487b97b3e52fc7ce09b93f7fd2eca379f43e68d5b5996537846e1818c95a44ce

Sharing

Copy URL Twitter E-mail

General

Target

487b97b3e52fc7ce09b93f7fd2eca379f43e68d5b5996537846e1818c95a44ce
Size

2.0MB
MD5

07480109face06cda2ce327ad06b2535
SHA1

b259e576beafb0915e9603f1317d880c4704912c
SHA256

487b97b3e52fc7ce09b93f7fd2eca379f43e68d5b5996537846e1818c95a44ce
SHA512

605b46c8905b3cabdd86ca9f402fbbf9fa12994eeee16dd40cdb9adaec0556a3c16e1e284e4fa61db9286b2314872d8f479b189226a93acc1bfd2d98826cd97d
SSDEEP

49152:mwQNb6gEHhx418gRXU+LO6Dr1WevDVWUsA6AD8KLSqkwNwTbjAcabJEBsPds2f8u:mwwb6gEHhx418gRXU+LO6Dr1WevDcUsM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
487b97b3e52fc7ce09b93f7fd2eca379f43e68d5b5996537846e1818c95a44ce

Files

487b97b3e52fc7ce09b93f7fd2eca379f43e68d5b5996537846e1818c95a44ce
.exe windows:4 windows x86 arch:x86

e596346e0d03990c1e7f0b978797a088

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller
CM_Locate_DevNodeA
CM_Remove_SubTree
CM_Get_Sibling
CM_Get_Parent
CM_Get_DevNode_Registry_PropertyA
CM_Get_Child
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList

kernel32

InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
SizeofResource
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetErrorMode
lstrlenW
RtlUnwind
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
ExitProcess
GetTimeFormatA
GetDateFormatA
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RaiseException
ExitThread
SetStdHandle
GetFileType
GetACP
HeapSize
HeapReAlloc
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
WriteConsoleA
GetTimeZoneInformation
VirtualProtect
GetSystemInfo
VirtualQuery
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FileTimeToLocalFileTime
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
InterlockedExchange
SetConsoleCtrlHandler
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
FileTimeToSystemTime
GetProfileStringA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
Sleep
OutputDebugStringA
lstrcpyA
CreateDirectoryA
GetFileAttributesA
GetLocalTime
CloseHandle
SetCommState
GetCommState
SetCommTimeouts
GetCommTimeouts
CreateFileA
ReadFile
WriteFile
SetThreadPriority
CreateThread
CreateEventA
SetPriorityClass
GetCurrentProcess
WaitForSingleObject
SetEvent
ResetEvent
FindClose
FindFirstFileA
GetLastError
CopyFileA
GetProcAddress
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetSystemDefaultLangID
FreeLibrary
LoadLibraryA
DeleteFileA
WaitForMultipleObjects
ReleaseMutex
CreateMutexA
ReleaseSemaphore
CreateSemaphoreA
GetCurrentThread
lstrcmpA
MulDiv
SuspendThread
ResumeThread
InterlockedDecrement
InterlockedIncrement
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
lstrcpynA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DuplicateHandle
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetTickCount
GetFileSize
GlobalFree
GetSystemDirectoryA
GetDriveTypeA
GetModuleFileNameA
MultiByteToWideChar
GetVolumeInformationW
WideCharToMultiByte
GetVolumeInformationA
CreateNamedPipeA
FormatMessageA
LocalFree
LocalAlloc
SetLastError
lstrlenA
lstrcatA
GetWindowsDirectoryA
GetCurrentDirectoryA
SetFileAttributesA
DeviceIoControl
GetVersionExA
AttachConsole
CreateProcessA
RemoveDirectoryA
SetCurrentDirectoryA
FindNextFileA
FreeEnvironmentStringsW

