b753ca752ac0e2b952df64f5c13d8999

Sharing

Copy URL Twitter E-mail

General

Target

b753ca752ac0e2b952df64f5c13d8999
Size

93KB
MD5

b753ca752ac0e2b952df64f5c13d8999
SHA1

7f431a4e10ded239b012078a601defddef697a32
SHA256

d474a5cc044ec1513e3dcdbb5cc55a20126112835c5e67ad27b7c8dcb8587b96
SHA512

00ee80ee2063ed1b17e66752b18a69cd108d6e3129f96255de63e023660ae2a28d7b29edef4135f566ee4178c9fad93af474597fe1e20b8da33eb733c3909199
SSDEEP

1536:htoMsziWiVtjB+8ySv0DZk3icSeShrWarjNsFhDEuo8LMb+MYQDET9hWY:7bs+WiVts8yM93itDhzmS8gbB1DET9hW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b753ca752ac0e2b952df64f5c13d8999

Files

b753ca752ac0e2b952df64f5c13d8999
.exe windows:4 windows x86 arch:x86

4cf4489508b66a569708e37296fdb843

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateObjrefMoniker
CoGetInterfaceAndReleaseStream
OleCreateEmbeddingHelper
OleCreate
CoTaskMemAlloc
MonikerRelativePathTo
OleLoadFromStream
CoRegisterMessageFilter
GetClassFile
StringFromGUID2
CoGetMalloc
CoTaskMemRealloc
CoGetClassObject
CreateItemMoniker
CoRegisterSurrogate
CreateFileMoniker
StgOpenStorageOnILockBytes
CoBuildVersion
OleBuildVersion
UtGetDvtd16Info
OleTranslateAccelerator
CoQueryAuthenticationServices
CoTreatAsClass
CreateOleAdviseHolder
OleRegGetUserType
OleDestroyMenuDescriptor
CoMarshalInterThreadInterfaceInStream
OleConvertIStorageToOLESTREAMEx
StgCreateDocfileOnILockBytes
OleCreateDefaultHandler
CoReleaseMarshalData
CoSwitchCallContext
OleCreateLinkToFile
CoRegisterChannelHook
GetConvertStg
CoDisconnectObject
CoTaskMemFree
CoGetCurrentLogicalThreadId
OleQueryLinkFromData
ProgIDFromCLSID
CoGetCallerTID
OleLockRunning
UpdateDCOMSettings
OleGetClipboard
CoGetCallContext
UtConvertDvtd32toDvtd16
OleUninitialize
BindMoniker
CoQueryProxyBlanket
CoRegisterMallocSpy
OleSetAutoConvert
CoFreeAllLibraries
CoCreateFreeThreadedMarshaler
OleRegEnumFormatEtc
SetDocumentBitStg
StgIsStorageILockBytes
WriteClassStm
OleDuplicateData
CreateBindCtx
OleDraw
OleNoteObjectVisible
CreateStreamOnHGlobal
CreateGenericComposite
OleMetafilePictFromIconAndLabel
OleIsRunning
IsAccelerator
PropVariantCopy
CoLoadLibrary
CreateILockBytesOnHGlobal
StgGetIFillLockBytesOnILockBytes
CoFreeLibrary
StgIsStorageFile
OleSaveToStream
CoReleaseServerProcess
CoMarshalHresult
OleCreateMenuDescriptor
OleQueryCreateFromData
OleCreateFromData
CoDosDateTimeToFileTime
CoImpersonateClient
OleIsCurrentClipboard
CoSetProxyBlanket
CoGetInstanceFromIStorage
OleSetMenuDescriptor
CoQueryClientBlanket
DllDebugObjectRPCHook
GetRunningObjectTable
GetHGlobalFromStream
ReadFmtUserTypeStg
CoIsOle1Class
CLSIDFromString
CoRegisterClassObject
CoCreateInstance
OleConvertOLESTREAMToIStorageEx
CoUnmarshalInterface
OleConvertIStorageToOLESTREAM
DoDragDrop
GetHookInterface
OleCreateStaticFromData
CoFileTimeNow
GetDocumentBitStg

