f8c3a5fc183b54472f0a0affe71caa6cae7d7bfe6c54c214ed592f5536810188

Sharing

Copy URL Twitter E-mail

General

Target

f8c3a5fc183b54472f0a0affe71caa6cae7d7bfe6c54c214ed592f5536810188
Size

1.7MB
MD5

70c9556188a93be54ebcbbeb2dead0c7
SHA1

e9e7c45a19217f3293090df3301085a9ab48a905
SHA256

f8c3a5fc183b54472f0a0affe71caa6cae7d7bfe6c54c214ed592f5536810188
SHA512

b12de3bb5b4429f4d961737f3000032f7e3b210de55f0c0fcf6dcd6a5cd0d1c4284a060c78ca85d879c92de3c43dfefc1cf44d530d675d98cc95110a60e3a0cf
SSDEEP

49152:5Y0FzqaOMWnnlxZjWAOFa8j8jUduLkoIfdoPjKElxREqFvTTNAJBJJVJsxDJBJJ:2SNOM8lxZjWAOFa8j8jUduLkoIfdoPjo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f8c3a5fc183b54472f0a0affe71caa6cae7d7bfe6c54c214ed592f5536810188

Files

f8c3a5fc183b54472f0a0affe71caa6cae7d7bfe6c54c214ed592f5536810188
.exe windows:4 windows x86 arch:x86

938620ac5a2ce6bb18b4d2f6a0799975

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
CompareStringA
SetEnvironmentVariableA
GetProfileStringA
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetTimeZoneInformation
GetACP
HeapReAlloc
HeapSize
RaiseException
HeapFree
HeapAlloc
GetCommandLineA
GetStartupInfoA
TerminateProcess
ExitProcess
RtlUnwind
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
GetCurrentDirectoryA
FindResourceExA
SizeofResource
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DuplicateHandle
GetLastError
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFullPathNameA
GetTempFileNameA
GetFileAttributesA
GetPrivateProfileStringA
GetPrivateProfileIntA
VirtualProtect
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
lstrcpynA
InterlockedDecrement
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrlenA
lstrcmpA
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleA
GetProcAddress
SetLastError
GlobalAlloc
GlobalFree
RemoveDirectoryA
GetTempPathA
FindFirstFileA
FindClose
CreateDirectoryA
WritePrivateProfileStringA
GetFileSize
VirtualAlloc
ReadFile
GetCurrentProcess
SetPriorityClass
GetCurrentThread
SetThreadPriority
lstrcpyA
CopyFileA
Sleep
lstrcatA
GetModuleFileNameA
CreateFileA
WriteFile
CloseHandle
CompareStringW

user32

SetMenuItemBitmaps
EnableMenuItem
GetNextDlgTabItem
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
UnpackDDElParam
ReuseDDElParam
SetMenu
ShowWindow
GetDesktopWindow
IsWindowEnabled
LoadAcceleratorsA
SetRectEmpty
GetActiveWindow
RedrawWindow
DefMDIChildProcA
DrawMenuBar
TranslateAcceleratorA
TranslateMDISysAccel
DefFrameProcA
BringWindowToTop
LoadIconA
PostMessageA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
ModifyMenuA
GetDlgItem
GetWindowTextLengthA
MapDialogRect
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
DestroyMenu
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
PtInRect
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
InflateRect
CreateDialogIndirectParamA
EndDialog
wvsprintfA
PostQuitMessage
ShowOwnedPopups
BeginPaint
ClientToScreen
ScreenToClient
LoadBitmapA
GetSystemMetrics
SetTimer
LoadCursorA
SetCursor
ReleaseCapture
SetCapture
InvalidateRect
UpdateWindow
GetWindowDC
EnableWindow
IsWindowVisible
GetMenuState
GetMenuCheckMarkDimensions
GetCursorPos
ValidateRect
GetMessageA
TrackPopupMenu
GetAsyncKeyState
GetParent
GetDC
GetClientRect
FillRect
ReleaseDC
CopyRect
SendMessageA
GetWindowRect
DrawFocusRect
LoadMenuA
CheckMenuItem
GetSubMenu
SetRect
PostThreadMessageA
RegisterClipboardFormatA
InvertRect
LockWindowUpdate
GetDCEx
GetTabbedTextExtentA
MessageBeep
GetNextDlgGroupItem
CopyAcceleratorTableA
CharNextA
DestroyIcon
GetMenuStringA
InsertMenuA
LoadStringA
GetSysColorBrush
GetClassNameA
GetSystemMenu
DeleteMenu
AppendMenuA
SetParent
IsZoomed
WindowFromPoint
KillTimer
IsRectEmpty
FindWindowA
DestroyCursor
CharUpperA
GetWindowTextA
SetWindowContextHelpId
TranslateMessage

gdi32

GetDeviceCaps
GetTextExtentPoint32A
EnumFontFamiliesA
DeleteDC
StartDocA
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
DeleteObject
BitBlt
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
SetRectRgn
CombineRgn
CreateRectRgnIndirect
GetViewportOrgEx
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
CreateDCA
StretchDIBits
GetCharWidthA
CreateFontA
EnumFontFamiliesExA
GetTextColor
GetBkColor
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetTextFaceA
GetWindowOrgEx
CreateCompatibleBitmap
CreateCompatibleDC
GetMapMode
PatBlt
GdiFlush
GetBitmapBits
GetPixel
UnrealizeObject
SetBrushOrgEx
GetTextMetricsA
DPtoLP
LPtoDP
GetObjectA
CreateFontIndirectA
RoundRect
Arc
PolyBezier
CreateEllipticRgn
Ellipse
SetPixel
CreateBrushIndirect
PtInRegion
CreatePolygonRgn
GetROP2
CreateSolidBrush
Rectangle
CreateDIBitmap
GetTextExtentPointA
CreatePen

comdlg32

GetOpenFileNameA
PrintDlgA
GetSaveFileNameA
CommDlgExtendedError
ChooseColorA
GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegDeleteValueA
SetFileSecurityA
GetFileSecurityA
RegCloseKey
RegCreateKeyA

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
DragAcceptFiles
SHChangeNotify
ShellExecuteA
SHGetSpecialFolderPathA
ExtractIconA

comctl32

ord17
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_Destroy

oledlg

ord8

ole32

OleUninitialize
OleInitialize
CoTaskMemAlloc
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
CoTaskMemFree
OleIsCurrentClipboard

olepro32

ord253

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysStringLen

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

Sections

.text
Size: 380KB - Virtual size: 377KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

938620ac5a2ce6bb18b4d2f6a0799975

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

Sections

.text Size: 380KB - Virtual size: 377KB

.rdata Size: 88KB - Virtual size: 86KB

.data Size: 24KB - Virtual size: 38KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 380KB - Virtual size: 377KB

.rdata
Size: 88KB - Virtual size: 86KB

.data
Size: 24KB - Virtual size: 38KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB