreateEllipticRgnIndirect
ScaleWindowExtEx
CreateHalftonePalette
SetBrushOrgEx
PtInRegion
CreateBitmap
EndPage
SetViewportOrgEx
GetPaletteEntries
GetTextExtentPoint32A
GetNearestColor
OffsetViewportOrgEx
CreateHatchBrush
GetBitmapBits
DeleteDC
StretchDIBits
SelectPalette
EnumFontFamiliesExW
GetNearestPaletteIndex
OffsetRgn
ResizePalette

msvcrt

_controlfp
perror
wcscat
strcpy
__set_app_type
__p__fmode
strerror
__p__commode
_amsg_exit
wcstok
gmtime
getenv
iswprint
_initterm
rand
strcspn
fputc
islower
_acmdln
wcsstr
localtime
exit
wcscmp
_ismbblead
swscanf
fflush
tolower
wcstombs
wcscspn
_XcptFilter
_exit
_cexit
puts
__setusermatherr
wcsncmp
strstr
clock
iswalpha
isdigit
ungetc
getc
fgetc
__getmainargs
wcslen
strcoll
wcstoul
vswprintf
isalpha
wcscpy

comctl32

ImageList_GetIconSize
CreateToolbarEx
DestroyPropertySheetPage
CreatePropertySheetPageW
PropertySheetA
ImageList_Draw

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetFileTitleW
FindTextW

kernel32

GlobalMemoryStatusEx
GetCommConfig
CreateMailslotW
OpenEventA
CreateSemaphoreW
GetUserDefaultLangID
GetACP
InitializeCriticalSection
CompareStringW
lstrlenA
CopyFileW
SetEvent
SearchPathW
TlsGetValue
LCMapStringW
FindFirstFileW
GetCommandLineW
RaiseException
SetUnhandledExceptionFilter
HeapLock
CopyFileA
GetTimeFormatA
LoadResource
GetLongPathNameW
LockResource
SetThreadAffinityMask
GetTimeZoneInformation
GetModuleHandleA
SetupComm
SetFileTime
DeleteCriticalSection
SetTimerQueueTimer
GetModuleFileNameA
lstrlenW
GetStartupInfoW
SetThreadLocale
CreateNamedPipeW
GetBinaryTypeW
LoadLibraryA
GetShortPathNameA
FindFirstFileA
SetCurrentDirectoryA
GetTempPathA
ConnectNamedPipe
GlobalFree
GlobalCompact
DisconnectNamedPipe
GetSystemDefaultUILanguage
EnumSystemLocalesA
RemoveDirectoryA
GetTempPathW
GlobalReAlloc
LocalSize
EscapeCommFunction

user32

GetMenu
GetMenuItemCount
GetWindowTextA
RegisterWindowMessageA
GetClientRect
IsWindowUnicode
GetScrollInfo
SetPropW
PostMessageW
DialogBoxParamW
LoadIconA
ShowOwnedPopups
InvalidateRect
InsertMenuW
CheckMenuItem
CreateCursor
ExitWindowsEx
InvalidateRgn
CreateWindowExW
GetPropW
DrawTextA
SetScrollRange
SetMenuItemBitmaps
GetWindowPlacement
EnumThreadWindows
GetNextDlgTabItem
ChildWindowFromPointEx
CharLowerBuffW
DialogBoxIndirectParamW
LoadBitmapA
CreatePopupMenu
EndDialog
WaitMessage
TabbedTextOutW
ShowCaret
CharUpperBuffA
OpenInputDesktop
InsertMenuItemW
GetMenuState
CreateWindowExA
ReplyMessage
GetNextDlgGroupItem
DefDlgProcW
SendNotifyMessageW
TrackPopupMenuEx
FindWindowA
UnloadKeyboardLayout
GetKeyboardLayout
IsWindow
GetSystemMenu
DeleteMenu
TranslateMessage
PostQuitMessage
GetClassInfoA
RegisterHotKey
GetForegroundWindow
EnumChildWindows
HiliteMenuItem
GetSystemMetrics
CreateDialogParamA
GetWindowRect
VkKeyScanW
DefDlgProcA
DrawStateW
SendMessageTimeoutW
RegisterClassExA
ShowScrollBar
GetMonitorInfoW
GetWindowTextLengthW
GetMessageExtraInfo
DrawFrameControl
SetScrollInfo
GetClassInfoExW
MapWindowPoints
OpenDesktopW
GetParent
GetDC
CharNextW
GetMessageA
DestroyMenu
GetDoubleClickTime
GetActiveWindow
DialogBoxParamA
GetDlgItemTextW
GetMenuCheckMarkDimensions
GetUpdateRgn
MessageBoxExA
LoadImageA
GetIconInfo
FrameRect
CreateIconIndirect
GetSubMenu
CharUpperW
SetRect
ModifyMenuW
LookupIconIdFromDirectory
GetClassLongW
GetUserObjectInformationA
IsDialogMessageW
OffsetRect
GetWindowLongA
IsDialogMessageA
DrawStateA
DialogBoxIndirectParamA
GetKeyboardLayoutNameW
CreateIconFromResource
RegisterWindowMessageW
ScreenToClient
AdjustWindowRectEx
InflateRect
ChangeMenuW
DispatchMessageW
MessageBoxA
AdjustWindowRect
LoadStringA
InSendMessage
SetScrollPos
IsCharAlphaNumericW
MapDialogRect

