0dccadc8188b4fd63a13fe93133f576eeb859183e830083c200591e769d7e12d

Sharing

Copy URL Twitter E-mail

General

Target

0dccadc8188b4fd63a13fe93133f576eeb859183e830083c200591e769d7e12d
Size

9.8MB
MD5

658c8aba9c8f6bb999ad197246f22bd8
SHA1

4457e6f35ce38d54223b33f7266ae6e0e27c7f25
SHA256

0dccadc8188b4fd63a13fe93133f576eeb859183e830083c200591e769d7e12d
SHA512

87d3f002f13ec8768166df11b698174a15b3327c900249277a13c94bba3cd5ab1688c0dd1a7288734bc76984e2230bc8aad6eb6edd8c39c3493d40c63d30ba6c
SSDEEP

98304:ydQ1FMcEk1UmK4ynHw8QF5gKQFUUK3Zm4boQyfqgDBk3p96zbrYLHj0yn0KN/zy4:2uN1UmlYHw8s5YWUYboQ+B0/0KN/zy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dccadc8188b4fd63a13fe93133f576eeb859183e830083c200591e769d7e12d

Files

0dccadc8188b4fd63a13fe93133f576eeb859183e830083c200591e769d7e12d
.exe windows:5 windows x86 arch:x86

0f84f598bb0436219bf4d3c6dcd153f5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

t:\pub\x86\ship\0\mspub.pdb

Imports

msvcr90

wcstol
_snwprintf_s
memmove
memset
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
?terminate@@YAXXZ
_crt_debugger_hook
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
_except_handler4_common
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
iswascii
_wcsupr_s
_CxxThrowException
srand
rand
_CIpow
strchr
iswxdigit
iswdigit
towupper
iswpunct
iswcntrl
wcstoul
_wcsicmp
sprintf_s
_wtoi
floor
_vsnprintf_s
ceil
bsearch
_vsnwprintf_s
_CIcos
_CIsin
strncmp
swprintf_s
_wcsnicmp
strtol
qsort
_CIsqrt
iswspace
vsprintf_s
vswprintf_s
_wmakepath_s
_getdiskfree
_wsplitpath_s
_controlfp_s
swscanf_s
strncpy_s
wcstok_s
atoi
wcsrchr
memcpy
wcschr
wcsstr
wcsncpy_s

kernel32

GetStringTypeExW
GetSystemDefaultLCID
DeviceIoControl
GetOEMCP
FindAtomW
FreeResource
GetVersionExA
GetModuleHandleExW
RtlCaptureStackBackTrace
VirtualProtect
QueryPerformanceCounter
GetProcessHeap
HeapFree
HeapAlloc
InterlockedExchange
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLocaleInfoW
WaitForMultipleObjects
FindNextChangeNotification
FindCloseChangeNotification
FindFirstChangeNotificationW
GetOverlappedResult
ReadDirectoryChangesW
SystemTimeToTzSpecificLocalTime
GlobalHandle
SetCurrentDirectoryW
GetNumberFormatW
GetCurrencyFormatW
ExpandEnvironmentStringsW
lstrlenW
EnumSystemLocalesW
FileTimeToLocalFileTime
FileTimeToSystemTime
OpenThread
SizeofResource
MultiByteToWideChar
lstrcmpW
CreateEventW
WaitForSingleObject
ResetEvent
MoveFileW
Sleep
CreateProcessW
EnterCriticalSection
LeaveCriticalSection
GetFileSize
LoadLibraryExA
OpenFile
LoadLibraryExW
GetCurrentProcessId
GetDiskFreeSpaceW
CompareFileTime
WideCharToMultiByte
GetSystemDirectoryW
GetUserDefaultLCID
IsValidCodePage
IsDBCSLeadByteEx
FreeLibrary
GetUserDefaultLangID
GetSystemTimeAsFileTime
CopyFileW
SetFileAttributesW
CreateFileW
GetFileType
SetFileTime
GetTempFileNameW
GlobalFlags
LocalAlloc
GetFileTime
CopyFileExW
GetFileAttributesExW
CreateFileMappingW
LoadResource
GlobalReAlloc
GetLocalTime
GetSystemDefaultLangID
GetACP
ExitProcess
FormatMessageW
GlobalSize
WriteFile
DeleteFileW
SetFilePointer
ReadFile
InitializeCriticalSection
GetCommandLineW
AddAtomW
GetSystemTime
SystemTimeToFileTime
OpenEventW
SetEvent
MapViewOfFile
OpenProcess
DuplicateHandle
UnmapViewOfFile
CloseHandle
DeleteCriticalSection
GetSystemInfo
GetCurrentProcess
SetProcessWorkingSetSize
FindResourceW
LockResource
GetDriveTypeW
GetPrivateProfileStringW
FindNextFileW
FindClose
SetErrorMode
FindFirstFileW
LoadLibraryA
GetCurrentThreadId
OutputDebugStringA
GetModuleFileNameW
SetLastError
GetLastError
LoadLibraryW
GetTickCount
GetVersion
GetFileAttributesW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
RaiseException
GetCurrentThread

