b5da3717954c19b73018161e71b98715

Sharing

Copy URL Twitter E-mail

General

Target

b5da3717954c19b73018161e71b98715
Size

3.9MB
MD5

b5da3717954c19b73018161e71b98715
SHA1

264ac7bf1379c7cd50ffe6f9a0d70aaae223766a
SHA256

1334067203bb6c91589f62b3c9c3263a627d48d21c712526169f63a58d54bad4
SHA512

f8da976560dec35cafb9db59ca9306d631220ae4293e5120d7a8d5db0276411dc12ea5070c0c19aa6cdf35a825ba386aaf1841e83087d700ede5d29c9d490937
SSDEEP

98304:u5ANfZCCmZFI4hqTm7Dr2IE3RuJ93RjW4uQP:u5AiCmvI9Tm7Dr2IE3RuJ93RjSQP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5da3717954c19b73018161e71b98715

Files

b5da3717954c19b73018161e71b98715
.exe windows:4 windows x86 arch:x86

dfcce7a152a2824f0fb5d6f6f3e03b59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHAutoComplete

winmm

waveInUnprepareHeader
waveInStart
waveOutClose
waveOutUnprepareHeader
waveOutReset
waveOutWrite
waveInStop
waveInClose
PlaySoundA
waveOutGetNumDevs
waveOutOpen
waveOutPrepareHeader
waveInGetNumDevs
waveInOpen
waveInPrepareHeader
waveInReset
waveInAddBuffer

kernel32

CompareStringA
CompareStringW
SetEnvironmentVariableA
IsBadCodePtr
IsBadReadPtr
GetDriveTypeA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsBadWritePtr
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
SetStdHandle
HeapSize
GetACP
TerminateProcess
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetCommandLineA
GetStartupInfoA
HeapReAlloc
RaiseException
ExitThread
RtlUnwind
GetCurrentDirectoryA
SetErrorMode
SetFileAttributesA
SystemTimeToFileTime
LocalFileTimeToFileTime
CopyFileA
GetOEMCP
GetCPInfo
GetProcessVersion
GetProfileIntA
GetProfileStringA
GetCurrentProcessId
GetPrivateProfileSectionNamesA
EnumResourceLanguagesA
EnumResourceTypesA
EnumResourceNamesA
GetExitCodeThread
ResetEvent
CreateEventA
TlsGetValue
CloseHandle
TerminateThread
WaitForSingleObject
SetEvent
ResumeThread
CreateThread
Sleep
VirtualFree
VirtualAlloc
GetVolumeInformationA
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
SizeofResource
GlobalFlags
MulDiv
GetComputerNameA
GetTickCount
GlobalFree
WriteFile
DeleteFileA
CreateFileA
GlobalAlloc
lstrcatA
GetModuleFileNameA
GetFileAttributesA
MoveFileA
lstrlenA
lstrcpyA
GetTempPathA
GetProcAddress
LoadLibraryA
FindResourceA
ReadFile
SetFilePointer
LocalFree
LocalAlloc
GetFileSize
lstrcpynA
FindClose
FindNextFileA
FindFirstFileA
RemoveDirectoryA
GetLastError
CreateDirectoryA
GetPrivateProfileStringA
SetLastError
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetTempFileNameA
SetThreadPriority
lstrcmpA
GetCurrentThread
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
FormatMessageA
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
GetVersion
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LockResource
LoadResource
LocalSize
LocalReAlloc
GetModuleHandleA
GlobalSize
GetSystemDirectoryA
OutputDebugStringA
GlobalLock
GlobalUnlock
ExitProcess
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GetPrivateProfileIntA
DeleteCriticalSection
CancelIo
InterlockedExchange
InterlockedIncrement
InterlockedDecrement
GetQueuedCompletionStatus
CreateIoCompletionPort
GetSystemInfo
PostQueuedCompletionStatus
HeapFree
InitializeCriticalSection
GetProcessHeap
HeapAlloc
WritePrivateProfileStringA

