d6b14fc27357d5ad8744638145bc4538

Sharing

Copy URL Twitter E-mail

General

Target

d6b14fc27357d5ad8744638145bc4538
Size

4.8MB
MD5

d6b14fc27357d5ad8744638145bc4538
SHA1

d36770527a55723b2967d214aafad6c3c424ffc8
SHA256

8b88c65ae6a6b585682b13c82a1f35a83c3075a691ec3dc5546fbeb72c7cde34
SHA512

9d6ec57bb610676030733d3c90549798d814833bd44e3644ce310c6d5a91d9e484cec6693d0c643016d95b107d8f181df5cceb28dc8fe6906162530bad887fa9
SSDEEP

98304:JcMlV7nK8p60ikCLiGXaRfWhjw1lpvCIXs4yKurS6:JcMO8pWpFX8Wj09s/Je6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6b14fc27357d5ad8744638145bc4538

Files

d6b14fc27357d5ad8744638145bc4538
.exe windows:5 windows x86 arch:x86

6be2945532c35a4122c9a2131f586c1b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
LockResource
LoadResource
SizeofResource
FindResourceW
SetLastError
FreeResource
GetFullPathNameW
GetModuleHandleA
MulDiv
LoadLibraryW
GetTickCount
GetVersionExA
HeapDestroy
SetCurrentDirectoryW
GetModuleFileNameW
GetCommandLineW
GetFileType
GetCurrentDirectoryW
SetFileTime
CreateDirectoryW
GetCurrentProcess
SystemTimeToFileTime
DosDateTimeToFileTime
WinExec
GetDiskFreeSpaceExA
MoveFileA
WritePrivateProfileStringA
LoadLibraryA
SetCurrentDirectoryA
GetPrivateProfileIntA
FreeLibrary
GetCurrentProcessId
CreateToolhelp32Snapshot
FindNextFileW
FindNextFileA
Process32NextW
Process32FirstW
FindClose
RemoveDirectoryA
GlobalAlloc
GlobalLock
GlobalUnlock
LocalFree
SetEnvironmentVariableA
CompareStringW
GetProcessHeap
SetEndOfFile
WriteConsoleW
HeapAlloc
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
SetStdHandle
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
InterlockedExchange
LCMapStringW
FlushFileBuffers
SetHandleCount
GetConsoleMode
GetConsoleCP
GetStringTypeW
InitializeCriticalSectionAndSpinCount
HeapSize
GetTimeZoneInformation
RaiseException
GetLocaleInfoW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsProcessorFeaturePresent
GetStdHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
GetStartupInfoW
HeapSetInformation
ResumeThread
ExitProcess
HeapReAlloc
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
EncodePointer
DecodePointer
CreateThread
GetCurrentThreadId
ExitThread
HeapFree
IsValidLocale
FlushInstructionCache
GetProcAddress
FindFirstFileA
TerminateProcess
OpenProcess
FindFirstFileW
DeleteFileA
SetFileAttributesW
GetTempPathA
GetModuleFileNameA
GetTempFileNameA
GetModuleHandleW
Sleep
MultiByteToWideChar
WideCharToMultiByte
lstrcmpW
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
DeleteCriticalSection
CreateFileA
EnterCriticalSection
LeaveCriticalSection
GetVersionExW
VirtualAlloc
VirtualFree
CloseHandle
GetLastError
CreateFileW
ReadFile
WriteFile
SetFilePointer
lstrlenA

