1232bc3525cfad9035517285cdb42813b87a1f322706f1679ee1e4f16372495f

Sharing

Copy URL Twitter E-mail

General

Target

1232bc3525cfad9035517285cdb42813b87a1f322706f1679ee1e4f16372495f
Size

3.1MB
MD5

f9ebf9aaa56fc0eb6501dd138847818b
SHA1

021746ad7eddf63e77f2a88230cf08197ff614c4
SHA256

1232bc3525cfad9035517285cdb42813b87a1f322706f1679ee1e4f16372495f
SHA512

b4ec3072ef501943f1eba1963993bec797e684e3120d0a3fdca5d103679ed475ecb25c2dd79e3c12a8f0db89873292890894662cba002d05f2f44e137eaf2d1d
SSDEEP

98304:atBKJ4fEJr1IQTRueIVsxeWTs+8aYvNQ2:atE4fEJr1IQTRueIVsi/C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1232bc3525cfad9035517285cdb42813b87a1f322706f1679ee1e4f16372495f

Files

1232bc3525cfad9035517285cdb42813b87a1f322706f1679ee1e4f16372495f
.exe windows:5 windows x86 arch:x86

89f06a1806f410ff32c2b8f91e7c5e17

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateToolhelp32Snapshot
Process32FirstW
OpenProcess
Process32NextW
GetExitCodeProcess
CreateProcessW
GlobalFree
CopyFileW
GetSystemInfo
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
MulDiv
LCMapStringW
lstrcpyW
FormatMessageA
LoadLibraryA
GetTempPathA
GetFileAttributesA
UnlockFile
LockFileEx
LockFile
SetFilePointer
AreFileApisANSI
InterlockedIncrement
WriteFile
GetStdHandle
LocalFree
LocalAlloc
WaitForSingleObject
TerminateThread
DeleteFileA
SetEndOfFile
SetFilePointerEx
CreateFileA
GetPrivateProfileStringA
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
UnmapViewOfFile
GlobalAlloc
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FlushFileBuffers
GetCurrentDirectoryW
GetTimeZoneInformation
SetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
lstrcmpiW
GetACP
FindFirstFileExW
GetFullPathNameA
GetFullPathNameW
ExitThread
PeekNamedPipe
GetDriveTypeW
WriteConsoleW
GetModuleHandleExW
GetFileType
GetConsoleCP
ReadConsoleW
GetConsoleMode
RtlUnwind
CreateTimerQueue
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
DuplicateHandle
VirtualProtect
LoadLibraryExW
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
CreateMutexW
ReleaseMutex
VirtualFree
VirtualAlloc
ExitProcess
ReadProcessMemory
FindResourceExW
RaiseException
HeapSize
HeapReAlloc
HeapDestroy
OutputDebugStringW
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
WaitForSingleObjectEx
ResetEvent
SetEvent
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
GetCPInfo
GetStringTypeW
GetLocaleInfoW
CompareStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GlobalUnlock
GlobalLock
Sleep
GetVersionExW
MoveFileExW
RemoveDirectoryW
GetTempPathW
GetWindowsDirectoryW
GetLocalTime
GetCurrentProcessId
GetCurrentProcess
GetCurrentThread
FindClose
FindNextFileW
FindFirstFileW
SizeofResource
LockResource
LoadResource
FindResourceW
SetFileTime
LocalFileTimeToFileTime
SetFileAttributesW
DosDateTimeToFileTime
TlsGetValue
TlsSetValue
FreeLibrary
GetCurrentThreadId
DeleteFileW
GetTickCount
GetFileAttributesW
MultiByteToWideChar
WideCharToMultiByte
ReadFile
GetFileSize
CreateFileW
CloseHandle
CreateThread
GetPrivateProfileIntW
WritePrivateProfileStringW
LoadLibraryW
CreateDirectoryW
GetLastError
QueryPerformanceCounter
GetModuleFileNameW
GetPrivateProfileStringW
QueryPerformanceFrequency
SetUnhandledExceptionFilter
SetErrorMode
HeapFree
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetSystemTimeAsFileTime
TlsFree
TlsAlloc
CreateEventW
InitializeCriticalSectionAndSpinCount
SetLastError
DecodePointer
EncodePointer
TryEnterCriticalSection
HeapAlloc
GetSystemTime

