ad4d1cf408b9ebe6cbf0d738ef6ae43c77a1d3f430cddd3e13296226b94ffb35

Sharing

Copy URL

Twitter E-mail

General

Target

ad4d1cf408b9ebe6cbf0d738ef6ae43c77a1d3f430cddd3e13296226b94ffb35
Size

2.5MB
MD5

faaefa236c9b0b4296823e549e042b1c
SHA1

a089e587fcddd2320f7fc44c250b149b7a8600d3
SHA256

ad4d1cf408b9ebe6cbf0d738ef6ae43c77a1d3f430cddd3e13296226b94ffb35
SHA512

03493fd88209d8650d2434a85d03550b79a51cb85a3efece8ae92dd6735eae3d0c9ff2b3d194706cd0aa43dae723f50dacc9ba530d6c219dc1a82024ece0d45e
SSDEEP

49152:yezYpGxKt0afOmPJvA1TS41aZE7PBryYYb+MITeNbdO:yezNKtnfOF1TSKt7PBryYrTeN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad4d1cf408b9ebe6cbf0d738ef6ae43c77a1d3f430cddd3e13296226b94ffb35

Files

ad4d1cf408b9ebe6cbf0d738ef6ae43c77a1d3f430cddd3e13296226b94ffb35
.exe windows:5 windows x86 arch:x86

ad0ac43c9324b55364b325a938dde024

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\apptest1\Release\Diction.pdb

Imports

kernel32

GetACP
GetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
IsValidLocale
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
ExitProcess
RtlUnwind
LCMapStringW
GetCPInfo
GetStringTypeW
OutputDebugStringW
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
GetTimeZoneInformation
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
GetUserDefaultLCID
FindResourceExW
SearchPathW
GetProfileIntW
GetWindowsDirectoryW
GetTickCount
SetErrorMode
FindNextFileW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
VirtualProtect
GlobalGetAtomNameW
GetTempPathW
GetTempFileNameW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
CompareStringW
GetCurrentDirectoryW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetThreadLocale
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
CreateFileW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
LocalAlloc
GlobalFindAtomW
LoadLibraryA
GetSystemDirectoryW
EncodePointer
GlobalAddAtomW
ResumeThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalSize
GetCurrentProcessId
VerifyVersionInfoW
lstrcpyW
VerSetConditionMask
LoadLibraryW
GlobalUnlock
GetModuleHandleA
SetLastError
OutputDebugStringA
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetProcAddress
GetModuleHandleW
FreeResource
lstrcmpW
SizeofResource
lstrcmpA
GlobalDeleteAtom
GlobalLock
LoadLibraryExW
GetModuleFileNameW
FreeLibrary
GetCurrentThreadId
GetCurrentThread
InterlockedDecrement
GetLocaleInfoW
GetShortPathNameW
GetComputerNameW
GlobalFree
GlobalAlloc
WideCharToMultiByte
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
HeapFree
GetVersionExW
CloseHandle
GetLastError
DeviceIoControl
CreateFileA
CreateDirectoryW
GetFileAttributesW
MultiByteToWideChar
Sleep
FindResourceW
LoadResource
LockResource
FreeLibraryAndExitThread

user32

WaitMessage
CharUpperW
IntersectRect
GetMenuItemInfoW
SendDlgItemMessageA
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongW
SetWindowLongW
EqualRect
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
GetMessageTime
SetCapture
RegisterWindowMessageW
GetClassNameW
ShowOwnedPopups
ValidateRect
GetKeyState
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
PtInRect
GetFocus
ScreenToClient
EndPaint
DestroyAcceleratorTable
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RemoveMenu
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetMenuState
TrackMouseEvent
IsZoomed
NotifyWinEvent
SetCursorPos
SetParent
GetSystemMetrics
EnableWindow
LoadIconW
GetMenuStringW
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxW
EnumDisplayMonitors
GetMonitorInfoW
SystemParametersInfoW
LoadCursorW
SetRectEmpty
GetSysColorBrush
MapWindowPoints
SetLayeredWindowAttributes
GetClassInfoW
DefWindowProcW
GetDesktopWindow
SetActiveWindow
ReleaseCapture
CopyImage
DeleteMenu
RealChildWindowFromPoint
SetTimer
KillTimer
CharNextW
CopyAcceleratorTableW
InvalidateRgn
SetRect
IsRectEmpty
GetNextDlgGroupItem
MessageBeep
DrawEdge
IsWindowEnabled
GetDlgItem
EndDialog
DrawFrameControl
DrawIconEx
ToUnicodeEx
GetKeyboardLayout
GetAsyncKeyState
GetKeyboardState
MapVirtualKeyW
LoadAcceleratorsW
GetMessagePos
CreateAcceleratorTableW
GetWindowRect
SetWindowRgn
GetSystemMenu
AppendMenuW
SendMessageW
LoadBitmapW
GetDC
GetClientRect
ReleaseDC
IsIconic
DrawIcon
UpdateWindow
wsprintfW
GetCursorPos
CreatePopupMenu
DestroyCursor
DestroyMenu
DestroyIcon
GetWindowLongW
GetNextDlgTabItem
GetParent
SetCursor
InvalidateRect
ClientToScreen
WindowFromPoint
GetActiveWindow
SetClipboardData
GetSubMenu
TrackPopupMenuEx
PostMessageW
CopyRect
InflateRect
DrawFocusRect
OffsetRect
DrawStateW
FillRect
GetSysColor
GetIconInfo
CreateIconIndirect
LoadImageW
LoadMenuW
FrameRect
UnregisterClassW
PostQuitMessage
SetWindowPos
SetWindowContextHelpId
GetWindow
MapDialogRect
IsWindow
BringWindowToTop
LockWindowUpdate
SetClassLongW
GetMenuDefaultItem
DestroyWindow
CreateDialogIndirectParamW
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatW
OpenClipboard
CloseClipboard
GetWindowRgn
GetComboBoxInfo
InvertRect
HideCaret
CreateMenu
PostThreadMessageW
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
CharUpperBuffW
MapVirtualKeyExW
GetKeyNameTextW
IsCharLowerW
ModifyMenuW
CopyIcon
GetDoubleClickTime
EmptyClipboard
BeginPaint

