3ac7f91e37572c0d15de4de96ab4719531c30536409fda4acb3e0071ab726338

Sharing

Copy URL

Twitter E-mail

General

Target

3ac7f91e37572c0d15de4de96ab4719531c30536409fda4acb3e0071ab726338
Size

390KB
MD5

08109df08fa4a035c59d56d1e6c5baf4
SHA1

bec86bce6f6963d0cc69c441c6d5fb6d04d3a833
SHA256

3ac7f91e37572c0d15de4de96ab4719531c30536409fda4acb3e0071ab726338
SHA512

61e6cc3e94ddb7a980bfb0a2e5e5ffeeb5414c9e2ef3e42551820017dbedab5cccdd8ece1fed2ca057e240bdb7836663a7f9be28f1bb9136da972750caf59704
SSDEEP

12288:s8TC7FeAA9IsQwycG888888888888W88888888888E7xCYsdG:s8TygVinw1Z7xCZdG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
3ac7f91e37572c0d15de4de96ab4719531c30536409fda4acb3e0071ab726338

Files

3ac7f91e37572c0d15de4de96ab4719531c30536409fda4acb3e0071ab726338
.exe windows:5 windows x86 arch:x86

d594c3da09df47926f98761efef2f7b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
InterlockedPushEntrySList
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadResource
LockResource
MultiByteToWideChar
OpenEventW
OpenFileMappingW
OpenJobObjectA
OpenSemaphoreA
PulseEvent
RaiseException
ReadConsoleOutputCharacterW
ReadConsoleOutputW
ReleaseMutex
SearchPathW
HeapValidate
SetDllDirectoryW
SetEnvironmentVariableW
SetErrorMode
SetLastError
SetVolumeLabelW
SizeofResource
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WaitForSingleObject
WriteConsoleW
WriteFile
WritePrivateProfileStringW
WriteProfileStringA
_lclose
_lwrite
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenA
lstrlenW
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapAlloc
GetVolumeInformationA
GetVersionExW
GetVersionExA
GetThreadPriorityBoost
GetTempFileNameW
GetSystemTime
GetSystemDirectoryW
GetSystemDirectoryA
GetStringTypeExW
GetQueuedCompletionStatus
GetProfileSectionA
GetProfileIntA
GetProcessHeap
GetProcAddress
GetPrivateProfileStringW
GetPrivateProfileSectionNamesA
GetPrivateProfileIntW
GetOEMCP
GetModuleHandleA
GetModuleFileNameW
GetLastError
GetCurrentThreadId
GetCurrentProcess
GetConsoleMode
GetConsoleDisplayMode
GetConsoleCP
GetConsoleAliasW
GetConsoleAliasExesLengthA
GetComputerNameExW
GetCommandLineW
GetACP
FreeLibrary
FormatMessageW
FlushInstructionCache
FindResourceW
FindResourceExW
FindNextFileA
FindFirstFileExA
FillConsoleOutputCharacterW
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
ExitProcess
EnterCriticalSection
EndUpdateResourceW
DeleteFileW
DeleteCriticalSection
CreateProcessW
CreateMutexW
CreateMutexA
CreateFileMappingW
CreateFileMappingA
CreateEventW
CreateDirectoryA
CopyFileExA
ConvertThreadToFiber
CompareStringW
CommConfigDialogW
CloseHandle
BindIoCompletionCallback
BeginUpdateResourceW
AddConsoleAliasW
VirtualAlloc
CreateFileW
SetCurrentDirectoryW
GetModuleHandleW