Exports

Exports

?IsNotNameEx@@YGXKN]A
?CloseMutantNew@@YGPAXFM]A
?FindConfigExA@@YGXEH_N_N]A
?GlobalWindowInfoNew@@YGJPAE]A
?CancelListA@@YGPAXGE]A
?FindTextExA@@YGMDJ]A
?GenerateFullName@@YGKEHPAIPAM]A
?SetFolderPathOld@@YGXD]A
?HideClassOriginal@@YGXPAGHPADM]A
?HideComponentExA@@YGDIPAFPAJ]A
?OnClassOld@@YGPAJEF]A
?CopyMonitorEx@@YGPAXPAMMDPAE]A
?GenerateMutexA@@YGPAKDPAHJ]A
?CloseWindowA@@YGPA_NDDPAD]A
?KillSectionOld@@YGHPAHPADIJ]A
?RemoveFolderPathExW@@YGPAFIPAD]A
?ModifyMonitorW@@YGMPAJPAI]A
?DestinationSysCounterDnDHuuey@@YGKGHE@Z
?CancelValueW@@YGPAMPAM]A
?IsValidClassNew@@YGJPAJPAEI]A
?GlobalComponentNew@@YGPAKDJF]A
?ValidateDeviceOriginal@@YGPAKDJ_NH]A
?OnStateOriginal@@YGHPAKFPAD]A
?IsNotWidthW@@YGXPAJGG]A
?RemovePointNew@@YGPAFPAFJ]A
?InstallThreadNew@@YGGMF]A
?IsNotProjectA@@YGEEIGPAK]A
?FormatTimerOriginal@@YGFPADPADPAME]A
?AddDateTimeOld@@YGIPAG]A
?InvalidateFolderPathW@@YGNHH]A
?LoadProjectA@@YGDPAJE]A
?GenerateKeyNameOld@@YGPAXHPADIPA_N]A
?ValidateNameA@@YGXK]A
?ShowDeviceEx@@YGPADPA_N]A
?InstallMutantOriginal@@YGJEPAI]A
?SetFunctionW@@YGPAKGPAM]A
?SendMemoryNew@@YGPAHEPAM]A
?ShowArgumentOld@@YGNPAGJN]A
?CrtArgumentExA@@YGXK_NG]A
?DeleteFolderA@@YGGPAIJDI]A
?DeleteFolderPathExW@@YGPAEPAJMPAM]A
?GetSectionEx@@YGHPADMID]A
?PutExpressionNew@@YGHPAEPAJPAJM]A
?IncrementAnchorExW@@YGDPAJI]A
?CancelComponentW@@YGEPAKMMPAM]A
?LoadArgumentNew@@YGPAMJK]A
?RemoveTaskA@@YGKPAI]A
?GetArgumentExA@@YGDPAJ]A
?GenerateExpressionOriginal@@YGPAMF]A
?StringOriginal@@YGPAXK]A
?GenerateHeaderOriginal@@YGKFKPAM]A
?IsNotCharExW@@YGXJDPAKE]A
?ValidateSystemEx@@YGX_N]A
?VersionExA@@YGPAGDPAEKJ]A
?ModifyKeyNameExW@@YGPAGM]A
?DeleteListExA@@YG_NM]A
?DeleteComponentExA@@YGFFPAN]A
?CrtListItemOld@@YGXPAJE_N]A
?GetMutantEx@@YGXFKHG]A
?ModifyArgument@@YGPAKPAHPAE]A
?IsNotFilePathExW@@YGDFPAEFPAE]A
?LoadFileExW@@YGIEPAHM]A
?SendPointerOld@@YGDKKF]A
?FindFileOld@@YGPAHPAFF]A
?KillPointerOriginal@@YGPAKJPAHMD]A
?OnFileExA@@YGPAMJPAMKN]A
?EnumVersion@@YGFPAD]A
?CloseName@@YGPADPAGJ]A
?GetFullNameEx@@YGXH]A
?FindHeader@@YGPAMJ]A
?FreeConfig@@YGHFGD]A
?LoadObjectEx@@YGEPAJPAHND]A
?CopyFunctionW@@YGPADPADINE]A
?CopyScreenOriginal@@YGED]A
?CloseData@@YGKFHKD]A
