f3944fb1e894997a97461d2a6e959269c42bcf0aa994b5a322307eec45c2f0e3

Sharing

Copy URL Twitter E-mail

General

Target

f3944fb1e894997a97461d2a6e959269c42bcf0aa994b5a322307eec45c2f0e3
Size

2.1MB
MD5

ba04e31723ccab2b51dcaa602e45f27a
SHA1

5208e19b11fdfd482309f10f72d1689568627bb3
SHA256

f3944fb1e894997a97461d2a6e959269c42bcf0aa994b5a322307eec45c2f0e3
SHA512

5dbf9b81de3070a1053864162f1854001df392fbd9fd67987bb4e8c3bb636817d2b34c466236ff93a048a73c1c28375cbe8e22af844bfc078214327b7085121c
SSDEEP

49152:jLVFfo53Mt54lYkU9sbMgtaXuSfBsoW1xldC:jLVFfo53eSl69sbM+aXuSfBsoW18

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3944fb1e894997a97461d2a6e959269c42bcf0aa994b5a322307eec45c2f0e3

Files

f3944fb1e894997a97461d2a6e959269c42bcf0aa994b5a322307eec45c2f0e3
.exe windows:4 windows x86 arch:x86

310ca5d6d214c4e9a2522d3461f4e399

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

memset
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3

winmm

timeBeginPeriod
timeEndPeriod

mpr

WNetGetConnectionW

comctl32

ImageList_Add
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_Write
InitializeFlatSB
FlatSB_SetScrollProp
FlatSB_SetScrollPos
FlatSB_SetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
ord17

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

GetWindowsDirectoryW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFree
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalSize
GlobalUnlock
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchangeAdd
InterlockedIncrement
IsBadReadPtr
LeaveCriticalSection
GetWindowsDirectoryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LocalSize
LockResource
lstrcmpA
lstrcmpiW
lstrcpynW
lstrcpyW
lstrlenA
lstrlenW
MapViewOfFile
MoveFileExW
MoveFileW
MulDiv
MultiByteToWideChar
OpenFileMappingA
OpenFileMappingW
OpenProcess
OutputDebugStringW
QueryDosDeviceW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReadProcessMemory
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryA
RemoveDirectoryW
ResetEvent
ResumeThread
SetComputerNameW
SetCurrentDirectoryW
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
SetProcessAffinityMask
SetThreadAffinityMask
SetThreadLocale
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
VirtualQueryEx
WaitForMultipleObjectsEx
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringW
WriteProcessMemory
IsValidCodePage
InitializeCriticalSection
GetStartupInfoW
GetVolumeInformationW
GetTimeZoneInformation
GetThreadPriority
GetThreadLocale
GetThreadContext
GetTempPathW
GetTempPathA
GetTempFileNameW
GetSystemTime
GetSystemInfo
GetSystemDirectoryW
GetStringTypeExW
GetStringTypeExA
GetStdHandle
GetStartupInfoA
GetShortPathNameW
GetProcessTimes
GetProcessAffinityMask
GetProcAddress
GetPrivateProfileStringW
GetPriorityClass
GetOEMCP
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLongPathNameW
GetLogicalDriveStringsW
GetLogicalDrives
GetLocalTime
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFullPathNameW
GetFileType
GetFileTime
GetFileSize
GetFileInformationByHandle
GetFileAttributesW
GetFileAttributesExW
GetFileAttributesA
GetExitCodeThread
GetEnvironmentVariableW
GetDriveTypeW
GetDiskFreeSpaceW
GetDiskFreeSpaceA
GetDateFormatW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentDirectoryW
GetCurrentDirectoryA
GetCPInfo
GetComputerNameW
GetComputerNameA
GetCommandLineW
GetCommandLineA
GetACP
FreeResource
FormatMessageW
FormatMessageA
FlushInstructionCache
FindResourceW
FindResourceA
FindNextFileW
FindNextFileA
FindFirstFileW
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
ExitThread
EnumCalendarInfoW
EnterCriticalSection
DuplicateHandle
DosDateTimeToFileTime
DeleteFileW
DeleteFileA
DeleteCriticalSection
CreateThread
CreateSemaphoreW
CreateProcessW
CreateProcessA
CreatePipe
CreateMutexW
CreateMutexA
CreateFileW
CreateFileMappingW
CreateFileMappingA
CreateFileA
CreateEventW
CreateEventA
CreateDirectoryW
CreateDirectoryA
CopyFileW
CopyFileA
CompareStringW
CompareStringA
CloseHandle
GetSystemPowerStatus
GetTickCount
GetProcessHeap
ExitProcess
TlsGetValue
LoadLibraryA

