63e6cc9aa7575354f45853739247f730a9a56aed9c3ef75bd5a9c98e3d8bd3fe

Sharing

Copy URL Twitter E-mail

General

Target

63e6cc9aa7575354f45853739247f730a9a56aed9c3ef75bd5a9c98e3d8bd3fe
Size

1.7MB
MD5

823aff1fc1253b493e0d13ca626da8bd
SHA1

38b4d6f9a357fba64bb386e4ff692be25fa03539
SHA256

63e6cc9aa7575354f45853739247f730a9a56aed9c3ef75bd5a9c98e3d8bd3fe
SHA512

cc9a01ecfbbd47857d97aefb6aeeff0d253570266aa16e8e474242ecfe6002f22bf1c7296b3c83b3af7199a112c418e600ca20731c95b6d4346b7e711cb93afd
SSDEEP

24576:6ir5it2ptdQw9mrdET5iAGc4nX0xuP9J8k3f2/gQx:645igmrk5idnzL8kcgQx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63e6cc9aa7575354f45853739247f730a9a56aed9c3ef75bd5a9c98e3d8bd3fe

Files

63e6cc9aa7575354f45853739247f730a9a56aed9c3ef75bd5a9c98e3d8bd3fe
.exe windows:5 windows x86 arch:x86

c4e841464ebeeab51d2a6c05bdf900ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create
ImageList_LoadImageW
CreateStatusWindowW
InitCommonControlsEx

msimg32

AlphaBlend

winmm

PlaySoundW

gdiplus

GdipDisposeImage
GdipSaveImageToFile
GdipCreateBitmapFromHBITMAP
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipGetImageWidth
GdipGetImageHeight
GdipCloneImage
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipGetImagePixelFormat
GdipFree
GdipAlloc
GdipBitmapGetPixel
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawImageRectI
GdiplusShutdown
GdipImageSelectActiveFrame
GdiplusStartup

msvfw32

MCIWndCreateW

wininet

DeleteUrlCacheEntryW

oledlg

OleUIInsertObjectW
OleUIAddVerbMenuW

advapi32

RegQueryInfoKeyW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
IsTextUnicode
RegOpenKeyExW

shlwapi

PathIsDirectoryW
PathFindFileNameW
StrCmpNIW
PathFileExistsW
PathAddExtensionW
PathFindExtensionW
PathRemoveFileSpecW
PathAppendW
SHStrDupW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

urlmon

URLDownloadToFileW

kernel32

RtlUnwind
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
GetProcessHeap
HeapFree
HeapAlloc
EncodePointer
OutputDebugStringW
InitializeSListHead
MultiByteToWideChar
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
GlobalFree
MulDiv
lstrcmpiW
GetModuleHandleW
InterlockedIncrement
InterlockedDecrement
lstrcmpW
GetTempPathW
GetTempFileNameW
DeleteFileW
LockResource
GetCurrentProcess
GetExitCodeProcess
WaitForSingleObject
LoadResource
SizeofResource
GetStdHandle
WriteFile
ReadFile
FlushFileBuffers
CloseHandle
DuplicateHandle
GetTickCount
CreatePipe
PeekNamedPipe
CreateProcessW
FindResourceExW
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
TlsGetValue
SetPriorityClass
DecodePointer
FreeResource
FreeLibrary
GetProcAddress
GlobalHandle
GetShortPathNameW
RaiseException
CreateThread
GetCurrentThreadId
GetLastError
SetLastError
DebugBreak
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
Sleep
FindClose
lstrcmpA
lstrcpynW
lstrlenA
lstrlenW
LoadLibraryW
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleA
GetEnvironmentVariableW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
FindResourceW
EnumResourceTypesW
EnumResourceNamesW
EnumResourceLanguagesW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
RemoveDirectoryW
GetFullPathNameW
SetFileAttributesW
GetFileAttributesW
FindFirstFileW
FindNextFileW
CopyFileW
MoveFileExW
IsBadReadPtr
GetVersionExW
WideCharToMultiByte
GetLocaleInfoW
GetThreadLocale
SetThreadLocale
GetUserDefaultLangID
EnumSystemLocalesW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
TlsSetValue
TlsFree
GetCommandLineA
GetCommandLineW
ExitProcess
TlsAlloc
GetModuleHandleExW
GetACP
GetFileType
GetConsoleCP
GetConsoleMode
GetStringTypeW
ReadConsoleW
HeapSize
HeapReAlloc
LCMapStringW
IsValidLocale
GetUserDefaultLCID
SetFilePointerEx
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
WriteConsoleW
CreateFileW
SetEndOfFile

