bd36408416f6306a2b58a98d7e55e867

Sharing

Copy URL Twitter E-mail

General

Target

bd36408416f6306a2b58a98d7e55e867
Size

899KB
MD5

bd36408416f6306a2b58a98d7e55e867
SHA1

c25dd278af6dee478489f61d5d91ec3fc7a9a948
SHA256

ac78aaf745e196d41a0b64eee16daed139783443a1596011b94d895ae0adfd5b
SHA512

86ae1013e449ad6c03ce536d662c436f6a60ab5cd828ccabdbfc3b518d9fdbff5215509f569ea8b1c82ba0e6e6e499b871c7c93b53d6e81b15014b16abb87a02
SSDEEP

12288:3IpkNxMdAUCHex7PSM4kk8pGp/1b+QFDLlYe1132s332Hx9KvnYaaN2F1Bso8:XJb6KXP8Y9iQ/rvH2fKvnYaaNwY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd36408416f6306a2b58a98d7e55e867

Files

bd36408416f6306a2b58a98d7e55e867
.exe windows:5 windows x86 arch:x86

2fe1cd8d3770aa810b655cf732892560

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LoadLibraryW
UnregisterWaitEx
InitializeSListHead
ReleaseSemaphore
VirtualProtect
VirtualFree
GetVersionExW
FreeLibraryAndExitThread
GetThreadTimes
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
GetOEMCP
GetACP
IsValidCodePage
OutputDebugStringW
WriteFile
GetProcessHeap
HeapSize
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
GetCPInfo
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
DeleteTimerQueueTimer
ReadConsoleW
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
WaitForSingleObjectEx
SetEvent
CreateTimerQueue
LoadLibraryExW
ExitThread
CreateThread
CreateSemaphoreW
GetTickCount
GetStartupInfoW
TerminateProcess
Sleep
CreateEventW
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCommandLineA
IsProcessorFeaturePresent
IsDebuggerPresent
HeapReAlloc
RtlUnwind
WriteConsoleW
GetModuleHandleExW
GetModuleFileNameW
GetFileType
GetStdHandle
RaiseException
HeapAlloc
HeapFree
GetStringTypeW
DecodePointer
EncodePointer
GetExitCodeThread
GetCurrentThread
DuplicateHandle
GetSystemTimeAsFileTime
GetConsoleWindow
CompareStringA
GetFileAttributesA
OutputDebugStringA
GetModuleFileNameA
GetLogicalDriveStringsA
ChangeTimerQueueTimer
CreateFileW
CreateEventA
lstrlenA
lstrcpyA
WaitForSingleObject
GetCurrentProcess
VirtualAlloc
SetThreadExecutionState
GlobalAlloc
QueryPerformanceFrequency
QueryPerformanceCounter
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleW
FormatMessageW
VerSetConditionMask
GetLastError
LoadLibraryA
CancelIoEx
GetModuleHandleA
CloseHandle
PostQueuedCompletionStatus
GetQueuedCompletionStatus
FreeLibrary
CreateIoCompletionPort
GetCurrentThreadId
GetProcAddress
GetNumaHighestNodeNumber