?RemoveOptionEx@@YGXMNED]A
?FreeConfigNew@@YG_ND]A
?AddClass@@YGPAEPAD]A
?EnumProcessExA@@YGPAIPADPAD]A
?FreeObjectA@@YGJIFJF]A
?AddMonitorOld@@YGPANJPAJ]A
?ModifyWindowOriginal@@YGPADPAD]A
?ValidateWidthExA@@YGPAEPADEPANPAG]A
?IsNotListItemA@@YGJEG]A
?AddFilePathExW@@YGXH]A
?SystemNew@@YGM_NMJ]A
?GenerateScreen@@YGPAHENEF]A
?HideDataA@@YGIGPAH]A
?ShowListW@@YGMDPADEI]A
?DeleteMonitorNew@@YGPADI]A
?LoadTimerA@@YGDF]A
?CancelProfileExA@@YGJH]A
?ShowSemaphoreExA@@YGFD]A
?InvalidateHeightOld@@YGPAXG]A
?PutMutantExW@@YGFHDPAKPAF]A
?EnumMutant@@YGKPAFPAM]A
?EnumMonitorNew@@YGHJIMPAI]A
?SendWidthExA@@YGPADK]A
?GetFunctionExA@@YGEPAJ]A
?RemoveScreenExW@@YGPAMPAD]A
?PutEventW@@YGGIPADPAM]A
?IncrementFullNameExW@@YGPAKKIPAF]A
?PutProjectW@@YGHFDPAKJ]A
?IsValidKeyboardNew@@YGPAHMIN]A
?GlobalProfileExW@@YGXGPAK]A
?FreeTimerExW@@YGMGJ_N]A
?ClosePenExA@@YGIN]A
?PenNew@@YGKDI_N]A
?AddValueOriginal@@YGEMNF]A
?ClosePathExA@@YGXPAG]A
?InsertArgumentNew@@YGEPAMN]A
?CrtMemory@@YGPAHPAGKPAK]A
?IsNotTimerA@@YGFPAK]A
?RtlValueNew@@YGXPAI]A
?SetMemoryExW@@YGKE]A
?ModifySemaphoreA@@YGPADPAH]A
?CrtNameEx@@YGKF]A
?PutComponentEx@@YGPADMPAEE]A
?IncrementPointerEx@@YGF_NGEPAE]A
?ValidateFunctionNew@@YGPAJPAJPA_NG]A
?PutFileW@@YGXGIPAM]A
?DecrementSemaphoreExW@@YGPAXMPAN]A
?ModifyKeyName@@YGMEE_NK]A
?InstallDialogExA@@YGKMPAMHPAN]A
?FindCharW@@YGPADFPAD]A
?CopyDateTimeW@@YGPADJGDD]A
?IsValidSystemExW@@YGPA_NPAJM]A
?VersionA@@YGPAFFPAH_N]A
?IncrementFolderOriginal@@YGFFPAG]A
?IncrementWindowInfoEx@@YGPAKPAFIIPAF]A
?CancelFolderW@@YGPAME]A
?HideOptionExW@@YGPAIGJK]A
?Directory@@YGDPAN]A
?IncrementSemaphoreEx@@YGXK_N]A
?SetMutexEx@@YGFM]A
?CancelPen@@YGPAKPA_NPANMI]A
?ShowPointerOld@@YGIMH]A
?HideHeightOriginal@@YGJD]A
?ShowWidthA@@YGJG]A
?DeleteFilePathExW@@YG_NJ]A
?FormatMutantOriginal@@YGPAEPAMG]A
?OnDirectoryExA@@YGHKPAFPAEH]A
?IncrementTimer@@YGDN]A
?RtlDataW@@YGNKDG]A
?IncrementPathW@@YGIGMD]A
?LoadProfileW@@YGKEJ]A
?GlobalDate@@YGDPANHPAGH]A
?PutTextOriginal@@YGEDKPAJ]A
?InstallSectionNew@@YGJKJ]A
?GenerateCommandLineEx@@YGHEJ]A
?RemoveCharExA@@YGEPAHPAKMG]A
?HideKeyNameOriginal@@YGGG]A
?RemoveProcessW@@YGXEDPA_NPA_N]A
?ShowPointerExA@@YGPAHG]A