user32

CreatePopupMenu
InsertMenuItemW
EnumChildWindows
SetLayeredWindowAttributes
GetCapture
CharToOemBuffA
EnableScrollBar
CreateDialogParamW
DialogBoxIndirectParamW
TrackMouseEvent
AppendMenuW
CopyRect
GetKeyboardLayoutList
GetShellWindow
UnregisterClassW
GetSubMenu
GetMenuItemInfoW
SetMenuItemInfoW
TrackPopupMenuEx
DestroyMenu
CopyIcon
GetSystemMenu
EnableMenuItem
SetParent
MessageBoxW
GetWindowTextW
NotifyWinEvent
ValidateRect
GetQueueStatus
GetWindowThreadProcessId
GetWindowTextLengthW
wsprintfA
SetScrollRange
SetScrollPos
DefDlgProcW
RegisterClassExW
IsWindow
MsgWaitForMultipleObjects
DrawFrameControl
GetScrollInfo
SetScrollInfo
EnumWindows
SetRectEmpty
GetCursor
GetUpdateRgn
GetMenuItemCount
RemoveMenu
GetMenu
SetMenu
DrawMenuBar
GetClassNameA
CharLowerA
LoadImageW
DrawIconEx
GetDlgItemTextW
GetDlgItemTextA
SendMessageA
PostMessageA
SetDlgItemTextW
SetDlgItemTextA
SendMessageW
PostMessageW
InvertRect
OpenClipboard
CloseClipboard
DrawTextW
GetMessagePos
GetScrollPos
MapWindowPoints
SetCaretPos
DestroyCaret
GetInputState
OpenIcon
LoadMenuW
LoadIconW
LoadCursorW
LoadBitmapW
LoadAcceleratorsW
CreateCaret
DrawFocusRect
GetFocus
DrawEdge
GetWindow
InSendMessage
FlashWindow
SetClipboardViewer
RegisterClipboardFormatW
GetWindowPlacement
MonitorFromWindow
SetWindowPlacement
SetForegroundWindow
PostQuitMessage
ChangeClipboardChain
GetCaretBlinkTime
IsWindowEnabled
GetKeyboardLayout
SendNotifyMessageW
IsWindowUnicode
BeginDeferWindowPos
EndDeferWindowPos
TranslateAcceleratorW
CopyAcceleratorTableW
GetClassNameW
IsZoomed
MonitorFromRect
GetMonitorInfoW
IsRectEmpty
GetPropW
DeferWindowPos
GetAsyncKeyState
ScrollWindow
IsIconic
MoveWindow
GetWindowDC
CheckRadioButton
RedrawWindow
UnionRect
GetSysColor
GetSysColorBrush
FrameRect
SetCursorPos
GetActiveWindow
SetFocus
ReleaseCapture
SetCapture
ScrollWindowEx
ScrollDC
SystemParametersInfoW
PtInRect
SetActiveWindow
MessageBeep
SetPropW
BringWindowToTop
VkKeyScanW
GetForegroundWindow
CreateWindowExW
GetScrollRange
RegisterWindowMessageW
GetSystemMetrics
GetDoubleClickTime
EnableWindow
IsDlgButtonChecked
GetDlgItem
EndDialog
CheckDlgButton
CallWindowProcW
SetWindowLongW
GetWindowLongW
GetKeyState
OffsetRect
ClientToScreen
ScreenToClient
GetLastActivePopup
IsDialogMessageW
TranslateMessage
DispatchMessageW
CreateDialogIndirectParamW
GetCursorPos
IsChild
IsMenu
TranslateAcceleratorA
CreateMenu
GetMenuStringW
InsertMenuW
SetTimer
GetClassInfoW
SetWindowsHookExW
CallNextHookEx
IsWindowVisible
DefWindowProcW
BeginPaint
DrawIcon
EndPaint
GetWindowRect
WindowFromPoint
ShowWindow
UpdateWindow
RegisterClassW
GetClientRect
SetWindowPos
SetWindowRgn
KillTimer
DestroyWindow
DestroyIcon
GetDesktopWindow
GetDC
ReleaseDC
UnhookWindowsHookEx
PeekMessageW
GetParent
InflateRect
InvalidateRgn
GetUpdateRect
FillRect
IntersectRect
EqualRect
SetCursor
InvalidateRect
SetRect
GetDlgCtrlID

