2802e656b0719d61fabdb8cd3f807a37774488eaec1b6b91a7edf0729ebb4f35

Sharing

Copy URL

Twitter E-mail

General

Target

2802e656b0719d61fabdb8cd3f807a37774488eaec1b6b91a7edf0729ebb4f35
Size

1.7MB
MD5

404f475ae57eceac5d1ac3e39087c10e
SHA1

5043d25f2d3ba9f8219512a4bd2ceeb77d9d76ac
SHA256

2802e656b0719d61fabdb8cd3f807a37774488eaec1b6b91a7edf0729ebb4f35
SHA512

099a21880c4d90a6f98a4c52585a3597795c7e6799a9c1389263ab5db0a7110d06a4dabe0c18ccc60ed0b5e04f61b6bd4bba6e8ef671d22cd05718e5f1686c6a
SSDEEP

24576:VUUYwXSuV41sCpWG7YjT1lzFrE64KCoccQd4nYs045TD:VQMSuAFpWGsgUCplHbMT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2802e656b0719d61fabdb8cd3f807a37774488eaec1b6b91a7edf0729ebb4f35

Files

2802e656b0719d61fabdb8cd3f807a37774488eaec1b6b91a7edf0729ebb4f35
.exe windows:4 windows x86 arch:x86

649d177afa0352bf79a6adf65cc61ce3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
CompareStringA
CompareStringW
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetCurrentDirectoryA
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
CreateFileA
GetACP
GetOEMCP
SetEnvironmentVariableA
GetDriveTypeA
GetLocaleInfoW
HeapSize
GetFileType
FindResourceA
GlobalAddAtomA
GetProfileStringA
InterlockedExchange
SetStdHandle
GetLocalTime
GetSystemTime
GetTimeZoneInformation
ExitThread
CreateThread
HeapReAlloc
GetDriveTypeW
RaiseException
HeapFree
HeapAlloc
RtlUnwind
GetStartupInfoW
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
FindResourceExW
GetCurrentDirectoryW
GlobalFlags
FindNextFileW
lstrcmpiW
GetThreadLocale
GetStringTypeExW
GetVolumeInformationW
FindFirstFileW
FindClose
UnlockFile
LockFile
SetFilePointer
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetProfileIntW
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GetProcessVersion
GlobalGetAtomNameW
MulDiv
SetLastError
GetDiskFreeSpaceW
GetFileTime
SetFileTime
GetFullPathNameW
GetTempFileNameW
GetFileAttributesW
InterlockedDecrement
InterlockedIncrement
GlobalFree
GetModuleHandleA
LoadLibraryA
GetVersion
lstrcatW
GlobalAddAtomW
GlobalFindAtomW
CreateEventW
SuspendThread
SetEvent
lstrcmpW
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
lstrlenA
ExitProcess
GlobalAlloc
GlobalLock
GlobalUnlock
SizeofResource
LoadResource
LockResource
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
SetCurrentDirectoryW
CancelIo
FlushFileBuffers
WriteFile
ReadFile
SetFilePointerEx
SetEndOfFile
GetFileSizeEx
CloseHandle
CreateFileW
MultiByteToWideChar
GetWindowsDirectoryW
lstrlenW
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryW
FreeLibrary
GetCurrentProcess
GetTempPathW
CreateDirectoryW
GetFileAttributesExW
GetLongPathNameW
GetShortPathNameW
GetLastError
FormatMessageW
LocalFree
CopyFileW
MoveFileW
DeleteFileW
SetThreadPriority
Sleep
CreateProcessW
TerminateProcess
GetExitCodeProcess
GetCurrentThreadId
GetModuleHandleW
GetProcAddress
GetVersionExW
lstrcpynW
lstrcpyW
ResumeThread
WaitForSingleObject
FindResourceW
GetTickCount
WideCharToMultiByte