user32

GetWindowLongW
ShowWindow
SetWindowPos
EndDialog
DestroyWindow
GetDlgItem
PtInRect
SetCursor
LoadCursorW
PostMessageW
CreateDialogParamW
DialogBoxParamW
WindowFromPoint
ClientToScreen
FindWindowW
IsIconic
BringWindowToTop
keybd_event
InvalidateRect
SendMessageW
GetFocus
SetFocus
MoveWindow
IsWindow
GetDlgItemTextW
CallWindowProcW
MessageBoxW
SetDlgItemInt
GetWindowRect
GetKeyState
GetAsyncKeyState
ReleaseCapture
ToUnicodeEx
GetForegroundWindow
MessageBeep
SendMessageTimeoutW
GetWindowTextW
IsWindowVisible
OffsetRect
SystemParametersInfoW
SetCapture
SetRect
DefWindowProcW
BeginPaint
EndPaint
GetDC
UpdateLayeredWindow
ReleaseDC
ScreenToClient
SetRectEmpty
UnionRect
FillRect
GetClientRect
GetCursorPos
CreateMenu
CreatePopupMenu
DeleteMenu
DestroyMenu
SetMenuInfo
EnableMenuItem
KillTimer
SetDlgItemTextW
SetWindowTextW
GetDlgItemInt
SetWindowLongW
SetTimer
GetWindowInfo
RegisterWindowMessageW
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromPoint
CharLowerW
FindWindowExW
GetSystemMetrics
GetDesktopWindow
GetClipboardData
IsClipboardFormatAvailable
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
PostQuitMessage
GetKeyboardLayout
GetKeyboardLayoutList
LoadKeyboardLayoutW
GetCaretPos
AttachThreadInput
GetGUIThreadInfo
GetKeyboardState
ToAscii
GetParent
CreateWindowExW
RegisterClassExW
LoadIconW
GetCapture
GetWindowThreadProcessId
DrawTextW
CharNextW
CallNextHookEx
GetClassNameW
UnhookWindowsHookEx
SetWindowsHookExW
TrackPopupMenu
SetForegroundWindow
RemoveMenu
ModifyMenuW
InsertMenuW

gdi32

CreateICW
GetPixel
DeleteDC
BitBlt
CreateCompatibleBitmap
DeleteObject
SelectObject
CreateCompatibleDC
CreateDIBSection
GetStockObject
SetTextColor
SetBkMode
CreateBitmap
GetObjectW
GetDIBits
CreateDCW
EnumFontsW
CreateSolidBrush
CreateFontW
GetTextExtentPoint32W
ExcludeClipRect
GetTextExtentPointW
TextOutW
MoveToEx
LineTo
GetDeviceCaps
CreatePen

advapi32

SetSecurityInfo
LookupAccountSidW
GetTokenInformation
RegCreateKeyExW
SetNamedSecurityInfoW
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
DuplicateTokenEx
OpenProcessToken
RegEnumKeyExW
RegQueryInfoKeyW
ImpersonateLoggedOnUser
RevertToSelf
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
GetSecurityDescriptorControl
SetSecurityDescriptorDacl
AddAccessAllowedAce
AddAce
EqualSid
GetAce
InitializeAcl
GetLengthSid
GetAclInformation
GetSecurityDescriptorDacl
LookupAccountNameW
InitializeSecurityDescriptor

shell32

Shell_NotifyIconW
ShellExecuteW
SHAppBarMessage
SHGetSpecialFolderPathW
SHGetFolderPathW

ole32

CoInitialize
CreateStreamOnHGlobal
CoUninitialize
CoCreateInstance

psapi

GetModuleFileNameExW

shlwapi

PathFileExistsW
PathFileExistsA

gdiplus

GdiplusStartup
GdipDrawImageRectI
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipCreateStringFormat
GdipGetFontSize
GdipGetFamily
GdipCloneFont
GdipGetFontCollectionFamilyList
GdipCloneFontFamily
GdipMeasureString
GdipSetStringFormatFlags
GdipFillRectangleI
GdipGetGenericFontFamilySansSerif
GdipGetImageRawFormat
GdipCloneBitmapAreaI
GdipCreateBitmapFromStream
GdipCloneImage
GdipDisposeImage
GdipBitmapSetPixel
GdipBitmapGetPixel
GdipSetPenDashStyle
GdipDrawLineI
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipFillPath
GdipDrawPath
GdipSetImageAttributesColorKeys
GdipAddPathArcI
GdipDeletePath
GdipCreatePath
GdipCreateFont
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDeleteFont
GdipDrawString
GdipSetImageAttributesColorMatrix
GdipCreateImageAttributes
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageRectRectI
GdipDrawLine
GdipDeletePen
GdipCreatePen1
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateSolidFill
GdipCloneBrush
GdipAlloc
GdipDeleteBrush
GdipDisposeImageAttributes
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipDeletePrivateFontCollection
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipPrivateAddFontFile
GdipFree
GdipNewPrivateFontCollection
GdipNewInstalledFontCollection
GdipGetFontCollectionFamilyCount
GdipCloneStringFormat
GdipAddPathLineI

imm32

ImmGetIMEFileNameW

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 373KB - Virtual size: 373KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 626KB - Virtual size: 626KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89f06a1806f410ff32c2b8f91e7c5e17

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

psapi

shlwapi

gdiplus

imm32

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 373KB - Virtual size: 373KB

.data Size: 48KB - Virtual size: 86KB

.gfids Size: 3KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 626KB - Virtual size: 626KB

.reloc Size: 88KB - Virtual size: 87KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 373KB - Virtual size: 373KB

.data
Size: 48KB - Virtual size: 86KB

.gfids
Size: 3KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 626KB - Virtual size: 626KB

.reloc
Size: 88KB - Virtual size: 87KB