3ada214a8b845b9c33f828eaa8c50470a47c083a2109b856b1c46563b41d3a59

Sharing

Copy URL

Twitter E-mail

General

Target

3ada214a8b845b9c33f828eaa8c50470a47c083a2109b856b1c46563b41d3a59
Size

574KB
MD5

7639d80d58bc9e7657b657bc8e1f5710
SHA1

9108cd872078abf7c1224bbda302757863333478
SHA256

3ada214a8b845b9c33f828eaa8c50470a47c083a2109b856b1c46563b41d3a59
SHA512

b4bb58ce73e9816dc2662487de531db35eb8de25d3cde0253e063ae102657cbb9b409ceb42e5a0eb1710e5cae3fc0e9043ee73941440f2af8eb167920f49b57c
SSDEEP

12288:BUykGwHBIX2lP71UgSP66r75PNO2F6SJcHy09pTrgs3Ub8:BUCYBMe+i6r75V1FfcHy0Trr3U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ada214a8b845b9c33f828eaa8c50470a47c083a2109b856b1c46563b41d3a59

Files

3ada214a8b845b9c33f828eaa8c50470a47c083a2109b856b1c46563b41d3a59
.exe windows:5 windows x86 arch:x86

57a86e8c09ee6c323387a6fb9494c7c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetCancelConnection2A
WNetAddConnection2A

winmm

timeGetTime

kernel32

LocalReAlloc
TlsFree
SystemTimeToFileTime
GetCurrentDirectoryA
GlobalFlags
GetCPInfo
GetOEMCP
LocalFileTimeToFileTime
GetFileSizeEx
SetErrorMode
GetTickCount
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
RaiseException
ExitThread
CreateThread
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
TerminateProcess
UnhandledExceptionFilter
TlsSetValue
IsDebuggerPresent
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
InterlockedIncrement
GetModuleHandleW
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
InterlockedDecrement
GetModuleFileNameW
GetShortPathNameA
GetVolumeInformationA
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiA
GetThreadLocale
GetStringTypeExA
MoveFileA
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
WritePrivateProfileStringA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
FreeResource
GetCurrentProcessId
GlobalAddAtomA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryA
CompareStringA
InterlockedExchange
lstrcmpA
FreeLibrary
GetModuleHandleA
GetProcAddress
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
LocalFree
MultiByteToWideChar
MulDiv
lstrlenA
GetPrivateProfileIntA
GetPrivateProfileStringA
ResumeThread
SetEndOfFile
SetFileAttributesA
SetFileTime
FindFirstFileA
GetFileAttributesA
GetFileTime
FindClose
CreateDirectoryA
WriteFile
ReleaseMutex
CreateMutexA
WaitForSingleObject
FormatMessageA
DeleteFileA
GetLogicalDrives
GetVersionExA
GetCurrentProcess
GetPriorityClass
SetPriorityClass
Sleep
GlobalMemoryStatus
GetTempPathA
GetDriveTypeA
GetModuleFileNameA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
CreateFileA
CloseHandle
SetFilePointer
ReadFile
GetFileSize
GetLastError
SetUnhandledExceptionFilter

user32

UnregisterClassA
WindowFromPoint
RegisterClipboardFormatA
PostThreadMessageA
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorA
SetRectEmpty
IsZoomed
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
CharUpperA
ReleaseCapture
LoadCursorA
SetCapture
KillTimer
SetTimer
ClientToScreen
SetWindowRgn
DrawIcon
FillRect
IsRectEmpty
InvalidateRect
SetWindowContextHelpId
MapDialogRect
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
MessageBeep
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetClientRect
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetWindow
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
CharNextA
GetMenuItemInfoA
InflateRect
DestroyIcon
DeleteMenu
GetSysColorBrush
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
RemovePropA
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
LoadIconA
IsWindow
IsWindowVisible
SendMessageA
EqualRect
SetRect
MessageBoxA
RegisterWindowMessageA
FindWindowA
PostMessageA
EnableWindow
UpdateWindow
GetScrollRange

gdi32

ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
ScaleWindowExtEx
CreateSolidBrush
GetTextMetricsA
CreateCompatibleBitmap
CreateFontIndirectA
GetBkColor
GetTextColor
GetRgnBox
GetMapMode
SetWindowExtEx
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
CreateBitmap
GetDeviceCaps
GetTextExtentPoint32A
DeleteObject
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateRectRgnIndirect
Ellipse
LPtoDP
CreateEllipticRgn
GetObjectA
SetBkColor
SetTextColor
GetClipBox
PtVisible

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegSetValueA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
DragFinish
DragQueryFileA
ExtractIconA
ShellExecuteA

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
UrlUnescapeA
PathFindExtensionA
PathRemoveFileSpecW

oledlg

ord8

ole32

CoRegisterMessageFilter
OleFlushClipboard
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoUninitialize
CoInitializeEx
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysFreeString
OleCreateFontIndirect
SysStringLen

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA
InternetOpenA
InternetConnectA
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile

Sections

.text
Size: 378KB - Virtual size: 378KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57a86e8c09ee6c323387a6fb9494c7c5

Headers

DLL Characteristics

File Characteristics

Imports

mpr

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

wininet

Sections

.text Size: 378KB - Virtual size: 378KB

.rdata Size: 104KB - Virtual size: 104KB

.data Size: 18KB - Virtual size: 33KB

.rsrc Size: 27KB - Virtual size: 27KB

.reloc Size: 44KB - Virtual size: 44KB

.text
Size: 378KB - Virtual size: 378KB

.rdata
Size: 104KB - Virtual size: 104KB

.data
Size: 18KB - Virtual size: 33KB

.rsrc
Size: 27KB - Virtual size: 27KB

.reloc
Size: 44KB - Virtual size: 44KB