kernel32

ReadConsoleInputA
SetConsoleCursorPosition
EnumCalendarInfoExW
Module32First
EnumDateFormatsW
TlsAlloc
GetCurrentDirectoryA
GetNamedPipeHandleStateW
ContinueDebugEvent
ReadProcessMemory
GetThreadPriorityBoost
VirtualProtect
CancelDeviceWakeupRequest
GetCurrentThreadId
FreeResource
EndUpdateResourceW
SetFileAttributesA
Heap32ListNext
GetFileAttributesA
GetQueuedCompletionStatus
CreateThread
VirtualQueryEx
IsBadWritePtr
SetStdHandle
lstrcmp
LocalUnlock
lstrcmpA
RemoveDirectoryW
SetVolumeLabelW
IsValidLocale
SetDefaultCommConfigW
EnumResourceTypesW
GetTempPathW
SetConsoleCtrlHandler
WriteFile
GetTimeFormatA
OpenMutexW
FindResourceW
lstrcpy
ResumeThread
FindResourceExA
GetModuleHandleA
SetFileAttributesW
GlobalWire
InitializeCriticalSectionAndSpinCount
GlobalCompact
SetComputerNameA
CreateFileA
GetCurrentProcessId
CreateFiber
GetLastError
LoadResource
GetCompressedFileSizeA
IsBadReadPtr
Module32Next
SetConsoleCP
GetCommModemStatus
SetVolumeLabelA
GetPrivateProfileSectionW
FileTimeToSystemTime
EnumCalendarInfoA
IsValidCodePage
GetSystemInfo
TlsFree
WritePrivateProfileSectionA
EnumSystemLocalesA
GetCommMask
GetAtomNameW
ReadFile
DefineDosDeviceA
VirtualAllocEx
GetTapePosition
CreateMutexW
UnmapViewOfFile
CompareStringW
GetCurrencyFormatW
FoldStringW
SetLocalTime
SetHandleInformation
OpenWaitableTimerW
GetProcessHeap
GetWriteWatch
MoveFileW
SetProcessShutdownParameters
UpdateResourceA
lstrcpynW
BuildCommDCBAndTimeoutsW
FormatMessageW
QueryPerformanceFrequency
VerLanguageNameA
CopyFileA
CloseHandle
EnumSystemCodePagesA
CancelWaitableTimer
GetLogicalDriveStringsW
SearchPathW
FindCloseChangeNotification
GetShortPathNameA
CreateWaitableTimerA
CreateNamedPipeW
DebugBreak
GetProcessShutdownParameters
CompareFileTime
GetLocaleInfoA
GetPrivateProfileStringA
GetTempPathA
SetupComm
IsBadCodePtr
WriteConsoleInputW
GetTempFileNameW
GetCurrencyFormatA
CreateEventA
GetDriveTypeW
CreatePipe
MoveFileExW
GetPrivateProfileStructA
SetCurrentDirectoryW
lstrcpynA
SetConsoleMode
ReleaseMutex
QueryDosDeviceA
HeapFree
GetBinaryType
GetDateFormatA
ReadConsoleOutputCharacterW
ReadConsoleInputW
LockFile
GetProcessVersion
VirtualAlloc

