ca930cc7dfc9698df54883c326f72789

Sharing

Copy URL Twitter E-mail

General

Target

ca930cc7dfc9698df54883c326f72789
Size

410KB
MD5

ca930cc7dfc9698df54883c326f72789
SHA1

cc39e1811c2653adf1a932a5aa3c4360d2e3ebd2
SHA256

47e19027ea6e96a9a093a7fc3fd6a8b5b36282a11d219d08eab87fc57dec40ca
SHA512

a8e51b7686c7713b30336b17406d0b092bccce63cb557b77cb821a4db2a33c00f8c2f0a41a35c1431ccefff039a7f1302a9e7abb727263fc165550b5d7730760
SSDEEP

12288:OEG6hTUiQrYDULBgKUKDKLI6tafMkU4tO2:+6x8gU6KVDKDtaf342

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca930cc7dfc9698df54883c326f72789

Files

ca930cc7dfc9698df54883c326f72789
.exe windows:4 windows x86 arch:x86

18a5393e663ba86bf8e63cb92e080e38

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetDlgItemTextW
MessageBeep
GetLastInputInfo
CreateCursor
BringWindowToTop
DispatchMessageW
GetKeyboardState
RegisterClipboardFormatW
GetClassNameW
GetWindowTextW
CreateDialogParamW
IntersectRect
ShowWindow
EnableMenuItem
EqualRect
CreateIconIndirect
GetLastActivePopup
SystemParametersInfoA
EndPaint
RegisterClassW
GetMessageW
UnregisterClassW
SetRect
PostQuitMessage
DialogBoxParamW
MonitorFromWindow
GetKeyState
keybd_event
EmptyClipboard
DestroyCursor
GetKeyboardLayout
EnumPropsA
UpdateWindow
GetSystemMenu
CloseWindow
GetWindowPlacement
OpenClipboard
KillTimer
SetCursorPos
DrawIconEx
EndDialog
ClientToScreen
GetSysColor
MapWindowPoints
CharPrevW
InflateRect
GetSysColorBrush
CountClipboardFormats
AdjustWindowRect
GetMonitorInfoW
ShowScrollBar
PostMessageW
UnhookWindowsHookEx
RegisterWindowMessageW
SetWindowPos
GetGUIThreadInfo
SystemParametersInfoW
DefDlgProcW
AttachThreadInput
UnionRect
RegisterDeviceNotificationW
UnregisterHotKey
GetCursorPos
OffsetRect
FillRect
IsWindowEnabled
CallNextHookEx
LoadCursorW
ShowCursor
SetWindowRgn
ChangeClipboardChain
CloseClipboard
RedrawWindow
IsZoomed
SetWindowPlacement
RegisterClassExW
SetWindowsHookExW
CopyIcon
CreateWindowExW
SetWindowLongW
GetClipboardViewer
IsClipboardFormatAvailable
DestroyIcon
DeferWindowPos
GetMessageExtraInfo
SendInput
wsprintfW
IsChild
IsWindow
EnableWindow
EndDeferWindowPos
ScreenToClient
LoadStringW
GetClassInfoW
GetKeyboardLayoutNameW
IsDlgButtonChecked
GetWindowLongW
DestroyAcceleratorTable
DrawTextW
GetClientRect
MapVirtualKeyW
GetWindowRect
ReleaseCapture
GetDlgItem
GetWindowDC
SetCursor
SetTimer
DestroyWindow
GetClassInfoExW
IsWindowVisible
SetScrollPos
BeginDeferWindowPos
LoadIconW
SetScrollInfo
LoadImageW
InvalidateRect
CheckDlgButton
GetActiveWindow
PeekMessageW
SetParent
PostThreadMessageW
EnumClipboardFormats
BeginPaint
GetFocus
GetWindow
UnregisterDeviceNotification
SetClipboardData
SetCapture
LockWindowUpdate
GetKeyboardLayoutNameA
CharLowerW
SetFocus
SendMessageW
SetWindowTextW
FindWindowW
ReleaseDC
GetDesktopWindow
MoveWindow
DefWindowProcW
CallWindowProcW
RegisterRawInputDevices
CharNextW
GetClipboardData
GetClipboardFormatNameW
CopyRect
FindWindowExW
FlashWindow
GetRawInputData
GetKeyboardType
GetWindowThreadProcessId
DlgDirListW
SetForegroundWindow
RegisterHotKey
GetDC
MsgWaitForMultipleObjectsEx
SetClipboardViewer
SetActiveWindow
GetAsyncKeyState
IsIconic
GetCapture
GetSystemMetrics
SetRectEmpty
GetParent

verifier

VerifierSetFlags

iphlpapi

GetBestInterfaceEx

wininet

InternetGetCookieW

wtsapi32

WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceInterfaceDetailW
SetupDiOpenDeviceInfoW
SetupDiDestroyDeviceInfoList
SetupDiOpenDevRegKey
SetupDiCreateDeviceInfoList
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInstanceIdW
SetupDiOpenClassRegKeyExW
SetupDiGetClassDevsW