gdi32

CreatePen
CreatePatternBrush
CreateRectRgnIndirect
EnumFontFamiliesW
GetDeviceCaps
GetTextCharsetInfo
GetTextMetricsW
CopyMetaFileW
CreateDCW
CreateHatchBrush
CreateRectRgn
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
CreateDIBitmap
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetTextExtentPoint32W
CombineRgn
GetMapMode
PatBlt
SetRectRgn
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateDIBSection
RealizePalette
SetDIBColorTable
Rectangle
OffsetRgn
CreatePalette
GetPaletteEntries
EnumFontFamiliesExW
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceW
SetPixel
GetPixel
DeleteDC
SetTextColor
SetBkColor
SelectObject
CreateBitmap
BitBlt
CreateCompatibleBitmap
GetStockObject
DeleteObject
RoundRect
CreateSolidBrush
StretchBlt
CreateCompatibleDC
GetObjectW
CreateFontIndirectW
SetWindowExtEx
LineTo
CreateRoundRectRgn

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegDeleteValueW
RegQueryValueExW
RegEnumKeyExW
RegQueryValueW
RegEnumKeyW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegEnumValueW
RegOpenKeyW
RegSetValueExW
RegCloseKey

shell32

SHAppBarMessage
ShellExecuteExW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFileInfoW
DragQueryFileW
DragFinish
SHBrowseForFolderW
Shell_NotifyIconW
SHGetDesktopFolder
ShellExecuteW

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

StrCpyW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW

uxtheme

GetThemeColor
DrawThemeParentBackground
IsAppThemed
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetThemePartSize

ole32

DoDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRevokeClassObject
CoRegisterMessageFilter
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateStreamOnHGlobal
OleLockRunning
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoDisconnectObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoSetProxyBlanket
CoCreateInstance
CoUninitialize
CoInitializeSecurity
CoInitializeEx

oleaut32

SysStringLen
VariantInit
VariantChangeType
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
LoadTypeLi
SysAllocStringLen
VariantClear
VariantCopy
VarBstrFromDate
SafeArrayGetElement
SysAllocString
SysFreeString
SafeArrayGetLBound
SafeArrayGetUBound

oledlg

OleUIBusyW

gdiplus

GdipCreateBitmapFromStream
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

iphlpapi

GetAdaptersInfo

ws2_32

send
recv
htons
connect
closesocket
gethostbyname
WSACleanup
WSAStartup
socket

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

wininet

InternetSetFilePointer
HttpQueryInfoW
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetSetOptionW
InternetQueryOptionW
InternetQueryDataAvailable
InternetWriteFile
InternetReadFile
InternetConnectW
InternetCloseHandle
InternetOpenUrlW
InternetOpenW

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 374KB - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 267KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad0ac43c9324b55364b325a938dde024

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

iphlpapi

ws2_32

oleacc

wininet

imm32

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 374KB - Virtual size: 374KB

.data Size: 25KB - Virtual size: 50KB

.gfids Size: 107KB - Virtual size: 106KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 267KB - Virtual size: 266KB

.reloc Size: 130KB - Virtual size: 130KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 374KB - Virtual size: 374KB

.data
Size: 25KB - Virtual size: 50KB

.gfids
Size: 107KB - Virtual size: 106KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 267KB - Virtual size: 266KB

.reloc
Size: 130KB - Virtual size: 130KB