user32

CopyAcceleratorTableA
SendDlgItemMessageW
GetScrollBarInfo
EnumDisplaySettingsExW
GetTopWindow
DrawFrameControl
TranslateMDISysAccel
GetScrollPos
CreateWindowStationW
FillRect
GetCapture
ShowScrollBar
HiliteMenuItem
AppendMenuW
ChangeClipboardChain
GetDlgCtrlID
DrawTextExW
TranslateAccelerator
GetForegroundWindow
ChangeDisplaySettingsExW
CountClipboardFormats
CharToOemBuffA
GetWindowRect
MonitorFromPoint
DlgDirSelectComboBoxExA
ChangeMenuA
SetCaretPos
SetMenuItemInfoW
RegisterWindowMessageW
DdeSetQualityOfService
GetGUIThreadInfo
KillTimer
SubtractRect
DdeUninitialize
IntersectRect
PtInRect
MsgWaitForMultipleObjects
IsIconic
UnionRect
GetWindowTextW
LoadMenuA
SetWindowTextW
ToAsciiEx
DdeCreateStringHandleW
LoadBitmapW
CreateIconFromResourceEx
GetWindowWord
EnumPropsW
GetDialogBaseUnits
CheckRadioButton
LoadCursorFromFileW
GetKeyboardLayoutNameW
GetUserObjectInformationW
MonitorFromRect
GetMessageExtraInfo
CheckMenuRadioItem
CallNextHookEx
GetShellWindow
GetMenuInfo
GetClipCursor
LoadStringW
CharUpperBuffA
TileChildWindows
SetDlgItemTextW
DdeCreateDataHandle
GetProcessDefaultLayout
SetMenu
GetDesktopWindow
IsCharAlphaA
GetKeyState
EnumWindows
GetWindowRgn
DefFrameProcA
GetComboBoxInfo
CloseClipboard
EnumChildWindows
DrawMenuBar
SetForegroundWindow
IsDialogMessageA
CharUpperBuffW
LookupIconIdFromDirectoryEx
IsDlgButtonChecked
LoadStringA
OemToCharW
VkKeyScanA
DlgDirListComboBoxW
IsCharUpperW
ScrollWindow
VkKeyScanExA
DdeNameService
CreateIcon
SetPropW
EnumDisplayDevicesW
OpenClipboard
BlockInput
AttachThreadInput
CharToOemBuffW
CloseWindow
BroadcastSystemMessageW
LockWindowUpdate
SetClipboardData
MessageBeep
SetDlgItemTextA
DdeQueryConvInfo
SetUserObjectSecurity
LoadKeyboardLayoutA
DispatchMessageW
EnableScrollBar
GetMenuContextHelpId
SetWindowWord
SetFocus
ModifyMenuW
OpenInputDesktop
SetClipboardViewer
SetMessageQueue
GetSystemMenu
GetUpdateRgn
GetInputState
GrayStringW
DdePostAdvise
DestroyIcon
CreateIconIndirect
IsWindowEnabled
EnumPropsA
LoadAcceleratorsW
GetAncestor
RegisterHotKey
GetListBoxInfo
DdeQueryStringW
ExitWindowsEx
DdeAccessData
SetWindowsHookA
LoadIconW
TranslateMessage
DefMDIChildProcA
ToUnicode
RegisterClassW
SetClassLongW
DrawFocusRect
SystemParametersInfoA
EndDeferWindowPos

advapi32

GetNamedSecurityInfoA
SetSecurityInfoExA
CryptVerifySignatureW
AllocateAndInitializeSid
CryptEnumProviderTypesW
GetSecurityInfoExW
GetSidLengthRequired
DuplicateToken
SetAclInformation
DeleteService
GetSidIdentifierAuthority
ConvertAccessToSecurityDescriptorA
GetUserNameA
GetAclInformation
SetSecurityDescriptorOwner
CryptSetProviderA
BuildImpersonateExplicitAccessWithNameA
NotifyChangeEventLog
IsValidAcl
ChangeServiceConfigA
SetPrivateObjectSecurity
GetTrusteeTypeW
RegQueryMultipleValuesW
RevertToSelf
AdjustTokenPrivileges
LogonUserA
GetSecurityDescriptorGroup
RegSetValueExW
CryptDuplicateHash
RegUnLoadKeyA
CryptGenKey
BuildExplicitAccessWithNameA
RegRestoreKeyW
GetAccessPermissionsForObjectW
SetThreadToken
AddAccessDeniedAce
QueryServiceLockStatusW
OpenEventLogA
OpenServiceA
CryptReleaseContext
ObjectOpenAuditAlarmA
RegSetKeySecurity
GetPrivateObjectSecurity
GetServiceDisplayNameW
RegEnumKeyW
AccessCheckAndAuditAlarmW
ConvertSecurityDescriptorToAccessA
BuildExplicitAccessWithNameW
RegCreateKeyA
EnumServicesStatusW
CryptSetProviderExA
RegSetValueA
CryptSetProvParam
InitializeSecurityDescriptor
RegOpenKeyExA
CloseServiceHandle
CryptImportKey
RegCreateKeyW
AddAuditAccessAce
RegEnumKeyExW
ConvertSecurityDescriptorToAccessNamedW
GetSecurityDescriptorDacl
BuildImpersonateTrusteeA
RegSaveKeyW
RegDeleteValueW
ObjectOpenAuditAlarmW
SetEntriesInAclW
ReadEventLogA
BuildImpersonateExplicitAccessWithNameW
LockServiceDatabase
OpenServiceW
CryptDestroyKey
GetFileSecurityW
CreateProcessAsUserA
OpenSCManagerA
CryptAcquireContextW
RegQueryValueExA
RegCloseKey
GetFileSecurityA
GetOldestEventLogRecord
GetAuditedPermissionsFromAclA
EnumDependentServicesA
GetSecurityDescriptorOwner
LookupPrivilegeValueW
PrivilegedServiceAuditAlarmW
RegOpenKeyExW
GetServiceKeyNameA
EqualSid
RegFlushKey
RegSaveKeyA
CryptGetProvParam
CryptEnumProvidersW
RegNotifyChangeKeyValue
SetTokenInformation
ChangeServiceConfigW
GetUserNameW
ImpersonateSelf
ObjectCloseAuditAlarmA
GetAccessPermissionsForObjectA
RegEnumValueA
TrusteeAccessToObjectW
RegSetValueW
SetEntriesInAuditListA
CloseEventLog
FreeSid
CryptGenRandom
RegQueryInfoKeyW
RegisterEventSourceW
ClearEventLogA
RegQueryValueExW