?OnTextA@@YGFPAG]A
?InstallStringEx@@YGJMM]A
?FreeCharEx@@YGPAG_ND]A
?GlobalOptionW@@YG_NFPAF]A
?CancelMediaTypeOld@@YGJEMJN]A
?DecrementAnchorW@@YGPAKPAKJE]A
?ModifyMutexExA@@YGGPAF]A
?PutOptionW@@YGPAHM]A
?InsertMutex@@YGXDFJI]A
?HideWindowA@@YGXKHG]A
?DeleteMutexEx@@YGPAJIPAJEPAG]A
?PutMutantEx@@YGIEE]A
?CopyMutantEx@@YGJPAN]A
?IsMessageW@@YGPAXEHPAIM]A
?SetDeviceEx@@YGPAEDDPAKPAD]A
?EnumMemoryOld@@YGMPAK]A
?CopyKeyNameEx@@YGPAXPAEI]A
?InsertMemoryW@@YGPAGJKF]A
?PutVersion@@YGNKPAMI]A
?FreeFolderNew@@YGJFHGE]A
?IncrementHeightNew@@YGPAKM]A
?InstallPointExA@@YGNGEIPAH]A
?AddTime@@YGIEPAEPAF]A
?RemoveProfileNew@@YGXK]A
?GlobalWidthOriginal@@YGKJPAF]A
?FreeStateOld@@YGEE]A
?ValidateProjectA@@YGGFGME]A
?OnModuleA@@YGPAKPAFHFK]A
?RemoveConfigEx@@YGDFPAGEG]A
?RtlComponentW@@YGMFFDPAK]A
?FreeDataExW@@YGPAFPAGMI]A
?ValidatePenNew@@YGPAJPAIPAM]A
?FreeWidthNew@@YGHID]A
?RemoveComponent@@YGJKPA_N]A
?InvalidatePointerExW@@YGIIPAMJ]A
?SendEventA@@YGGHPAEF]A
?CloseDirectoryExW@@YGMMM]A
?CopyVersionA@@YGKPAFKEPAI]A
?GenerateDeviceExA@@YGXDPADI]A
?IsText@@YGFPA_N_N]A
?AddWindowInfoExW@@YGPAMEJPAI]A
?InstallObjectOriginal@@YGEIPAF_N]A
?KillHeaderNew@@YGPAMPA_NDPAM]A
?IsDialogEx@@YGPADMNF]A
?SendFolderExW@@YGKG]A
?AddModuleNew@@YGPAFGF]A
?IsMonitorOriginal@@YGMPAEDK]A
?CloseTimerExA@@YGMPAH]A
?DecrementValueExA@@YGIJNF]A
?CopySemaphoreOld@@YGHPADEG]A
?SetConfigW@@YGDK]A
?CloseModuleOriginal@@YGPAIPAF]A
?GlobalMemoryEx@@YGPAXEG]A
?SendOption@@YGND_NFH]A
?IsCharA@@YGIGJDPAI]A
?GetDeviceEx@@YGJEKM]A
?EnumDirectoryNew@@YGXPADPAKED]A
?ProviderEx@@YGXI]A
?InsertText@@YGII]A

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3b7ca844a9e9e2652d449a1eac12031

Headers

File Characteristics

PDB Paths

Imports

gdi32

msvcrt

comctl32

comdlg32

kernel32

user32

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 30KB

.idata Size: 6KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 179KB

.rsrc Size: 147KB - Virtual size: 147KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 30KB - Virtual size: 30KB

.idata
Size: 6KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 179KB

.rsrc
Size: 147KB - Virtual size: 147KB

.reloc
Size: 2KB - Virtual size: 1KB