user32

GetKeyState
GetAsyncKeyState
SetCapture
ReleaseCapture
SetTimer
KillTimer
EnableWindow
LoadAcceleratorsW
CreateAcceleratorTableW
DestroyAcceleratorTable
TranslateAcceleratorW
GetSystemMetrics
LoadMenuW
LoadMenuIndirectW
GetMenu
SetMenu
GetSystemMenu
CheckMenuItem
EnableMenuItem
GetSubMenu
GetMenuItemCount
InsertMenuW
RemoveMenu
DeleteMenu
TrackPopupMenuEx
DrawTextW
UpdateWindow
GetWindowDC
SetWindowRgn
GetWindowRgn
InvalidateRgn
RedrawWindow
GetScrollPos
ShowScrollBar
SetWindowTextW
GetWindowTextLengthW
GetWindowRect
AdjustWindowRectEx
MessageBoxW
SetCursor
GetCursorPos
ScreenToClient
MapWindowPoints
GetSysColor
GetSysColorBrush
DrawFocusRect
CopyRect
InflateRect
OffsetRect
EqualRect
PtInRect
GetWindowLongW
SetWindowLongW
GetDesktopWindow
EnumChildWindows
FindWindowW
FindWindowExW
GetClassNameW
GetTopWindow
GetWindow
SetWindowsHookExW
SetFocus
CallNextHookEx
CheckMenuRadioItem
LoadBitmapW
LoadCursorW
LoadCursorFromFileW
LoadIconW
GetIconInfo
IsDialogMessageW
MapDialogRect
SetScrollInfo
GetGuiResources
MonitorFromPoint
MonitorFromWindow
GetMonitorInfoW
GetComboBoxInfo
IsWindowEnabled
SetPropW
GetPropW
RemovePropW
EnumPropsW
CharNextW
CreateWindowExW
RegisterClassExW
UnregisterClassW
PostQuitMessage
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
DrawFrameControl
RegisterWindowMessageW
LoadStringW
DrawIconEx
DestroyCursor
SetRect
CreateIconFromResource
DestroyIcon
FillRect
SendMessageW
LoadImageW
CreateIconFromResourceEx
GetParent
SetRectEmpty
ClientToScreen
GetClientRect
GetWindowTextW
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
SetForegroundWindow
CharLowerW
GetDlgCtrlID
SendDlgItemMessageW
SendDlgItemMessageA
IsWindow
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
GetDlgItem
EndDialog
DialogBoxIndirectParamW
DialogBoxParamW
CreateDialogIndirectParamW
CreateDialogParamW
IsZoomed
GetFocus
BringWindowToTop
CharUpperW
GetClassInfoExW
GetDialogBaseUnits
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
RegisterClipboardFormatW
EmptyClipboard
IsIconic
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
MoveWindow
ShowWindowAsync
ShowWindow
DestroyWindow
UnhookWindowsHookEx
TrackPopupMenu
DestroyMenu
CreatePopupMenu
CallWindowProcW
DefWindowProcW
IsChild
PostMessageW
SystemParametersInfoW
IsClipboardFormatAvailable
IsDlgButtonChecked

gdi32

CreateDIBPatternBrushPt
CreateRectRgn
OffsetRgn
PtInRegion
GetDIBits
SetBkColor
SetBkMode
CreateCompatibleBitmap
SetTextColor
TextOutW
GetTextFaceW
CreatePen
GetTextExtentPoint32W
LineTo
MoveToEx
CombineRgn
BitBlt
CreateSolidBrush
GetObjectW
SetPixelV
CreateCompatibleDC
GetTextMetricsW
SelectObject
GetTextExtentPointW
GetStockObject
GetDeviceCaps
EnumFontFamiliesW
DeleteObject
DeleteDC
CreateFontIndirectW
CreateDIBSection
Rectangle

shell32

SHBrowseForFolderW
DragFinish
DragAcceptFiles
ShellExecuteW
ExtractIconW
SHGetPathFromIDListW
DragQueryFileW

ole32

StgCreateDocfile
StgOpenStorage
OleLockRunning
OleUninitialize
ReadClassStg
WriteClassStg
OleCreate
OleSave
OleDraw
OleIsRunning
CreateStreamOnHGlobal
CoGetClassObject
CoCreateInstance
OleInitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CLSIDFromString
StringFromGUID2
StringFromCLSID
CLSIDFromProgID

oleaut32

VariantClear
VariantInit
VarUI4FromStr
SysFreeString
SysAllocStringLen
SysAllocString
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysStringLen

comdlg32

GetFileTitleW
GetSaveFileNameW
GetOpenFileNameW
ChooseFontW

Sections

.text
Size: 701KB - Virtual size: 701KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 874KB - Virtual size: 876KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4e841464ebeeab51d2a6c05bdf900ed

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

msimg32

winmm

gdiplus

msvfw32

wininet

oledlg

advapi32

shlwapi

version

urlmon

kernel32

user32

gdi32

shell32

ole32

oleaut32

comdlg32

Sections

.text Size: 701KB - Virtual size: 701KB

.rdata Size: 149KB - Virtual size: 149KB

.data Size: 11KB - Virtual size: 33KB

.rsrc Size: 874KB - Virtual size: 876KB

.reloc Size: 41KB - Virtual size: 41KB

.text
Size: 701KB - Virtual size: 701KB

.rdata
Size: 149KB - Virtual size: 149KB

.data
Size: 11KB - Virtual size: 33KB

.rsrc
Size: 874KB - Virtual size: 876KB

.reloc
Size: 41KB - Virtual size: 41KB