user32

PeekMessageW
RegisterDeviceNotificationW
UnregisterDeviceNotification
BeginPaint
SetActiveWindow
CreateWindowExW
DestroyWindow
ShowWindow
ToUnicode
MapVirtualKeyW
SystemParametersInfoW
GetRawInputDeviceInfoA
GetRawInputDeviceList
ChangeDisplaySettingsExW
SetWindowRgn
EnumDisplayDevicesW
GetMonitorInfoW
EnumDisplayMonitors
TrackMouseEvent
GetMessageTime
DefWindowProcW
UnregisterClassW
RegisterClassExW
SetScrollPos
MapWindowPoints
SetLayeredWindowAttributes
SetWindowPos
GetSysColor
OffsetRect
DispatchMessageW
SetMenuDefaultItem
InsertMenuItemA
TranslateMessage
TrackPopupMenu
GetSubMenu
EnableMenuItem
DestroyMenu
IsIconic
BringWindowToTop
GetDC
CheckMenuRadioItem
LoadImageA
TileWindows
EnumDisplaySettingsW
GetMenu
LoadMenuA
GetDialogBaseUnits
SendDlgItemMessageA
CheckDlgButton
SetDlgItemTextA
EndDialog
DialogBoxParamA
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
CreateWindowExA
CallWindowProcA
PostQuitMessage
DefWindowProcA
AttachThreadInput
SendMessageA
wsprintfW
RegisterRawInputDevices
GetRawInputData
MonitorFromWindow
LoadImageW
DestroyIcon
LoadCursorW
SetWindowLongW
GetWindowLongW
PtInRect
SetRect
WindowFromPoint
ScreenToClient
ClientToScreen
ClipCursor
GetCursorPos
SetCursor
SetCursorPos
AdjustWindowRectEx
GetWindowRect
GetClientRect
RemovePropW
GetPropW
RedrawWindow
SetForegroundWindow
GetSystemMetrics
ReleaseCapture
SetCapture
GetKeyState

gdi32

DeleteObject
CreateRectRgn
SetDeviceGammaRamp
DeleteDC
CreateDCW
Chord
CreateDCA
CreatePen
CreateRectRgnIndirect
GetPixel
LineTo
SelectObject
SetBkColor
SetTextColor
GetTextMetricsA
MoveToEx
Polyline
SetWindowOrgEx
GetDeviceCaps
ExtTextOutW

comdlg32

ChooseColorA

advapi32

GetUserNameA
OpenProcessToken

shell32

DragFinish
DragAcceptFiles
DragQueryFileW
SHBrowseForFolderA
SHGetSpecialFolderLocation
DragQueryPoint
ShellExecuteA

ole32

CreateStreamOnHGlobal
StgCreateDocfile

oleaut32

UnRegisterTypeLi
VarBstrFromR4
VarBstrFromI4
VarBstrFromI2

comctl32

ImageList_Destroy
ord6
FlatSB_SetScrollInfo
ord412

winmm

midiInGetID
midiInMessage

imm32

ImmGetDefaultIMEWnd

ws2_32

inet_pton
WSAPoll
WSASend
WSARecv
WSAGetLastError
inet_ntop
socket
setsockopt
send
recv
ntohl
listen
htons
getsockopt
getsockname
getpeername
ioctlsocket
connect
closesocket
bind
accept
WSAStartup

msimg32

GradientFill

uxtheme

CloseThemeData
DrawThemeText
DrawThemeBackground
OpenThemeData

netapi32

NetShareGetInfo

userenv

GetDefaultUserProfileDirectoryA
GetProfilesDirectoryA

msvfw32

ICCompressorChoose

avifil32

AVIStreamStart

avicap32

capGetDriverDescriptionA

activeds

ord9

oledlg

OleUIInsertObjectW

ntdsapi

DsGetRdnW

tapi32

phoneGetIconA
phoneGetHookSwitch

Sections

.text
Size: 367KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 242KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 261KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2fe1cd8d3770aa810b655cf732892560

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

winmm

imm32

ws2_32

msimg32

uxtheme

netapi32

userenv

msvfw32

avifil32

avicap32

activeds

oledlg

ntdsapi

tapi32

Sections

.text Size: 367KB - Virtual size: 366KB

.rdata Size: 242KB - Virtual size: 241KB

.data Size: 25KB - Virtual size: 53KB

.tls Size: 512B - Virtual size: 13B

.text Size: 2KB - Virtual size: 1KB

.rsrc Size: 261KB - Virtual size: 260KB

.text
Size: 367KB - Virtual size: 366KB

.rdata
Size: 242KB - Virtual size: 241KB

.data
Size: 25KB - Virtual size: 53KB

.tls
Size: 512B - Virtual size: 13B

.text
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 261KB - Virtual size: 260KB