user32

GetWindowDC
LoadStringA
IsZoomed
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
DestroyMenu
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
ValidateRect
ShowOwnedPopups
PostQuitMessage
CharUpperA
wvsprintfA
GetMenuCheckMarkDimensions
ModifyMenuA
BeginPaint
EndPaint
TabbedTextOutA
DispatchMessageA
TranslateMessage
GrayStringA
LoadIconA
KillTimer
SetMenuItemBitmaps
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
GetDlgItemTextA
SendDlgItemMessageA
MapWindowPoints
GetClassNameA
GetDialogBaseUnits
InsertMenuA
GetMenuStringA
DestroyIcon
GetDCEx
LockWindowUpdate
GetSysColor
PeekMessageA
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
SetParent
IsRectEmpty
InvertRect
GetMessageA
SendMessageA
EnableWindow
RegisterWindowMessageA
SetRect
wsprintfA
MessageBoxA
InvalidateRect
UpdateWindow
GetCursorPos
PtInRect
GetSubMenu
LoadMenuA
PostMessageA
GetWindowRect
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SystemParametersInfoA
LoadCursorA
SetCursor
ReleaseCapture
SetWindowPos
GetDlgCtrlID
CharNextA
DeleteMenu
EnableMenuItem
GetMenuItemCount
GetClientRect
ClientToScreen
ScreenToClient
IsWindowVisible
SetCapture
GetWindow
GetParent
WindowFromPoint
ReleaseDC
GetDC
FillRect
GetSystemMetrics
MessageBeep
InflateRect
OffsetRect
AppendMenuA
GetSystemMenu
CloseClipboard
PostThreadMessageA
UnregisterClassA
GetNextDlgGroupItem
SetWindowContextHelpId
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
SetWindowRgn
LoadBitmapA
GetSysColorBrush
RegisterClassExA
GetKeyState
ShowScrollBar
CheckMenuRadioItem
GetMenuState
CheckMenuItem
DefFrameProcA
ExcludeUpdateRgn
DefDlgProcA
GetTabbedTextExtentA
GetClipboardFormatNameA
GetAsyncKeyState
MapDialogRect
SendMessageTimeoutA
IsWindowUnicode
GetWindowLongW
SetWindowLongW
GetDoubleClickTime
SetCursorPos
GetMenuStringW
LookupIconIdFromDirectoryEx
GetCursor
GetKeyboardLayoutList
GetKeyboardState
ToAsciiEx
GetKeyboardLayout
MapVirtualKeyExA
GetKeyNameTextA
IsCharLowerA
CopyAcceleratorTableA
GetMenuDefaultItem
GetWindowRgn
IsMenu
GetMenuItemInfoA
CopyIcon
CreateIconIndirect
CreateIconFromResourceEx
RegisterClipboardFormatA
DrawFrameControl
UnionRect
DrawAnimatedRects
FindWindowA
EnumChildWindows
GetClipboardData
DrawTextA
DrawIconEx
IntersectRect
GetIconInfo
SetClassLongA
DestroyCursor
LoadImageA
GetWindowLongA
SetWindowLongA
GetDesktopWindow
GetFocus
SetTimer
SetMenu
GetMenu
OpenClipboard
RedrawWindow
EmptyClipboard
SetClipboardData
IsClipboardFormatAvailable
DrawEdge
ShowCaret
HideCaret
DrawStateA
DrawFocusRect
MapVirtualKeyA
WaitMessage
CreatePopupMenu
SetMenuDefaultItem