user32

SendDlgItemMessageW
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetTopWindow
IsChild
WinHelpW
wsprintfW
GetClassInfoW
RegisterClassW
TrackPopupMenu
SetWindowPlacement
GetDlgItem
GetWindowTextLengthW
GetWindowTextW
GetDlgCtrlID
DestroyWindow
CreateWindowExW
DefWindowProcW
GetMessageTime
GetForegroundWindow
SystemParametersInfoW
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
EnableMenuItem
GetNextDlgTabItem
GetActiveWindow
ValidateRect
GetLastActivePopup
MessageBoxW
ShowOwnedPopups
PostQuitMessage
LockWindowUpdate
CheckMenuItem
SetWindowPos
SetMenu
GetMenu
IsIconic
FindWindowW
ExitWindowsEx
DestroyIcon
GetMessageW
MsgWaitForMultipleObjects
PeekMessageW
TranslateMessage
DispatchMessageW
InsertMenuW
WindowFromPoint
GetMenuStringW
GetMenuItemCount
CallNextHookEx
keybd_event
SetWindowsHookExW
TrackPopupMenuEx
UnhookWindowsHookEx
DestroyMenu
SetRect
IntersectRect
SetRectEmpty
IsRectEmpty
ReleaseDC
GetDC
DrawFocusRect
GetSysColor
SetCursor
IsWindowEnabled
SetFocus
RegisterWindowMessageW
GetWindow
CreatePopupMenu
GetMessagePos
RedrawWindow
GetSystemMenu
PostMessageW
UpdateWindow
UnregisterClassW
GetWindowPlacement
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
OffsetRect
BeginDeferWindowPos
EndDeferWindowPos
GetMenuDefaultItem
RemovePropW
GetPropW
CallWindowProcW
SetPropW
SetWindowLongW
GetMenuItemID
LoadIconW
SetParent
KillTimer
SetTimer
AppendMenuW
ClientToScreen
SetMenuDefaultItem
InflateRect
GetParent
GetClassNameW
CharUpperW
GetDCEx
GetSysColorBrush
wvsprintfW
LoadStringW
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
GetDesktopWindow
GetWindowRect
CheckMenuRadioItem
DeleteMenu
GetCursorPos
GetKeyState
ScreenToClient
LoadMenuW
GetSubMenu
GrayStringW
DrawTextW
TabbedTextOutW
GetFocus
SetCapture
InvalidateRect
PtInRect
ReleaseCapture
SetForegroundWindow
SetActiveWindow
IsWindowVisible
SendMessageW
EnableWindow
GetClientRect
GetWindowLongW
CopyRect
GetSystemMetrics
GetWindowTextA
DrawTextA
GetClassInfoA
DefDlgProcA
DefWindowProcA
TranslateAcceleratorW
LoadAcceleratorsW
EndPaint
BeginPaint
GetWindowDC
EndDialog
CreateDialogIndirectParamW
MapDialogRect
GetAsyncKeyState
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
GetCapture
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
DestroyCursor
LoadBitmapW
IsWindow
LoadCursorW

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
IntersectClipRect
GetDeviceCaps
CreatePen
CreateSolidBrush
CreatePatternBrush
SetRectRgn
GetTextMetricsW
EnumFontFamiliesExW
CreateRectRgn
CombineRgn
SetTextColor
SetBkMode
CreateBitmap
SetBkColor
SaveDC
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
SetStretchBltMode
StretchDIBits
SetDIBitsToDevice
RestoreDC
CreateDIBSection
DeleteDC
PatBlt
DeleteObject
SelectObject
GetBkMode
GetBkColor
GetTextExtentPoint32W
GetTextColor
Escape
ExtTextOutW
TextOutW
BitBlt
RectVisible
PtVisible
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontIndirectW
GetStockObject
CreateDIBitmap
ExtTextOutA
GetTextExtentPointA
GetObjectW

comdlg32

GetFileTitleW
GetOpenFileNameW
GetSaveFileNameW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegCloseKey
RegQueryValueW
RegSetValueExW
RegCreateKeyW
RegSetValueW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
SetFileSecurityW
GetFileSecurityW
RegEnumKeyExW

shell32

SHGetMalloc
SHGetDesktopFolder
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
DragQueryFileW
SHFileOperationW
ShellExecuteExW
SHGetSpecialFolderPathW
DragAcceptFiles
DragFinish
ShellExecuteW
ExtractIconW

comctl32

ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_BeginDrag
_TrackMouseEvent
ImageList_AddMasked
ImageList_EndDrag
ImageList_DragMove
ImageList_DragEnter
ImageList_DragLeave
ord17
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW
ImageList_Destroy
ImageList_Create
ImageList_DrawIndirect
ImageList_Draw

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoCreateGuid

oleaut32

SysFreeString
SysAllocString

shlwapi

PathFileExistsW
PathFindExtensionW
PathMakePrettyW
PathFindFileNameW
PathRemoveFileSpecW
PathRenameExtensionW
PathRemoveBackslashW
PathStripToRootW
PathRelativePathToW
PathCombineW
PathIsRootW
PathGetCharTypeW
PathIsDirectoryW
PathIsURLW

winhttp

WinHttpQueryHeaders
WinHttpCrackUrl
WinHttpReadData
WinHttpCloseHandle
WinHttpOpen
WinHttpConnect
WinHttpOpenRequest
WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpQueryOption
WinHttpSetOption
WinHttpReceiveResponse

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 408KB - Virtual size: 407KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

649d177afa0352bf79a6adf65cc61ce3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

shlwapi

winhttp

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 132KB - Virtual size: 131KB

.data Size: 124KB - Virtual size: 142KB

.rsrc Size: 408KB - Virtual size: 407KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 132KB - Virtual size: 131KB

.data
Size: 124KB - Virtual size: 142KB

.rsrc
Size: 408KB - Virtual size: 407KB