bf1a6e2e4d2cb78d8d965fc967238a30

Sharing

Copy URL Twitter E-mail

General

Target

bf1a6e2e4d2cb78d8d965fc967238a30
Size

548KB
MD5

bf1a6e2e4d2cb78d8d965fc967238a30
SHA1

e603af2a82e9edc1de540340870f207dcaba4823
SHA256

dd3d55150d435d5672df4f078a83cdb68aa2d3ff6259fc87247594514defbd0b
SHA512

00834813080607c34ffaac2212576cf7eed271118c383379956dc0c80b981acddb529c5bf15e59c49ac1b83c84f64c77dd670ac14d65fca95b3c585ac3e5636a
SSDEEP

12288:vMzUN/VJXQMXjeK9eg1nRAB3Rz0L9+6cIZK+M6:7hVJXQMXEknRAB3RbvIZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf1a6e2e4d2cb78d8d965fc967238a30

Files

bf1a6e2e4d2cb78d8d965fc967238a30
.exe windows:4 windows x86 arch:x86

24992296cd279c2652a5ef111a153645

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
Sleep
SetHandleCount
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
LCMapStringW
GetProfileStringA
InterlockedExchange
LCMapStringA
GetFileType
SetStdHandle
GetACP
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetDriveTypeA
SetEnvironmentVariableA
GetCommandLineA
GetStartupInfoA
TerminateProcess
RaiseException
RtlUnwind
WritePrivateProfileStringA
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
SizeofResource
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetTempFileNameA
GetFileAttributesA
FindNextFileA
GetCurrentThread
lstrcmpA
ReleaseMutex
CreateMutexA
GetShortPathNameA
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
DuplicateHandle
GetThreadLocale
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
lstrlenW
lstrcpynA
InterlockedDecrement
GlobalLock
GlobalUnlock
MulDiv
SetLastError
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
LocalAlloc
CreateFileA
GetFileSize
ReadFile
GetLastError
GetVersionExA
HeapReAlloc
HeapSize
HeapFree
HeapAlloc
DeleteFileA
GetCurrentDirectoryA
CreateProcessA
CreateDirectoryA
FindFirstFileA
FindClose
GetModuleFileNameA
MultiByteToWideChar
FormatMessageA
LocalFree
ExitProcess
lstrcatA
lstrlenA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
GetTickCount
WaitForSingleObject
GetExitCodeThread
GlobalAlloc
GlobalFree
WideCharToMultiByte
TerminateThread
CloseHandle
CreateThread
GetStringTypeA
InterlockedIncrement

user32

SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
CheckDlgButton
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
SendDlgItemMessageA
MapWindowPoints
GetFocus
SetActiveWindow
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
ModifyMenuA
DefWindowProcA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
GetDCEx
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
IsIconic
GetSystemMetrics
DrawIcon
IsWindowVisible
SetFocus
GetMessagePos
ScreenToClient
SetRect
GetCapture
UpdateWindow
KillTimer
MessageBeep
LoadCursorA
CopyIcon
PtInRect
ReleaseCapture
SetCapture
PeekMessageA
TranslateMessage
DispatchMessageA
RedrawWindow
SetParent
LoadIconA
SetTimer
IsWindow
AdjustWindowRectEx
GetWindow
GetClassNameA
DestroyMenu
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
DestroyCursor
DestroyIcon
InvertRect
IsRectEmpty
EnableWindow
LoadMenuA
GetDC
ReleaseDC
FillRect
DrawStateA
GetClientRect
CopyRect
FrameRect
InflateRect
GetSysColor
OffsetRect
GetTabbedTextExtentA
PostThreadMessageA
RemovePropA
LockWindowUpdate
DrawFocusRect
GetWindowRect
GetSubMenu
TrackPopupMenuEx
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
SendMessageA
GetWindowLongA
GetSysColorBrush
RegisterClipboardFormatA
GetMessageA
ValidateRect
ShowOwnedPopups
PostQuitMessage
GetSystemMenu
DeleteMenu
AppendMenuA
IsZoomed
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
CharUpperA
GetNextDlgGroupItem
GetDesktopWindow
CopyAcceleratorTableA
MapDialogRect
SetWindowContextHelpId
CharNextA
GetMenuState
FindWindowA
EndDialog
CreateDialogIndirectParamA
LoadStringA
GetCursorPos
GetMenuCheckMarkDimensions
SetWindowPos
LoadBitmapA

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
CreateRectRgn
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
SetMapMode
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetMapMode
PatBlt
SetRectRgn
CombineRgn
CreateRectRgnIndirect
DPtoLP
LPtoDP
GetTextColor
GetBkColor
GetTextMetricsA
StretchDIBits
GetCharWidthA
CreateFontA
Rectangle
GetViewportOrgEx
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
CreateDCA
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetWindowOrgEx
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
StartDocA
GetClipBox
GetTextExtentPoint32A
CreateFontIndirectA
CreateSolidBrush
CreatePen
RoundRect
GetObjectA
CreateBitmap
SetBkColor
SetTextColor
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetStockObject
CreateDIBitmap
GetTextExtentPointA
DeleteObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
PrintDlgA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
SetFileSecurityA
GetFileSecurityA
RegSetValueExA
RegCreateKeyA
RegSetValueA
RegCreateKeyExA
RegCloseKey

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
ShellExecuteA
ShellExecuteExA
ExtractIconA

comctl32

_TrackMouseEvent
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_GetIconSize
ord17
ImageList_Destroy
ImageList_Create

oledlg

ord8

ole32

StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CoDisconnectObject
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
OleFlushClipboard
OleIsCurrentClipboard
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject

olepro32

ord253

oleaut32

SysFreeString
LoadTypeLi
VariantCopy
VariantClear
SysAllocStringLen
SysStringLen
VariantChangeType
SysAllocString
VariantTimeToSystemTime
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SysAllocStringByteLen

wininet

InternetWriteFile
HttpOpenRequestA
HttpSendRequestA
InternetGetLastResponseInfoA
InternetErrorDlg
InternetQueryDataAvailable
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
InternetConnectA
InternetOpenA

Sections

.text
Size: 388KB - Virtual size: 385KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24992296cd279c2652a5ef111a153645

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

Sections

.text Size: 388KB - Virtual size: 385KB

.rdata Size: 92KB - Virtual size: 88KB

.data Size: 40KB - Virtual size: 60KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 388KB - Virtual size: 385KB

.rdata
Size: 92KB - Virtual size: 88KB

.data
Size: 40KB - Virtual size: 60KB

.rsrc
Size: 24KB - Virtual size: 24KB