user32

GetWindowThreadProcessId
DeleteMenu
CharNextA
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
MessageBeep
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
PostThreadMessageA
DestroyIcon
DestroyMenu
WindowFromPoint
IsClipboardFormatAvailable
wvsprintfA
LoadStringA
InflateRect
WaitMessage
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetMessageA
ValidateRect
OemToCharA
CharToOemA
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
GetMenuCheckMarkDimensions
LoadBitmapA
SetMenuItemBitmaps
EnableMenuItem
GetNextDlgTabItem
MoveWindow
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
ReleaseDC
PostMessageA
SendDlgItemMessageA
MapWindowPoints
SetActiveWindow
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
RemoveMenu
GetScrollRange
SetScrollRange
GetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
PeekMessageA
TranslateMessage
DispatchMessageA
CharUpperA
GetClassNameA
FindWindowExA
EnumWindows
GetDesktopWindow
GetParent
UnregisterClassA
HideCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
EnableWindow
SendMessageA
GetMenu
ModifyMenuA
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetMenuState
CheckMenuItem
ScreenToClient
GetCursorPos
FindWindowA
EnumChildWindows
GetWindowTextA
IsWindowVisible
IsWindowEnabled
LoadImageA
GetMenuStringA
InsertMenuA
GetDialogBaseUnits
GetSysColorBrush
LoadCursorA
MsgWaitForMultipleObjects
MapDialogRect
SetWindowContextHelpId
ShowScrollBar
ShowOwnedPopups
GetDlgItem
ShowWindow
SetWindowPos
SetFocus
GetDC
SetWindowTextA
SetWindowsHookExA
SetDlgItemTextA
UnhookWindowsHookEx
LoadIconA
IsIconic
GetSysColor
RedrawWindow
DrawFocusRect
GetWindowRect
GetClientRect
UpdateWindow
InvalidateRect
GetFocus
wsprintfA
PostQuitMessage
MessageBoxA
SetTimer
KillTimer
GetKeyNameTextA
DestroyCaret
SetScrollPos
DragDetect
EnableScrollBar
SetScrollInfo
ReleaseCapture
GetKeyState
RegisterClipboardFormatA
EmptyClipboard
PtInRect
FillRect
DrawTextA
SetCapture
CreateCaret
SetCaretPos
ShowCaret
SetCursor
IsWindow
OffsetRect
GetSystemMetrics
DrawIcon
AppendMenuA
GetSystemMenu
AdjustWindowRectEx

gdi32

StartDocA
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
DeleteDC
PolyBezierTo
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
ExtCreatePen
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
ExtTextOutA
Escape
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
GetTextMetricsA
CopyMetaFileA
CreateDCA
GetTextColor
GetBkColor
LPtoDP
CreateBitmap
CreateRectRgnIndirect
PatBlt
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
GetViewportOrgEx
SetViewportOrgEx
DeleteObject
SetBoundsRect
GetCharWidthA
GetTextExtentPoint32A
TextOutA
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontA
CreateSolidBrush
Rectangle
GetObjectA
CreatePen
CreateFontIndirectA
SetColorAdjustment
CreateDIBitmap
GetTextExtentPointA
GetStockObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumKeyA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyA
RegSetValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyA
RegCloseKey
RegQueryValueA
RegDeleteKeyA

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
DragAcceptFiles
SHGetMalloc
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
ExtractIconA

comctl32

_TrackMouseEvent
ord17
ord13
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_Write

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleIsCurrentClipboard
OleUninitialize
OleGetClipboard
CLSIDFromProgID
CLSIDFromString
CoDisconnectObject
OleDuplicateData
CoTaskMemAlloc
CreateBindCtx
SetConvertStg
WriteFmtUserTypeStg
CoTaskMemFree
OleSetClipboard
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateStreamOnHGlobal
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoCreateInstance
OleRun
OleInitialize
WriteClassStg
ReleaseStgMedium
CoRegisterMessageFilter
CoRegisterClassObject
CoRevokeClassObject
OleRegGetUserType
OleFlushClipboard

olepro32

ord253

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
SysStringLen
SysAllocStringByteLen
VariantCopy
VariantChangeType
SysReAllocStringLen
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
LoadTypeLi
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
SysStringByteLen
VarCyFromStr
VarBstrFromCy
VarDateFromStr
VarBstrFromDate
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor

wsock32

WSACleanup
connect
sendto
recvfrom
socket
inet_ntoa
WSAAsyncSelect
send
recv
gethostbyname
closesocket
htonl
htons
bind
ioctlsocket
accept
getsockname
getpeername
ntohs
inet_addr
WSAGetLastError
WSASetLastError
WSAStartup
shutdown

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 216KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e596346e0d03990c1e7f0b978797a088

Headers

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

iphlpapi

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 136KB - Virtual size: 133KB

.data Size: 216KB - Virtual size: 1.3MB

.sxdata Size: 4KB - Virtual size: 248B

.rsrc Size: 144KB - Virtual size: 141KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 136KB - Virtual size: 133KB

.data
Size: 216KB - Virtual size: 1.3MB

.sxdata
Size: 4KB - Virtual size: 248B

.rsrc
Size: 144KB - Virtual size: 141KB