3107752b79e3c4112c69c12381d0500e2e1320e7848f5e4e365b22b0c32cbc8d

Sharing

Copy URL

Twitter E-mail

General

Target

3107752b79e3c4112c69c12381d0500e2e1320e7848f5e4e365b22b0c32cbc8d
Size

1.9MB
MD5

da08f39d7a5b479f4c54d00c8883f5bb
SHA1

90b4f91dea9fd05df3c91edbf5f3d037f48a3a7e
SHA256

3107752b79e3c4112c69c12381d0500e2e1320e7848f5e4e365b22b0c32cbc8d
SHA512

7d57fb6c16efd14270f03d6b9a7fd73e996b01db4f3b2e3444b44f4096c014d46008bb6243173c8965e5c975746795c59475f394b38d93547a8d21c9eb7f747f
SSDEEP

49152:zp3YhU/GSXLTsEHvfpWPzqxMIb/xBxl6BpsAvalmL:zahURTsEPfpWPuxjxBxl6Y6oK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3107752b79e3c4112c69c12381d0500e2e1320e7848f5e4e365b22b0c32cbc8d

Files

3107752b79e3c4112c69c12381d0500e2e1320e7848f5e4e365b22b0c32cbc8d
.exe windows:5 windows x86 arch:x86

34c5ea664cc296b9d5244ae14df929d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetCloseEnum

comctl32

ImageList_DrawEx
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_SetOverlayImage
ImageList_Write
ord17
InitializeFlatSB
FlatSB_SetScrollProp
ImageList_Add
ImageList_BeginDrag
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
FlatSB_SetScrollPos
ImageList_DragShowNolock

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

GetModuleHandleA
GetCommandLineW
LoadLibraryA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCommandLineA
CreateDirectoryW
CreateEventW
CreateFileA
CreateFileW
CreateMutexW
CreateProcessW
CreateThread
DeleteCriticalSection
DeleteFileW
EnumCalendarInfoW
EnumResourceNamesA
EnumResourceTypesA
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileW
FindNextFileW
FindResourceA
FindResourceW
FormatMessageW
FreeLibrary
FreeResource
GetACP
GetComputerNameW
GetCPInfo
GetCurrentDirectoryW
GetDateFormatW
GetDiskFreeSpaceW
GetDriveTypeW
GetEnvironmentVariableW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileAttributesW
GetFileSize
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoW
GetLocalTime
GetModuleFileNameW
GetModuleHandleW
GetStartupInfoA
GetStdHandle
GetSystemInfo
GetTempPathW
GetThreadLocale
GetThreadPriority
GetTimeZoneInformation
GetUserDefaultLangID
GetUserDefaultLCID
GetVersion
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryA
GetWindowsDirectoryW
GetProcAddress
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFree
GlobalHandle
GetConsoleMode
GlobalSize
GlobalUnlock
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchangeAdd
InterlockedIncrement
IsValidLocale
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockResource
lstrcatA
lstrcmpiA
lstrcmpW
lstrcpynW
lstrcpyW
lstrlenA
lstrlenW
MoveFileW
MulDiv
MultiByteToWideChar
OpenProcess
QueryPerformanceFrequency
RaiseException
ReadFile
ReadProcessMemory
ReleaseMutex
RemoveDirectoryW
ResetEvent
ResumeThread
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointer
SetLastError
SetThreadLocale
SetThreadPriority
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
TerminateThread
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualQuery
VirtualQueryEx
WaitForMultipleObjectsEx
WaitForSingleObject
WideCharToMultiByte
WriteFile
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
HeapReAlloc
HeapAlloc
GetOEMCP
HeapFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
TlsAlloc
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
GetCurrentProcess
TerminateProcess
ExitProcess
RtlUnwind
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GlobalLock
GlobalAddAtomW