advapi32

RegCloseKey
RegOpenKeyExW
RegisterEventSourceW
ReportEventW
DeregisterEventSource
RegisterTraceGuidsA
TraceEvent
UnregisterTraceGuids
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
RegOpenKeyExA
RegQueryValueExA
RegSetValueExW
RegQueryValueExW
RegEnumValueW
RegOpenKeyA
RegDeleteValueW

winspool.drv

SetJobW

msimg32

AlphaBlend
TransparentBlt

rpcrt4

RpcCancelThread

oleacc

AccessibleObjectFromWindow
LresultFromObject

gdi32

GetViewportExtEx
PlayMetaFile
DeleteDC
SetBkMode
CreateCompatibleDC
SetROP2
BitBlt
GetWindowExtEx
GetTextColor
GetBkColor
RoundRect
PolyPolygon
Ellipse
PatBlt
GetDeviceCaps
CombineRgn
OffsetRgn
FrameRgn
FillRgn
CreatePatternBrush
SetBrushOrgEx
GetWindowOrgEx
UnrealizeObject
SetWindowOrgEx
SetBkColor
SelectClipRgn
GetTextExtentPointW
GetTextMetricsW
SetRectRgn
CreateRectRgn
SetTextColor
Escape
GetRgnBox
CreateRectRgnIndirect
ExtSelectClipRgn
GetClipRgn
GetObjectType
StrokePath
StrokeAndFillPath
ExtCreatePen
EndPath
PlayMetaFileRecord
BeginPath
SetWorldTransform
SetGraphicsMode
DeleteMetaFile
CloseEnhMetaFile
SetViewportExtEx
SetWindowExtEx
SetViewportOrgEx
SetMapMode
GetTextAlign
ExtTextOutW
GetViewportOrgEx
EnumEnhMetaFile
CreateEnhMetaFileW
GetPaletteEntries
GetNearestPaletteIndex
CreateCompatibleBitmap
CreateDCW
GetDIBits
GdiFlush
CreateDIBSection
PlayEnhMetaFile
PtVisible
GetFontData
EnumMetaFile
EnumFontFamiliesExW
TranslateCharsetInfo
CreateBitmap
CreateDIBPatternBrushPt
CreateFontIndirectW
CreateHatchBrush
CreateMetaFileW
CreatePenIndirect
CreatePolygonRgn
CreateSolidBrush
CreateFontW
CreateRoundRectRgn
CreateDIBitmap
CloseMetaFile
GetMetaFileBitsEx
SetLayout
GetLayout
GetTextExtentExPointW
GetTextExtentPoint32W
GetOutlineTextMetricsW
CreateBitmapIndirect
ExcludeClipRect
PlayEnhMetaFileRecord
GetEnhMetaFileHeader
DPtoLP
LPtoDP
AbortDoc
ExtEscape
SetAbortProc
GdiSetBatchLimit
GetEnhMetaFileW
StartPage
EndPage
EndDoc
CancelDC
CloseFigure
GetMapMode
SetEnhMetaFileBits
GetPixel
GetGlyphOutlineW
GetGlyphIndicesW
GetPath
GetBitmapDimensionEx
GetNearestColor
GetEnhMetaFileBits
SetPixelV
SetTextCharacterExtra
SetICMMode
CreateBrushIndirect
MaskBlt
SetDIBitsToDevice
ModifyWorldTransform
GetWorldTransform
GetGraphicsMode
PlgBlt
GdiComment
GetBkMode
GetTextCharsetInfo
SelectPalette
DeleteObject
SelectObject
GetStockObject
StretchDIBits
SaveDC
RestoreDC
GetCurrentObject
SetTextAlign
GetObjectW
GetClipBox
StretchBlt
Pie
Chord
Arc
PolyPolyline
Polyline
LineTo
MoveToEx
Rectangle
RealizePalette
Polygon
CreatePen
SelectClipPath
IntersectClipRect
SetStretchBltMode
DeleteEnhMetaFile
SetMetaFileBitsEx