user32

OpenClipboard
PeekMessageA
PeekMessageW
PostMessageA
PostQuitMessage
PostThreadMessageA
PostThreadMessageW
PtInRect
RedrawWindow
RegisterClassA
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropW
ScreenToClient
ScrollWindowEx
SendDlgItemMessageW
SendMessageA
SendMessageTimeoutA
SendMessageW
SetActiveWindow
SetCapture
SetCaretBlinkTime
SetCaretPos
SetClassLongW
SetClipboardData
SetCursorPos
SetFocus
SetForegroundWindow
SetKeyboardState
SetMenuItemInfoW
SetParent
SetPropW
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetSysColors
SetTimer
SetWindowLongA
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowsHookExW
SetWindowTextA
SetWindowTextW
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoW
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassA
UnregisterClassW
UpdateWindow
ValidateRect
WaitMessage
WindowFromDC
WindowFromPoint
InvalidateRect
IntersectRect
InsertMenuW
InsertMenuItemW
InflateRect
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextA
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowLongA
GetWindowDC
GetUpdateRect
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropW
GetParent
GetNextDlgTabItem
GetMessageW
GetMessageTime
GetMessagePos
GetMessageA
OffsetRect
GetMenuState
GetMenuItemRect
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetLastActivePopup
GetKeyState
GetKeyNameTextW
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetIconInfo
GetForegroundWindow
GetFocus
GetDoubleClickTime
GetDlgItem
GetDlgCtrlID
GetDialogBaseUnits
GetDesktopWindow
GetDCEx
GetCursorPos
GetClipboardData
GetClientRect
GetClassNameA
GetClassLongW
GetClassInfoW
GetCaretPos
GetCaretBlinkTime
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowW
FindWindowExW
FindWindowA
FillRect
EqualRect
EnumWindows
EnumThreadWindows
EnumDisplaySettingsW
EnumClipboardFormats
EnumChildWindows
EndPaint
EndDeferWindowPos
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextW
DrawTextExW
DrawTextA
DrawMenuBar
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DestroyCaret
DeleteMenu
DefWindowProcW
DefWindowProcA
DefMDIChildProcW
DefFrameProcW
CreateWindowExW
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateIcon
CreateCaret
CopyImage
CloseClipboard
ClientToScreen
CheckMenuItem
CharUpperW
OemToCharW
MsgWaitForMultipleObjectsEx
MoveWindow
mouse_event
MessageBeep
MapWindowPoints
MapVirtualKeyW
LoadStringW
LoadStringA
LoadKeyboardLayoutW
LoadImageW
LoadImageA
CharUpperBuffW
CharUpperBuffA
CharToOemW
CharNextW
CharLowerW
CharLowerBuffW
CharLowerBuffA
ChangeDisplaySettingsW
CallWindowProcW
CallWindowProcA
CallNextHookEx
BringWindowToTop
BeginPaint
BeginDeferWindowPos
AttachThreadInput
AdjustWindowRectEx
PostMessageW
GetKeyboardType
LoadIconW
LoadCursorW
LoadBitmapW
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsRectEmpty
IsDialogMessageW
IsDialogMessageA
IsClipboardFormatAvailable
IsChild
IsCharAlphaW
IsCharAlphaNumericW
GetMenuStringW
InvalidateRgn
GetKeyboardState