urlmon

CopyStgMedium

kernel32

AddAtomA
GetLastError
BackupRead
VirtualAlloc

netapi32

NetApiBufferFree
NetGetJoinInformation

cryptui

CryptUIDlgViewCertificateW

shell32

SHAppBarMessage
DragQueryFileW
SHFileOperationW
Shell_NotifyIconW
ExtractIconW

shlwapi

PathRemoveFileSpecW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

rpcrt4

IUnknown_Release_Proxy
IUnknown_QueryInterface_Proxy
NdrOleAllocate
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_QueryInterface
NdrCStdStubBuffer_Release
NdrDllRegisterProxy
IUnknown_AddRef_Proxy
MesEncodeDynBufferHandleCreate
CStdStubBuffer_Invoke
NdrMesTypeEncode2
NdrMesTypeDecode2
CStdStubBuffer_DebugServerQueryInterface
MesDecodeBufferHandleCreate
CStdStubBuffer_IsIIDSupported
NdrDllGetClassObject
NdrMesTypeFree2
CStdStubBuffer_AddRef
NdrOleFree
CStdStubBuffer_Disconnect
CStdStubBuffer_CountRefs
MesHandleFree
NdrDllUnregisterProxy
CStdStubBuffer_Connect
NdrDllCanUnloadNow

winmm

waveOutGetVolume
waveOutUnprepareHeader
waveOutOpen
waveOutWrite
waveOutGetPitch
waveOutSetVolume
waveOutClose
waveOutReset
waveOutPrepareHeader

ole32

OleUninitialize
OleLoadFromStream
OleIsCurrentClipboard
OleInitialize
CreateOleAdviseHolder
CoCreateInstance
CreateDataAdviseHolder
CoInitializeEx
CoTaskMemAlloc
OleRegGetMiscStatus
CoInitialize
StringFromCLSID
WriteClassStm
CLSIDFromString
CoGetMalloc
OleRegEnumVerbs
OleSetClipboard
CoUninitialize
OleSaveToStream
CoTaskMemRealloc
OleGetClipboard
ReleaseStgMedium
CoTaskMemFree
OleRegGetUserType

advapi32

GetUserNameA
RegQueryInfoKeyA
TraceMessage
CredReadW
RegSetValueExW
RegisterTraceGuidsW
CredFree
CredWriteDomainCredentialsW
GetTraceEnableFlags
RegEnumKeyExA
RegOpenKeyW
RegCreateKeyExA
RegOpenKeyA
CredUnmarshalCredentialW
RegCreateKeyW
CredWriteW
RegSetValueExA
CredGetSessionTypes
CryptGenRandom
RegEnumValueW
RegOpenKeyExW
CredDeleteW
GetTraceEnableLevel
RegDeleteValueW
RegQueryInfoKeyW
RegQueryValueExW
RegEnumKeyExW
RegFlushKey
RegDeleteKeyW
RegCloseKey
GetUserNameW
RegCreateKeyExW
CryptReleaseContext
GetSecurityDescriptorLength
CredReadDomainCredentialsW
GetFileSecurityW
RegQueryValueExA
CryptAcquireContextW
RegConnectRegistryW
RegDeleteValueA
UnregisterTraceGuids
GetTraceLoggerHandle
RegOpenKeyExA
SetFileSecurityW

crypt32

CertDuplicateCertificateContext
CryptStringToBinaryW
CertFindCertificateInStore
CertVerifyCertificateChainPolicy
CertFreeCertificateContext
CertGetNameStringW
CertOpenStore
CertGetEnhancedKeyUsage
CryptBinaryToStringW
CryptMsgClose
CryptVerifyDetachedMessageSignature
CryptDecodeObject
CertVerifySubjectCertificateContext
CryptProtectData
CertDuplicateCertificateChain
CryptMsgOpenToDecode
CertGetCertificateContextProperty
CertFreeCertificateChain
CryptSignMessage
CertFindExtension
CertGetCertificateChain
CryptMsgUpdate
CertCloseStore
CertCompareCertificate
CertAddCertificateContextToStore
CertCreateCertificateContext

credui

CredUIPromptForCredentialsW
CredUIParseUserNameW

secur32

AcquireCredentialsHandleW
DeleteSecurityContext
FreeContextBuffer
FreeCredentialsHandle
InitializeSecurityContextW
EncryptMessage
DecryptMessage
GetUserNameExW
QuerySecurityPackageInfoW

ws2_32

WSANSPIoctl
WSALookupServiceNextW
WSALookupServiceBeginW
WSAIoctl
getaddrinfo
WSALookupServiceEnd
freeaddrinfo

msimg32

GradientFill

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18a5393e663ba86bf8e63cb92e080e38

Headers

DLL Characteristics

File Characteristics

Imports

user32

verifier

iphlpapi

wininet

wtsapi32

setupapi

urlmon

kernel32

netapi32

cryptui

shell32

shlwapi

version

rpcrt4

winmm

ole32

advapi32

crypt32

credui

secur32

ws2_32

msimg32

Sections

.text Size: 1KB - Virtual size: 1KB

.rsrc Size: 214KB - Virtual size: 213KB

.rdata Size: 178KB - Virtual size: 178KB

.idata Size: 10KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 2.4MB

.reloc Size: 512B - Virtual size: 28B

.text
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 214KB - Virtual size: 213KB

.rdata
Size: 178KB - Virtual size: 178KB

.idata
Size: 10KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 2.4MB

.reloc
Size: 512B - Virtual size: 28B