ole32

CoCreateGuid
OleSetClipboard
OleSave
ReadClassStg
ProgIDFromCLSID
CLSIDFromProgID
CreateOleAdviseHolder
CoGetMalloc
CoRegisterMessageFilter
CoUnmarshalInterface
CoDisconnectObject
CoRevokeClassObject
CoRegisterClassObject
StgIsStorageFile
ReadClassStm
CoCreateInstance
CreateDataAdviseHolder
DoDragDrop
RegisterDragDrop
RevokeDragDrop
CoLockObjectExternal
CreateBindCtx
CoTaskMemFree
CoUninitialize
CoInitialize
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
CoMarshalInterface
CoFreeUnusedLibraries
ReleaseStgMedium
CreateStreamOnHGlobal
OleSetMenuDescriptor
OleIsRunning
GetHGlobalFromILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoIsOle1Class
MkParseDisplayName
StringFromCLSID
CreateGenericComposite
CreateItemMoniker
CreateFileMoniker
CoTreatAsClass
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
ReadFmtUserTypeStg
OleQueryCreateFromData
GetConvertStg
OleCreateMenuDescriptor
OleCreateDefaultHandler
OleLoad
OleRun
OleDestroyMenuDescriptor
OleSetContainedObject
OleNoteObjectVisible
OleConvertOLESTREAMToIStorage
OleCreateFromData
OleCreateStaticFromData
OleCreateLinkFromData
OleCreate
CLSIDFromString
OleCreateFromFile
OleCreateLink
CoGetCurrentProcess
OleUninitialize
OleBuildVersion
OleInitialize
WriteClassStm
StringFromGUID2

oleaut32

VariantClear
SysReAllocStringLen
VariantTimeToSystemTime
LoadTypeLi
SafeArrayCopy
SafeArrayDestroy
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
VariantCopy
VariantChangeType
RegisterActiveObject
LoadRegTypeLi
RevokeActiveObject
LoadTypeLibEx
CreateErrorInfo
SysStringByteLen
VariantInit
SysFreeString
SysAllocString
SysStringLen
SysReAllocString
SysAllocStringLen
SysAllocStringByteLen
SetErrorInfo

Sections

.text
Size: 7.1MB - Virtual size: 7.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 979KB - Virtual size: 997KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 402KB - Virtual size: 401KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0f84f598bb0436219bf4d3c6dcd153f5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcr90

kernel32

user32

advapi32

winspool.drv

msimg32

rpcrt4

oleacc

gdi32

ole32

oleaut32

Sections

.text Size: 7.1MB - Virtual size: 7.1MB

.data Size: 979KB - Virtual size: 997KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 402KB - Virtual size: 401KB

.text
Size: 7.1MB - Virtual size: 7.1MB

.data
Size: 979KB - Virtual size: 997KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 402KB - Virtual size: 401KB