67a6626da9589b37ea6a18a6ec0d55fe1b149710e0c2d2e9aa1c70e8797daf0e

Sharing

Copy URL Twitter E-mail

General

Target

67a6626da9589b37ea6a18a6ec0d55fe1b149710e0c2d2e9aa1c70e8797daf0e
Size

1.6MB
MD5

4d28c8968977d11731c8c46b0085a85c
SHA1

68790821b2a3699d6c5f8ecbdc911adc52128a34
SHA256

67a6626da9589b37ea6a18a6ec0d55fe1b149710e0c2d2e9aa1c70e8797daf0e
SHA512

1307c9b8e8ac9be3e8f4ddf2a7e570f0206ebc4bbdb23905417eab2826ebe43ec6ac0ca24daf7e9ba861dfad21a27546035a8774ae0ef0c342f3e2ac901b9c26
SSDEEP

24576:Oy0scDrMp43MzuX3vN/ZKxIEp0clquS1hfat4C8QqM+uIXWMFvIBR5Z8LzWhV:T6XMpxfS1hfq4DQqM+XXxvIBLZezAV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67a6626da9589b37ea6a18a6ec0d55fe1b149710e0c2d2e9aa1c70e8797daf0e

Files

67a6626da9589b37ea6a18a6ec0d55fe1b149710e0c2d2e9aa1c70e8797daf0e
.exe windows:4 windows x86 arch:x86

d09e15fdb99b832b2d9e71af1e368d73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

tapi32

tapiRequestMakeCallA

mapi32

ord75
ord17
ord135
ord183
ord11
ord13
ord136
ord139
ord140
ord21
ord23

wldap32

ord41
ord88
ord211
ord16
ord143
ord27
ord301
ord33
ord200
ord79
ord35
ord32
ord135
ord191
ord204
ord46
ord18
ord50
ord26
ord34
ord45
ord38

rpcrt4

UuidFromStringA

ipworks8

HTTP_Do
HTTP_Set
HTTP_Destroy
HTTP_Get
HTTP_Create

kernel32

GetVersionExA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeResource
VirtualProtect
FileTimeToLocalFileTime
SetFileTime
SetFileAttributesA
GetFileAttributesA
GetFileTime
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
ResumeThread
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
SetErrorMode
GetCPInfo
GetCurrentProcessId
FindResourceExA
GetTickCount
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
ExitThread
CreateThread
HeapReAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
GetStartupInfoA
SetStdHandle
GetFileType
ExitProcess
HeapSize
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetACP
IsValidCodePage
GetTimeZoneInformation
Sleep
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetHandleCount
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetLocalTime
GetSystemTime
GetDiskFreeSpaceA
GetModuleFileNameW
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FileTimeToSystemTime
GetThreadLocale
lstrcmpA
SetLastError
MulDiv
LoadLibraryExA
IsDBCSLeadByte
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrcmpiA
CompareStringW
CompareStringA
GetVersion
InterlockedExchange
GetFileSize
CloseHandle
CreateFileA
GetWindowsDirectoryA
GetSystemDirectoryA
GetEnvironmentVariableA
lstrlenW
CopyFileA
DeleteFileA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
SystemTimeToFileTime
GlobalAlloc
GlobalLock
ResetEvent
TerminateThread
WaitForMultipleObjects
GetComputerNameA
lstrcpyA
GetTempPathA
FindNextFileA
IsBadWritePtr
SystemTimeToTzSpecificLocalTime
GlobalUnlock
GlobalFree
InterlockedDecrement
HeapAlloc
GetProcessHeap
HeapFree
InterlockedIncrement
GetLastError
GetModuleHandleA
FormatMessageA
LocalFree
lstrcpynA
CreateEventA
WaitForSingleObject
SetEvent
FindFirstFileA
FindClose
CreateDirectoryA
GetProcAddress
GetModuleFileNameA
FreeLibrary
LoadLibraryA
lstrlenA
WideCharToMultiByte
CreateFileW
FindResourceA
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
GetOEMCP

