a876409c0081037f2721340e37a9e0a2fe4c2a7f36e0dfe1dd83c56760551545

Sharing

Copy URL

Twitter E-mail

General

Target

a876409c0081037f2721340e37a9e0a2fe4c2a7f36e0dfe1dd83c56760551545
Size

3.1MB
MD5

d9f046f104082dfca80e0d66adcd8748
SHA1

b55137c9444fd559c4d9a922ffd70c2e78a861d8
SHA256

a876409c0081037f2721340e37a9e0a2fe4c2a7f36e0dfe1dd83c56760551545
SHA512

8d5fbac7082ae07903c8a88b965d6ac0590c70090cb73fa4d110c9c67bca800176f9d4fed2852485dd1bbed41b17085415d538f2bc69a3a717860a884bad5fc1
SSDEEP

98304:LQBQuoTcsO0eBhrIgdx/objwHj1X1VEHYXBdS+fnJXXXXP9:LQBQuwu/nHj1lu4XBdS+l9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a876409c0081037f2721340e37a9e0a2fe4c2a7f36e0dfe1dd83c56760551545

Files

a876409c0081037f2721340e37a9e0a2fe4c2a7f36e0dfe1dd83c56760551545
.exe windows:5 windows x86 arch:x86

cc17b93dcfdeafe3d345908b5793cc69

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

user32

DrawMenuBar
EnableScrollBar
SetScrollInfo
EndPaint
BeginPaint
PostQuitMessage
DestroyMenu
DestroyWindow
DefWindowProcA
MessageBoxA
EnableMenuItem
IsWindowVisible
FindWindowExA
GetWindowThreadProcessId
GetSystemMenu
GetWindowTextLengthA
SetFocus
RemovePropA
GetWindowTextA
PostMessageA
GetWindowRgn
DestroyCursor
SubtractRect
MapVirtualKeyExA
IsCharLowerA
GetDoubleClickTime
CharUpperBuffA
CopyIcon
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
WaitMessage
IsMenu
UpdateLayeredWindow
UnionRect
MonitorFromPoint
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
GetPropA
GetNextDlgGroupItem
CopyImage
GetIconInfo
HideCaret
InvertRect
GetMenuDefaultItem
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateA
MessageBeep
ReleaseCapture
SetCapture
LoadMenuW
WindowFromPoint
DestroyAcceleratorTable
SetParent
RedrawWindow
SetWindowRgn
IsZoomed
OffsetRect
IsRectEmpty
CharUpperA
UnregisterClassA
PostThreadMessageA
LoadCursorW
ModifyMenuA
GetMenu
DispatchMessageA
TranslateMessage
GetMessageA
SetClassLongA
CreateWindowExA
SetMenu
AppendMenuA
CreateMenu
RegisterClassA
LoadIconA
LoadBitmapW
SetWindowPos
wsprintfA
ClientToScreen
LoadCursorA
GetClassLongA
CloseDesktop
OpenDesktopA
SetWindowLongA
UpdateWindow
SetWindowTextW
GetWindowLongA
DestroyIcon
FindWindowA
KillTimer
GetActiveWindow
IsWindow
DeleteMenu
GetMenuItemCount
InsertMenuA
SystemParametersInfoA
SetForegroundWindow
GetCursorPos
ShowWindow
InvalidateRect
GetSysColor
DrawIcon
GetSystemMetrics
IsIconic
GetClientRect
SetLayeredWindowAttributes
EnumDisplayMonitors
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
SetPropA
GetClassNameA
TranslateAcceleratorA
SetCursor
GetWindowRect
ReleaseDC
GetDC
SetTimer
SetRectEmpty
RealChildWindowFromPoint
GetSysColorBrush
MapVirtualKeyA
GetKeyNameTextA
NotifyWinEvent
DrawFocusRect
IntersectRect
MapDialogRect
GetAsyncKeyState
MoveWindow
SetWindowTextA
IsDialogMessageA
GetMessageTime
CheckDlgButton
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetDesktopWindow
CreatePopupMenu
LoadImageA
SendMessageA
LoadIconW
EnableWindow
RegisterWindowMessageA
ValidateRect
PeekMessageA
GetKeyState
CallNextHookEx
SetWindowsHookExA
RemoveMenu
GetSubMenu
GetMenuItemID
GetMenuStringA
GetMenuState
RegisterClipboardFormatA
IsWindowEnabled
GetLastActivePopup
GetParent
UnhookWindowsHookEx
EndDialog
GetNextDlgTabItem
GetDlgItem
CreateDialogIndirectParamA
SetActiveWindow
FillRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ScreenToClient
GetWindowDC
CopyRect
InflateRect
GetMenuItemInfoA
CheckMenuItem
GetFocus
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ShowOwnedPopups
GetWindow
CallWindowProcA
GetDlgCtrlID
GetWindowPlacement
SetWindowPlacement
PtInRect
GetScrollInfo
DeferWindowPos
EqualRect
AdjustWindowRectEx
GetClassInfoA
GetClassInfoExA
ShowScrollBar
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
TrackPopupMenu
ScrollWindow
MapWindowPoints
GetMonitorInfoA
MonitorFromWindow
GetMessagePos