shlwapi

StrIsIntlEqualW
StrChrIA
PathGetDriveNumberA
SHGetValueW
PathUndecorateW
SHDeleteValueW
StrChrW
PathSetDlgItemPathW
HashData
UrlIsOpaqueW
PathIsUNCServerW
SHGetInverseCMAP
SHRegDeleteEmptyUSKeyW
SHGetValueA
PathSearchAndQualifyA
PathMakeSystemFolderW
PathRelativePathToA
StrCmpNIA
wvnsprintfW
SHCopyKeyW
ChrCmpIA
SHDeleteKeyA
PathStripToRootA
UrlHashA
UrlApplySchemeA
PathIsContentTypeW
StrSpnA
PathMatchSpecW
UrlGetPartA
StrRetToStrA
PathCommonPrefixA
StrCSpnW
PathRemoveArgsA
SHRegGetBoolUSValueW
StrRetToStrW
PathFileExistsA
StrRetToBufA
wvnsprintfA
StrNCatW
PathMatchSpecA
StrTrimA
StrCSpnIW
SHDeleteEmptyKeyA
SHCopyKeyA
StrRChrA
PathUnmakeSystemFolderW
SHQueryInfoKeyW
PathCanonicalizeA
PathFindSuffixArrayA
PathGetDriveNumberW
SHRegCreateUSKeyW
ColorRGBToHLS
UrlEscapeA
PathFindExtensionA
StrDupW
StrRChrW
SHRegQueryUSValueA
PathIsLFNFileSpecW
PathCreateFromUrlA
PathFindExtensionW
StrTrimW
AssocQueryStringA
PathFindOnPathW
UrlApplySchemeW
UrlCanonicalizeW
PathRenameExtensionA
PathStripToRootW
SHOpenRegStream2W
StrCmpW
SHRegWriteUSValueA
PathRemoveArgsW
PathCompactPathExW
SHDeleteKeyW
SHRegQueryInfoUSKeyA
SHOpenRegStreamA
UrlCreateFromPathA
PathIsDirectoryW
PathIsUNCW
SHRegDeleteUSValueA
StrToIntW
StrToIntA
PathMakePrettyW
ColorHLSToRGB
SHRegSetUSValueA
PathFindNextComponentA
PathFindNextComponentW
StrStrW
PathCombineW
StrCatBuffW
PathStripPathW
StrFormatByteSizeW
AssocQueryStringW
SHRegEnumUSKeyA
PathAddBackslashW
PathIsURLW
SHSetValueA
SHSetValueW
UrlEscapeW
SHRegSetUSValueW
GetMenuPosFromID
PathIsRootA
PathRemoveBackslashW
StrCpyNW

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4cf4489508b66a569708e37296fdb843

Headers

DLL Characteristics

File Characteristics

Imports

ole32

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: - Virtual size: 8KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: - Virtual size: 8KB