user32

GetActiveWindow
GetParent
GetFocus
wsprintfW
SendMessageW
ShowWindow
FindWindowW
PostMessageW
GetWindow
GetMonitorInfoW
MapWindowPoints
MessageBoxW
IsWindowVisible
MonitorFromWindow
GetWindowLongW
GetClientRect
GetWindowRect
DestroyWindow
MessageBoxA
DestroyCursor
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
PtInRect
SetWindowPos
IsRectEmpty
IsWindow
DefWindowProcW
InvertRect
FillRect
DrawIconEx
SetFocus
CopyRect
SetRect
EqualRect
InflateRect
IntersectRect
UnionRect
SetCursor
SetTimer
KillTimer
DestroyIcon
UpdateWindow
SetWindowLongW
InvalidateRect
ScreenToClient
GetDC
ReleaseDC
SetCapture
SetWindowTextW
IsIconic
GetCursorPos
ReleaseCapture
GetCapture
HideCaret
CreateCaret
GetCaretBlinkTime
SetCaretPos
UpdateLayeredWindow
AppendMenuW
CreatePopupMenu
DestroyMenu
IsZoomed
TrackPopupMenu
GetMenuItemCount
GetMenuItemInfoW
MapVirtualKeyA
CharLowerBuffW
DrawTextW
SystemParametersInfoA
GetSystemMetrics
EnableMenuItem
GetKeyState
GetSysColor
ClientToScreen
CreateIconFromResource
LoadImageW
LoadBitmapW
GetIconInfo
CharNextW
OffsetRect
RegisterClassExW
CreateWindowExW
CallWindowProcW
GetDlgItem
UnregisterClassW
SetLayeredWindowAttributes
BeginPaint
EndPaint
PostQuitMessage
GetClassNameW
TrackMouseEvent
AnimateWindow
SetForegroundWindow

gdi32

CombineRgn
CreateCompatibleBitmap
SetViewportOrgEx
StretchBlt
CreateSolidBrush
Rectangle
SetBkMode
GetStockObject
GetObjectW
CreateFontIndirectW
GetClipBox
CreateRoundRectRgn
CreateBitmap
CreateCompatibleDC
SelectObject
DeleteDC
GetDeviceCaps
SetGraphicsMode
EnumFontsW
DeleteObject
BitBlt
CreateDIBSection
PtInRegion
RectInRegion
GetRgnBox
OffsetRgn
SetRectRgn
CreateEllipticRgnIndirect
SetTextColor
GetTextColor
ExtSelectClipRgn
SaveDC
CreateRectRgnIndirect
RestoreDC
ExcludeClipRect
IntersectClipRect
CreateRectRgn
GetTextExtentPoint32W
RoundRect
Ellipse
SetWorldTransform
GetWorldTransform
Polyline
Arc
Pie
CreatePen
CreatePatternBrush
GetClipRgn
GetViewportOrgEx
GetCurrentObject

advapi32

RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyW
RegCloseKey
RegCreateKeyExA
RegSetValueExA

shell32

SHBrowseForFolderW
CommandLineToArgvW
ShellExecuteA
SHGetPathFromIDListW
ShellExecuteW
SHGetPathFromIDListA
SHGetSpecialFolderLocation

ole32

CreateBindCtx
OleLockRunning
CLSIDFromString
CreateStreamOnHGlobal
OleUninitialize
OleInitialize
StringFromGUID2
CoInitialize
CoUninitialize
CoCreateInstance
CLSIDFromProgID

oleaut32

GetErrorInfo
SysAllocString
SysFreeString

shlwapi

PathFileExistsA
StrToIntExW

netapi32

Netbios

wininet

HttpQueryInfoA
InternetConnectA
InternetCrackUrlA
InternetReadFile
InternetSetOptionA
HttpQueryInfoW
HttpOpenRequestA
HttpSendRequestA
InternetOpenA
InternetCloseHandle
InternetReadFileExA
DeleteUrlCacheEntryW
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
FindCloseUrlCache

psapi

GetProcessImageFileNameA

imagehlp

MakeSureDirectoryPathExists

imm32

ImmGetContext
ImmReleaseContext

gdiplus

GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipSaveImageToFile
GdipGetImageWidth
GdipGetImageHeight
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipGetImageGraphicsContext
GdipGraphicsClear
GdipDrawImageRectI
GdiplusShutdown

msimg32

AlphaBlend
GradientFill

Sections

.text
Size: 785KB - Virtual size: 785KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 241KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6be2945532c35a4122c9a2131f586c1b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

netapi32

wininet

psapi

imagehlp

imm32

gdiplus

msimg32

Sections

.text Size: 785KB - Virtual size: 785KB

.rdata Size: 241KB - Virtual size: 241KB

.data Size: 36KB - Virtual size: 143KB

.rsrc Size: 4.4MB - Virtual size: 4.4MB

.reloc Size: 86KB - Virtual size: 86KB

.text
Size: 785KB - Virtual size: 785KB

.rdata
Size: 241KB - Virtual size: 241KB

.data
Size: 36KB - Virtual size: 143KB

.rsrc
Size: 4.4MB - Virtual size: 4.4MB

.reloc
Size: 86KB - Virtual size: 86KB