kernel32

ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
GetCPInfo
GetOEMCP
FindResourceExW
GetFileAttributesExA
GetFileSizeEx
GetFileTime
SetErrorMode
GetTempFileNameA
GetWindowsDirectoryA
GetNumberFormatA
InitializeCriticalSectionAndSpinCount
GetProfileIntA
SearchPathA
GetACP
GlobalFlags
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
HeapAlloc
ExitThread
CreateThread
HeapSetInformation
GetStartupInfoW
RtlUnwind
HeapReAlloc
RaiseException
VirtualAlloc
VirtualQuery
ExitProcess
SetStdHandle
GetFileType
HeapSize
HeapQueryInformation
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetStringTypeW
HeapCreate
IsProcessorFeaturePresent
GetTimeZoneInformation
LCMapStringW
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetDriveTypeW
GetConsoleCP
GetConsoleMode
CompareStringW
GetCurrentDirectoryW
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
GetCurrentDirectoryA
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
FileTimeToSystemTime
VirtualProtect
GlobalGetAtomNameA
LoadLibraryW
lstrcmpW
GlobalAddAtomA
FindResourceA
FreeResource
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetTickCount
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
ActivateActCtx
DeactivateActCtx
InterlockedExchange
lstrcmpA
GetModuleHandleW
SetLastError
GlobalSize
FormatMessageA
lstrlenW
MulDiv
SuspendThread
GetCurrentThreadId
SetThreadPriority
ExpandEnvironmentStringsA
OpenEventA
GetLocalTime
GetPrivateProfileSectionA
WritePrivateProfileStringA
GetPrivateProfileSectionNamesA
GetGeoInfoA
GetUserDefaultLCID
GetUserGeoID
GetCurrentProcessId
GlobalFree
ReleaseSemaphore
CreateSemaphoreA
GlobalAlloc
GlobalUnlock
GlobalLock
RemoveDirectoryA
WaitForSingleObject
CopyFileA
CreateDirectoryA
DeleteFileA
GetTempPathA
GetFileAttributesA
GetSystemInfo
GetProcAddress
GetModuleHandleA
GetPrivateProfileStringW
GetCurrentProcess
GetCurrentThread
LocalAlloc
lstrlenA
LocalFree
GetPrivateProfileSectionW
GetLocaleInfoA
OpenProcess
OpenMutexA
CreateProcessA
OutputDebugStringA
GetPrivateProfileIntA
FindClose
FindFirstFileW
GetVersionExA
GlobalDeleteAtom
lstrcpyA
GetExitCodeThread
GetModuleFileNameA
SetEvent
CreateEventA
Sleep
InterlockedDecrement
FreeLibrary
LoadLibraryA
CloseHandle
ReleaseMutex
CreateMutexA
GetCommandLineA
MultiByteToWideChar
GlobalFindAtomA
GetPrivateProfileStringA
GetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
ResetEvent
WaitForMultipleObjects
ResumeThread
CreateFileA
lstrcmpiA
IsValidCodePage

gdi32

ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
SetPixelV
GetTextFaceA
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
Rectangle
SetPixel
SetDIBColorTable
GetRgnBox
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreateEllipticRgn
GetTextColor
GetBkColor
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
EnumFontFamiliesExA
GetTextCharsetInfo
EnumFontFamiliesA
CreateCompatibleBitmap
CreateDIBitmap
DPtoLP
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateHatchBrush
CreateSolidBrush
GetObjectType
SelectPalette
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkColor
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
StretchBlt
TextOutA
PatBlt
LineTo
MoveToEx
SelectObject
SetTextColor
SetBkMode
GetTextMetricsA
GetStockObject
BitBlt
CreateCompatibleDC
GetObjectA
GetTextExtentPoint32A
DeleteObject
CreatePen
GetDeviceCaps
CreateFontIndirectA
SetPaletteEntries

comdlg32

GetSaveFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
GetPrinterA
DocumentPropertiesA

advapi32

RegDeleteValueA
RegEnumValueA
RegCreateKeyExA
FreeSid
AllocateAndInitializeSid
OpenProcessToken
OpenThreadToken
RegSetValueExA
RegQueryValueExW
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
GetTokenInformation
EqualSid
RegDeleteKeyA
RegEnumKeyExA
RegEnumKeyA
RegQueryValueA

shell32

SHAppBarMessage
SHBrowseForFolderA
DragQueryFileA
DragFinish
SHGetDesktopFolder
SHGetFileInfoA
DoEnvironmentSubstA
ShellExecuteA
ShellExecuteW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetFolderPathA
Shell_NotifyIconA

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFileExistsA

ole32

RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoInitialize
DoDragDrop
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
OleRun
CoCreateInstance
CoUninitialize

oleaut32

SafeArrayGetLBound
SafeArrayGetUBound
VariantChangeType
SysAllocString
VariantCopy
SafeArrayGetElement
SystemTimeToVariantTime
SysStringLen
VarBstrFromDate
SysFreeString
SysAllocStringLen
VariantClear
VariantInit
VariantTimeToSystemTime
GetErrorInfo
SafeArrayGetDim

oledlg

ord8

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

psapi

EnumProcessModules
EnumProcesses
GetModuleFileNameExA

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipGetImagePaletteSize

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 346KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 891KB - Virtual size: 890KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 194KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc17b93dcfdeafe3d345908b5793cc69

Headers

DLL Characteristics

File Characteristics

Imports

winmm

user32

kernel32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

version

psapi

oleacc

gdiplus

imm32

msimg32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 346KB - Virtual size: 346KB

.data Size: 25KB - Virtual size: 56KB

.rsrc Size: 891KB - Virtual size: 890KB

.reloc Size: 194KB - Virtual size: 194KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 346KB - Virtual size: 346KB

.data
Size: 25KB - Virtual size: 56KB

.rsrc
Size: 891KB - Virtual size: 890KB

.reloc
Size: 194KB - Virtual size: 194KB