fb375ecd8dcce888b5edb19d5320199eb03d26dcfb7ebd7ae580fb0b7afdd302

Sharing

Copy URL Twitter E-mail

General

Target

fb375ecd8dcce888b5edb19d5320199eb03d26dcfb7ebd7ae580fb0b7afdd302
Size

2.8MB
MD5

b91d0410f6526362d09564ed32712ca3
SHA1

ca07bf52cc1cf3017fcf833cc438a83ae6fe68a4
SHA256

fb375ecd8dcce888b5edb19d5320199eb03d26dcfb7ebd7ae580fb0b7afdd302
SHA512

98ffa97f4164301c583ab98ffaa9c7f8b6e8f3ee720175e679f885aba9de64e121a87f2b5fb0c489d7954bdfd3ed0a9500fc1edd070a318950bfebf1703eb946
SSDEEP

49152:pBdNZ1M0Rug5CdgejCIiupmomdxTT+BVKPtkAiwT+oLSeH:pBDZ1MSubdLCIiupmomdtT+BoVkAiwTm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb375ecd8dcce888b5edb19d5320199eb03d26dcfb7ebd7ae580fb0b7afdd302

Files

fb375ecd8dcce888b5edb19d5320199eb03d26dcfb7ebd7ae580fb0b7afdd302
.exe windows:6 windows x86 arch:x86

ff0e70a68b0d76d528935f5a827d65b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
GetCurrentDirectoryW
CreateFileW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetDriveTypeW
CreateDirectoryW
GetFileAttributesExW
GetTimeZoneInformation
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetThreadPriority
ExitProcess
GetFileType
SetStdHandle
HeapQueryInformation
GetFullPathNameW
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
VirtualQuery
VirtualAlloc
GetSystemInfo
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetStringTypeW
LCMapStringW
CompareStringW
QueryPerformanceFrequency
SwitchToThread
TryEnterCriticalSection
OutputDebugStringW
SignalObjectAndWait
GetLogicalProcessorInformation
CreateTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
GetVersionExW
VirtualFree
ReleaseSemaphore
InterlockedPopEntrySList
QueryDepthSList
UnregisterWaitEx
CreateTimerQueue
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
GetUserDefaultLCID
ChangeTimerQueueTimer
GetTempFileNameA
Sleep
SearchPathA
GetProfileIntA
GetTempPathA
GetTickCount
FindResourceExW
VerifyVersionInfoA
VerSetConditionMask
GetWindowsDirectoryA
SetErrorMode
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalFlags
lstrcpyA
GetACP
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetVersionExA
GetCurrentThread
ResumeThread
SetThreadPriority
SetEvent
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
GetThreadLocale
GetVolumeInformationA
lstrcmpiA
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalSize
GlobalAlloc
GetCurrentProcessId
GlobalFree
GlobalUnlock
GlobalLock
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryA
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
SetLastError
EncodePointer
OutputDebugStringA
InitializeCriticalSectionAndSpinCount
SystemTimeToFileTime
WriteFile
SetFileTime
SetFilePointer
ReadFile
LocalFileTimeToFileTime
GetFileAttributesA
CreateFileA
GetCurrentDirectoryA
SetCurrentDirectoryA
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
GetLastError
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
DecodePointer
MultiByteToWideChar
CreateProcessA
GetExitCodeThread
ExitThread
CreateThread
GetExitCodeProcess
GetCurrentProcess
WaitForSingleObject
CloseHandle
SetFileAttributesA
RemoveDirectoryA
FindNextFileA
FindFirstFileA
FindClose
DeleteFileA
CreateDirectoryA
WideCharToMultiByte
FindResourceW
SizeofResource
GetModuleFileNameA
FindResourceA
LockResource
LoadResource
GetStdHandle

user32

InvalidateRgn
CopyAcceleratorTableA
CharNextA
LoadCursorW
WindowFromPoint
ReleaseCapture
SetCapture
DeleteMenu
SetRect
MessageBeep
IsClipboardFormatAvailable
IntersectRect
GetAsyncKeyState
CopyImage
SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
GetSysColorBrush
RealChildWindowFromPoint
LoadImageW
DestroyIcon
InflateRect
TrackMouseEvent
WaitMessage
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
GetCursorPos
TranslateMessage
GetMessageA
FillRect
ClientToScreen
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
CharUpperA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuState
GetMenuStringA
GetWindowThreadProcessId
ReleaseDC
GetDC
MapVirtualKeyA
GetKeyNameTextA
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
IsRectEmpty
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
DrawFrameControl
IsZoomed
LoadMenuW
SendMessageA
EnableWindow
SendMessageTimeoutA
LoadStringA
IsIconic
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetSystemMenu
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
NotifyWinEvent
GetWindowLongA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
CreatePopupMenu
GetMenuDefaultItem
SetLayeredWindowAttributes
DrawEdge
EnumDisplayMonitors
SetClassLongA
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
GetNextDlgGroupItem
GetScrollPos
SetScrollPos
DrawFocusRect
LoadImageA
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
SetTimer
KillTimer
GetSystemMetrics
DrawIcon
InvalidateRect
GetClientRect
MessageBoxA
SetCursor
LoadCursorA
LoadIconW
UnregisterClassA
SendDlgItemMessageA
SetRectEmpty
OffsetRect
GetParent
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
LoadBitmapW
RegisterWindowMessageA
DispatchMessageA
PeekMessageA
GetMessagePos
GetMessageTime
PostMessageA
DefWindowProcA
GetWindowRgn
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsWindow
IsMenu
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
GetDlgItem
GetDlgCtrlID
SetFocus
GetKeyState
GetCapture
GetMenu
SetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
TrackPopupMenu
UpdateWindow
SetActiveWindow
GetForegroundWindow
SetForegroundWindow
BeginPaint
EndPaint
ValidateRect
RedrawWindow
ScrollWindow
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
SetWindowLongA
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatA
UnionRect
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
PostThreadMessageA
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
GetUpdateRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
CreateMenu
DestroyCursor
GetWindow

gdi32

IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
GetWindowExtEx
GetTextColor
GetRgnBox
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
EnumFontFamiliesExA
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateDCA
CopyMetaFileA
PatBlt
CreateRectRgnIndirect
GetObjectA
SetTextColor
SetBkColor
CreateBitmap
GetBkColor
DeleteDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHAppBarMessage
DragFinish
DragQueryFileA
SHGetDesktopFolder
SHGetSpecialFolderLocation
ShellExecuteA
SHGetFileInfoA
SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

ord17

shlwapi

PathFindFileNameA
PathFindExtensionA
PathStripToRootA
PathIsUNCA
StrFormatKBSizeA
PathRemoveFileSpecW

uxtheme

GetThemeSysColor
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme

ole32

CoUninitialize
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoInitializeEx
CoInitialize

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
SysAllocStringByteLen
SysFreeString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
SafeArrayDestroy

oledlg

ord8

ws2_32

WSAStartup
WSACleanup
WSASetLastError

gdiplus

GdipDrawImageRectI
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 378KB - Virtual size: 378KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 542KB - Virtual size: 542KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff0e70a68b0d76d528935f5a827d65b4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

ws2_32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 378KB - Virtual size: 378KB

.data Size: 29KB - Virtual size: 90KB

.rsrc Size: 542KB - Virtual size: 542KB

.reloc Size: 151KB - Virtual size: 150KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 378KB - Virtual size: 378KB

.data
Size: 29KB - Virtual size: 90KB

.rsrc
Size: 542KB - Virtual size: 542KB

.reloc
Size: 151KB - Virtual size: 150KB