user32

GetClipboardFormatNameW
GetCursorPos
GetDCEx
GetDesktopWindow
GetDlgCtrlID
GetDlgItemTextA
GetDlgItemTextW
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyboardLayoutList
GetKeyboardLayoutNameW
GetKeyboardState
GetKeyNameTextW
GetKeyState
GetLastActivePopup
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuItemRect
GetMenuState
GetMenuStringW
GetMessageExtraInfo
GetMessagePos
GetMessageTime
GetMessageW
GetParent
GetPropW
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetWindowDC
GetWindowLongA
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
HideCaret
InflateRect
InsertMenuItemW
InsertMenuW
IntersectRect
InvalidateRect
IsCharAlphaNumericW
IsCharAlphaW
IsChild
IsClipboardFormatAvailable
IsDialogMessageA
IsDialogMessageW
IsIconic
IsRectEmpty
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapW
LoadCursorW
LoadIconW
LoadImageA
LoadKeyboardLayoutW
LoadStringW
LockWindowUpdate
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxA
MessageBoxIndirectW
MessageBoxW
MoveWindow
GetClipboardData
OffsetRect
OpenClipboard
PeekMessageA
PeekMessageW
PostMessageW
PtInRect
RedrawWindow
RegisterClassW
GetClassNameW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropW
ScreenToClient
ScrollWindowEx
SendDlgItemMessageW
SendMessageA
SendMessageW
SetActiveWindow
SetCapture
SetCaretPos
SetClassLongW
SetClipboardData
SetCursorPos
SetFocus
SetForegroundWindow
SetKeyboardState
SetMenuItemInfoW
SetParent
SetPropW
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowsHookExW
SetWindowTextW
ShowCaret
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoW
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnregisterClassW
UpdateWindow
ValidateRect
WaitForInputIdle
WaitMessage
WindowFromDC
WindowFromPoint
wvsprintfA
CharLowerW
CharNextW
CharUpperBuffW
CheckMenuItem
ChildWindowFromPoint
EnumDisplaySettingsW
EnumClipboardFormats
EnumChildWindows
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextW
DrawTextExW
DrawMenuBar
DrawIconEx
DrawFrameControl
DrawFocusRect
MsgWaitForMultipleObjectsEx
GetClientRect
ClientToScreen
CloseClipboard
CopyIcon
CopyImage
CopyRect
CountClipboardFormats
CreateAcceleratorTableW
CreateCaret
CreateIconIndirect
CreateMenu
CreatePopupMenu
CreateWindowExW
DefFrameProcW
DefMDIChildProcW
DefWindowProcW
DeleteMenu
DestroyCaret
DestroyCursor
GetClassLongW
GetClassInfoW
EnumThreadWindows
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowW
FindWindowExW
FillRect
EqualRect
RegisterClipboardFormatW
EnumWindows
DrawEdge
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
GetCaretPos

winspool.drv

EnumPrintersW
DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegEnumKeyExW
RegEnumValueW
RegLoadKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegReplaceKeyW
RegRestoreKeyW
RegSaveKeyW
RegSetValueExW
RegUnLoadKeyW
RegFlushKey

shell32

CommandLineToArgvW

ole32

IsAccelerator
FreePropVariantArray
CreateStreamOnHGlobal
MkParseDisplayName
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
OleDraw
OleInitialize
OleRegEnumVerbs
OleUninitialize
OleSetMenuDescriptor
ProgIDFromCLSID
StgCreateDocfile
StringFromCLSID
CreateBindCtx

oleaut32

VariantCopyInd
VariantClear
VariantChangeType
SysReAllocStringLen
SysFreeString
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
VariantInit

Sections

.text
Size: 756KB - Virtual size: 754KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.inst7
Size: 988KB - Virtual size: 992KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

34c5ea664cc296b9d5244ae14df929d5

Headers

File Characteristics

Imports

mpr

comctl32

version

kernel32

user32

winspool.drv

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 756KB - Virtual size: 754KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 12KB - Virtual size: 20KB

.rsrc Size: 164KB - Virtual size: 164KB

.inst7 Size: 988KB - Virtual size: 992KB

.text
Size: 756KB - Virtual size: 754KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 12KB - Virtual size: 20KB

.rsrc
Size: 164KB - Virtual size: 164KB

.inst7
Size: 988KB - Virtual size: 992KB