gdi32

CreateRoundRectRgn
DeleteEnhMetaFile
DeleteObject
DPtoLP
Ellipse
EndDoc
EndPage
EnumFontFamiliesExW
ExcludeClipRect
ExtCreatePen
ExtFloodFill
ExtTextOutW
FrameRgn
GdiFlush
GetBitmapBits
GetBrushOrgEx
GetClipBox
GetClipRgn
CreateSolidBrush
GetCurrentPositionEx
GetDCOrgEx
GetDeviceCaps
GetDIBColorTable
GetDIBits
GetEnhMetaFileBits
CreateRectRgnIndirect
GetEnhMetaFilePaletteEntries
GetMapMode
GetNearestColor
GetObjectW
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextExtentExPointW
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextExtentPointW
GetTextFaceA
GetTextMetricsW
GetViewportOrgEx
GetWindowOrgEx
GetWinMetaFileBits
IntersectClipRect
LineTo
LPtoDP
MaskBlt
MoveToEx
PatBlt
PlayEnhMetaFile
Polygon
Polyline
PolyPolyline
RealizePalette
Rectangle
RectVisible
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetAbortProc
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetEnhMetaFileBits
SetMapMode
SetPixelFormat
SetROP2
SetStretchBltMode
SetTextAlign
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetWinMetaFileBits
StartDocA
StartDocW
StartPage
StretchBlt
StretchDIBits
TextOutA
TextOutW
UnrealizeObject
CreatePolygonRgn
CreatePenIndirect
CreatePalette
CreateICW
CreateHalftonePalette
CreateFontW
CreateFontIndirectW
CreateFontA
CreateDIBSection
CreateDIBitmap
CreateDCW
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileW
CombineRgn
GetEnhMetaFileHeader
CreateCompatibleDC
DeleteDC

winspool.drv

EnumPrintersW
OpenPrinterW
DeviceCapabilitiesW
DocumentPropertiesW
ClosePrinter

comdlg32

GetOpenFileNameW
GetSaveFileNameA
PrintDlgW
GetSaveFileNameW
ChooseFontW

advapi32

RegOpenKeyExA
RegEnumValueW
RegEnumKeyExW
RegEnumKeyA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegCreateKeyExW
RegCreateKeyExA
RegCloseKey
OpenProcessToken
LookupAccountSidW
InitializeSecurityDescriptor
GetUserNameW
GetUserNameA
GetTokenInformation
FreeSid
SetSecurityDescriptorDacl
RegFlushKey
RegOpenKeyExW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
RegSetValueExW

shell32

SHGetFileInfoW
ShellExecuteW
ShellExecuteExW
ShellExecuteExA
SHFileOperationW
DragAcceptFiles
DragFinish
DragQueryFileW
DragQueryPoint
ShellExecuteA
Shell_NotifyIconW

ole32

CLSIDFromString
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
StringFromCLSID
StgOpenStorageOnILockBytes
StgIsStorageFile
RevokeDragDrop
RegisterDragDrop
OleUninitialize
OleInitialize
DoDragDrop
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
CLSIDFromProgID
CoUninitialize

oleaut32

SafeArrayGetElement
VariantInit
VariantCopyInd
VariantClear
VariantChangeType
SysReAllocStringLen
SysFreeString
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayAccessData
SafeArrayCreate
SafeArrayGetLBound
SafeArrayGetUBound

ws2_32

setsockopt
sendto
select
recvfrom
ioctlsocket
socket
inet_addr
htons
gethostname
gethostbyname
bind
WSACleanup
connect
WSAGetLastError
WSAStartup
inet_ntoa
closesocket

Sections

.text
Size: 436KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.i4a13c
Size: 4KB - Virtual size: 545B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 532KB - Virtual size: 530KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cd83
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

310ca5d6d214c4e9a2522d3461f4e399

Headers

File Characteristics

Imports

msvcrt

winmm

mpr

comctl32

version

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

Sections

.text Size: 436KB - Virtual size: 432KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 4KB - Virtual size: 12.1MB

.i4a13c Size: 4KB - Virtual size: 545B

.rsrc Size: 532KB - Virtual size: 530KB

.cd83 Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 436KB - Virtual size: 432KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 12.1MB

.i4a13c
Size: 4KB - Virtual size: 545B

.rsrc
Size: 532KB - Virtual size: 530KB

.cd83
Size: 1.2MB - Virtual size: 1.2MB