gdi32

StretchDIBits
CreateDIBSection
Rectangle
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
CreatePen
SelectObject
DeleteObject
StretchBlt
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
PolyBezierTo
GetClipRgn
ExtSelectClipRgn
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
PtVisible
BitBlt
Escape
GetMapMode
SetRectRgn
DPtoLP
CopyMetaFileA
ExtTextOutA
SetTextColor
SetBkColor
GetObjectA
GetStockObject
CombineRgn
CreateRectRgn
CreateFontIndirectA
GetPixel
TextOutA
SetBkMode
GetClipBox
CreateBitmap
PatBlt
CreateRectRgnIndirect
GetTextExtentPoint32A
GetTextMetricsA
DeleteDC
GetCharWidthA
CreateFontA
SaveDC
RestoreDC
SetPolyFillMode
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
Polygon
GetTextColor
GetWindowOrgEx
GetTextAlign
SetPixel
GetCurrentObject
GetDIBits
PtInRegion
EnumFontFamiliesExA
GetBitmapBits
ExtCreateRegion
GetBkColor
GetRgnBox
CreatePolygonRgn
RoundRect
Polyline
GetViewportOrgEx
ExtFloodFill
Ellipse
SetBrushOrgEx
StrokePath
FillPath
StrokeAndFillPath
EndPath
CloseFigure
BeginPath
GetTextExtentPoint32W
ExtTextOutW
GetTextExtentPointA
CreateDIBitmap
LPtoDP
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
RectVisible

comdlg32

ChooseColorA
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegQueryValueExA
RegOpenKeyA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
SetFileSecurityA
GetFileSecurityA
RegSetValueA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyA
RegCloseKey

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
DragQueryFileA
DragFinish
SHAppBarMessage
ShellExecuteA
ExtractIconA
ord71
SHGetFileInfoA
SHGetMalloc
Shell_NotifyIconA

comctl32

ImageList_LoadImageA
ImageList_Create
ImageList_Destroy
ord17
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_Remove
ImageList_GetImageInfo
ImageList_GetIcon
ImageList_DrawEx
ImageList_Add
_TrackMouseEvent
ImageList_Draw
ImageList_GetIconSize
ImageList_GetImageCount

ole32

CoInitialize
CoUninitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
CoTaskMemFree
CoDisconnectObject
ReleaseStgMedium
OleRun
OleInitialize
OleUninitialize
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CoRevokeClassObject

oleaut32

SysAllocStringByteLen
VariantChangeType
SysStringByteLen
VarDateFromStr
VarBstrFromDate
SysAllocString
SysStringLen
VariantCopy
VariantClear
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysFreeString
OleLoadPicturePath
VariantChangeTypeEx
SysAllocStringLen
LoadTypeLi
VariantTimeToSystemTime
SafeArrayGetElemsize

ws2_32

WSAEventSelect
bind
listen
WSAStartup
socket
WSACleanup
inet_addr
htons
connect
WSACreateEvent
recv
gethostname
gethostbyname
closesocket
getpeername
inet_ntoa
WSAGetLastError
getsockname
WSASocketA
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
WSAIoctl
setsockopt
accept
WSARecv
WSASend
WSACloseEvent
ntohs
select
__WSAFDIsSet
ioctlsocket
send

pdh

PdhCloseQuery
PdhAddCounterA
PdhOpenQueryA
PdhGetFormattedCounterValue
PdhCollectQueryData

avifil32

AVIFileRelease
AVIStreamWrite
AVIFileExit
AVIFileInit
AVIFileOpenA
AVIFileCreateStreamA
AVIStreamSetFormat
AVIStreamRelease

msvfw32

ICSeqCompressFrameEnd
ICCompressorFree
ICClose
ICOpen
ICSendMessage
ICSeqCompressFrameStart
ICDecompress
DrawDibOpen
DrawDibClose
DrawDibDraw

wininet

InternetGetLastResponseInfoA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetGetConnectedState

oledlg

ord8
ord1

olepro32

ord253

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 288KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dfcce7a152a2824f0fb5d6f6f3e03b59

Headers

File Characteristics

Imports

shlwapi

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

ws2_32

pdh

avifil32

msvfw32

wininet

oledlg

olepro32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 288KB - Virtual size: 284KB

.data Size: 148KB - Virtual size: 182KB

.rsrc Size: 1.8MB - Virtual size: 1.8MB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 288KB - Virtual size: 284KB

.data
Size: 148KB - Virtual size: 182KB

.rsrc
Size: 1.8MB - Virtual size: 1.8MB