user32

DrawIcon
DrawIconEx
DrawTextExW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndDialog
EndPaint
EnumChildWindows
EnumDesktopWindows
EnumDisplayMonitors
EnumThreadWindows
EnumWindows
EqualRect
FillRect
FindWindowExW
FindWindowW
FrameRect
GetActiveWindow
GetAncestor
GetAsyncKeyState
GetCapture
GetClassInfoA
GetClassInfoExW
GetClassInfoW
GetClassLongW
GetClassNameW
GetClassWord
GetClientRect
GetClipboardSequenceNumber
CopyImage
GetDCEx
GetDlgCtrlID
GetDlgItem
GetDlgItemTextW
GetForegroundWindow
GetIconInfo
GetKeyNameTextW
GetKeyboardLayoutList
GetKeyboardLayoutNameW
GetKeyboardState
GetLastActivePopup
GetMenu
GetMenuDefaultItem
GetMenuItemID
GetMenuItemInfoW
GetMenuState
GetMenuStringW
GetMessageExtraInfo
GetMessagePos
GetMessageW
GetMonitorInfoW
GetParent
GetPropW
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColorBrush
GetSystemMenu
GetUpdateRect
GetWindow
GetWindowContextHelpId
GetWindowDC
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextW
GetWindowThreadProcessId
HideCaret
InflateRect
InsertMenuItemW
InsertMenuW
IntersectRect
InvalidateRect
IsCharAlphaNumericW
IsChild
IsDialogMessageA
IsDialogMessageW
IsIconic
IsRectEmpty
IsWindow
IsWindowUnicode
IsZoomed
KillTimer
LoadBitmapW
LoadIconW
LoadImageW
LoadKeyboardLayoutW
LoadMenuW
LoadStringW
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxA
MessageBoxExW
MessageBoxW
ModifyMenuW
MonitorFromPoint
MonitorFromWindow
MoveWindow
MsgWaitForMultipleObjects
MsgWaitForMultipleObjectsEx
OemToCharBuffA
OffsetRect
OpenClipboard
OpenDesktopW
PeekMessageA
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RealChildWindowFromPoint
RedrawWindow
RegisterClassExW
RegisterClassW
RegisterClipboardFormatW
RegisterHotKey
RegisterWindowMessageW
ReleaseDC
RemoveMenu
RemovePropW
DrawFrameControl
ScrollWindow
SendDlgItemMessageW
SendInput
SendMessageA
SendMessageTimeoutW
SendMessageW
SetActiveWindow
SetCapture
SetClassLongW
SetClipboardData
SetCursor
SetCursorPos
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetKeyboardState
SetLastErrorEx
SetMenu
SetMenuDefaultItem
SetMenuItemInfoW
SetParent
SetPropW
SetRect
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowCursor
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoW
TabbedTextOutA
TabbedTextOutW
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassA
UnregisterClassW
UnregisterHotKey
UpdateWindow
WaitMessage
WinHelpW
WindowFromPoint
wsprintfW
wvsprintfW
CloseClipboard
ClientToScreen
ChildWindowFromPoint
CheckMenuItem
CharUpperBuffW
CharToOemBuffA
CharPrevW
CharLowerW
CharLowerBuffW
CallWindowProcW
CallNextHookEx
BeginPaint
AllowSetForegroundWindow
AdjustWindowRectEx
ActivateKeyboardLayout
GetKeyState
GetWindowTextLengthW
LoadCursorW
GetKeyboardLayout
GetClipboardOwner
GetSysColor
GetInputState
CharNextW
DestroyIcon
VkKeyScanA
IsCharAlphaW
VkKeyScanW
GetDoubleClickTime
GetKBCodePage
GetCaretBlinkTime
PaintDesktop
InSendMessage
GetQueueStatus
GetMenuCheckMarkDimensions
WindowFromDC
GetShellWindow
IsCharAlphaNumericA
IsClipboardFormatAvailable
CreatePopupMenu
GetThreadDesktop
LoadCursorFromFileA
GetClipboardViewer
GetProcessWindowStation
ShowCaret
GetWindowTextLengthA
GetMenuContextHelpId
DrawMenuBar
GetTopWindow
GetDC
GetFocus
IsWindowEnabled
EnumClipboardFormats
ReleaseCapture
IsMenu
GetSystemMetrics
IsWindowVisible
GetDesktopWindow
OemKeyScan
IsCharUpperW
GetMessageTime
CloseWindowStation
CharUpperW
GetClipboardData
GetMenuItemCount
DestroyWindow
GetCursor
DrawFocusRect
DrawEdge
DlgDirSelectComboBoxExA
DispatchMessageW
DispatchMessageA
DialogBoxParamW
DialogBoxIndirectParamW
DestroyMenu
DestroyCursor
DeleteMenu
DefWindowProcW
DefMDIChildProcW
DefFrameProcW
CreateWindowExW
CreateMenu
IsCharLowerW
GetKeyboardType
CloseDesktop
CreateIconIndirect
CreateIcon
CreateDialogParamW
CountClipboardFormats
ScreenToClient
CopyRect
GetCursorPos

gdi32

GetDCBrushColor
SaveDC
GetStockObject
GetGraphicsMode
GetStretchBltMode
GetColorSpace
AddFontResourceW
DeleteDC
GetBkColor
DeleteColorSpace
CloseFigure
CreateCompatibleDC
EndDoc
GetBkMode
AbortPath
GetPolyFillMode
GetEnhMetaFileA
CreatePatternBrush
BitBlt
CreateCompatibleBitmap
StrokePath
CreateFontIndirectW
CreatePen
CreateSolidBrush
DPtoLP
DeleteObject
ExtTextOutW
GetDIBColorTable
GetDeviceCaps
GetEnhMetaFileHeader
GetObjectW
PtVisible
Rectangle
RoundRect
SelectObject
SetBkColor
SetBkMode
SetDIBColorTable
SetTextColor
StretchBlt
gdiPlaySpoolStream
SwapBuffers
GetObjectType
GetTextCharacterExtra
GetTextAlign
EndPage
SetMetaRgn
DeleteMetaFile
GetSystemPaletteUse
GetFontLanguageInfo
GetLayout
CloseMetaFile
CreateDIBSection
GetTextCharset

advapi32

RegDeleteKeyW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey
GetUserNameW
RegOpenKeyExW

shell32

SHFileOperationW
ShellExecuteW
ShellExecuteExW
SHQueryRecycleBinW
SHInvokePrinterCommandW
DoEnvironmentSubstA
DragQueryFileAorW
SHChangeNotify
SHFileOperationA
Shell_NotifyIconW
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

ole32

OleInitialize
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
OleUninitialize

shlwapi

StrStrW
StrRChrIW
StrRChrIA
StrChrA
PathFindExtensionW

comctl32

InitCommonControlsEx

imm32

ImmDisableIME

Sections

.text
Size: 231KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d594c3da09df47926f98761efef2f7b1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

comctl32

imm32

Sections

.text Size: 231KB - Virtual size: 230KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 140KB - Virtual size: 140KB

.text
Size: 231KB - Virtual size: 230KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 140KB - Virtual size: 140KB