user32

GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableA
UnregisterClassA
GetSysColorBrush
SetWindowContextHelpId
GetMessageA
ValidateRect
WindowFromPoint
MapDialogRect
GetAsyncKeyState
DestroyMenu
InflateRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
FillRect
IsDialogMessageA
SetDlgItemTextA
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
UpdateWindow
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
CopyRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
OffsetRect
IntersectRect
IsIconic
GetWindowPlacement
GetWindow
GetWindowThreadProcessId
FrameRect
DrawStateA
DrawFrameControl
GetLastActivePopup
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuItemID
GetSubMenu
GetClassNameA
DrawTextA
LoadCursorA
CharNextA
CharUpperA
MoveWindow
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
SetRectEmpty
ReleaseCapture
SetCursor
SetCapture
GetCapture
ScreenToClient
LoadStringA
GetWindowLongA
GetFocus
PtInRect
SetWindowsHookExA
CallNextHookEx
UnhookWindowsHookEx
GetParent
GetKeyState
TranslateMessage
DispatchMessageA
SystemParametersInfoA
GetCursorPos
GetSystemMetrics
TrackPopupMenu
SetActiveWindow
SetWindowPos
GetDesktopWindow
GetClientRect
GetMenuItemCount
AppendMenuA
CreatePopupMenu
PostQuitMessage
BringWindowToTop
KillTimer
SetTimer
InvalidateRect
EmptyClipboard
CloseClipboard
SetClipboardData
LoadImageA
LoadIconA
SendMessageA
OpenClipboard
IsWindowVisible
GetWindowRect
GetDlgItem
EnableWindow
DdeInitializeA
DdeCmpStringHandles
DdeQueryConvInfo
DdeCreateDataHandle
GetClipboardFormatNameA
DdeQueryStringA
DdePostAdvise
DdeNameService
DdeUninitialize
DdeAccessData
DdeUnaccessData
DdeConnect
DdeClientTransaction
DdeDisconnect
DdeFreeStringHandle
DdeCreateStringHandleA
DdeGetLastError
IsWindow
PostMessageA
EnumWindows
SendMessageTimeoutA
ShowWindow
SetForegroundWindow
SetFocus
MessageBoxA
DrawFocusRect
RedrawWindow
GetIconInfo
DestroyCursor
CreateCursor
EnumChildWindows
GetCursor
IsWindowEnabled

gdi32

SetROP2
SetBkMode
Rectangle
SetMapMode
LineTo
EnumFontFamiliesExA
RestoreDC
SaveDC
GetTextColor
GetBkColor
GetStockObject
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
GetObjectA
CreateFontIndirectA
CreateSolidBrush
GetTextExtentPoint32A
GetRgnBox
DPtoLP
GetMapMode
CreateRectRgnIndirect
CreatePen
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
DeleteObject
MoveToEx
CreateCompatibleBitmap

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

GetFileTitleA

advapi32

GetUserNameA
AllocateAndInitializeSid
FreeSid
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
OpenSCManagerA
OpenServiceA
QueryServiceConfigA
CloseServiceHandle

shell32

ShellExecuteA
SHGetPathFromIDListA
SHGetMalloc
SHBrowseForFolderA
Shell_NotifyIconA

ole32

CoInitialize
OleRun
CoCreateInstance
CoRevokeClassObject
CoUninitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleIsCurrentClipboard
OleFlushClipboard

oleaut32

GetErrorInfo
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
VarUdateFromDate
VariantClear
VariantCopy
VariantInit
OleCreatePictureIndirect
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysFreeString
VariantChangeType
SysAllocString
VarUI4FromStr
SafeArrayDestroy
SysAllocStringLen

shlwapi

SHCreateStreamOnFileEx
PathFindExtensionA
PathIsUNCA
PathFindFileNameA
PathStripToRootA

oledlg

ord8

ws2_32

WSACleanup
closesocket
inet_ntoa
gethostbyname
WSAGetLastError
WSAStartup
recv
WSAEventSelect
WSAEnumNetworkEvents
WSAConnect
socket
inet_addr
htons

oleacc

CreateStdAccessibleObject
LresultFromObject

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

wininet

InternetConnectA
FtpDeleteFileA
FtpSetCurrentDirectoryA
FtpPutFileA
InternetSetStatusCallback
InternetOpenA
InternetCloseHandle
InternetGetLastResponseInfoA

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 324KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d09e15fdb99b832b2d9e71af1e368d73

Headers

File Characteristics

Imports

tapi32

mapi32

wldap32

rpcrt4

ipworks8

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

oledlg

ws2_32

oleacc

version

wininet

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 324KB - Virtual size: 322KB

.data Size: 60KB - Virtual size: 73KB

.rsrc Size: 148KB - Virtual size: 146KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 324KB - Virtual size: 322KB

.data
Size: 60KB - Virtual size: 73KB

.rsrc
Size: 148KB - Virtual size: 146KB