aa7790ab49485fec6a641824f829a1a2

Sharing

Copy URL Twitter E-mail

General

Target

aa7790ab49485fec6a641824f829a1a2
Size

1.6MB
MD5

aa7790ab49485fec6a641824f829a1a2
SHA1

a2e8793b6a8d6757ec64ba9719fd7341657a6d83
SHA256

964cc9ccc4accc975bfd343e74f4d175d93dbd3615d19a70c1020c3ff5a66245
SHA512

0e374163d0965625fe0dce11f7fe7b7b08f8038015a51f8a339ee37cb04b478b5aaa9191e61d18b527f89a12034916b843277c4b968a9601ee2e218a4cd149ff
SSDEEP

24576:67dIleq/rTBknA6y8jtPbp/pt0SZxY63r1P:OdIHp6yKtlq21P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa7790ab49485fec6a641824f829a1a2

Files

aa7790ab49485fec6a641824f829a1a2
.exe windows:4 windows x86 arch:x86

da9790083755ae50bef879d37c01260f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

sndPlaySoundA
PlaySoundA

kernel32

GetStartupInfoA
GetCommandLineA
RaiseException
CreateThread
ExitThread
HeapReAlloc
HeapSize
GetACP
SetStdHandle
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateMutexA
ReleaseMutex
GetDriveTypeA
WaitForSingleObject
Sleep
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
lstrcpyA
WinExec
lstrlenA
lstrcatA
FreeResource
LockResource
LoadResource
FindResourceA
CloseHandle
CreateFileA
GetModuleFileNameA
InterlockedDecrement
DeleteFileA
GetModuleHandleA
ExitProcess
GetProcAddress
GlobalFree
GlobalUnlock
GlobalLock
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
GetCurrentThreadId
GetVersion
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
GetThreadLocale
GetProfileStringA
SetCurrentDirectoryA
RemoveDirectoryA
CreateDirectoryA
GetExitCodeProcess
CreateProcessA
HeapFree
HeapAlloc
GetLocalTime
GetSystemTime
GetTimeZoneInformation
TerminateProcess
GetFileType
RtlUnwind
GetCurrentDirectoryA
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
SizeofResource
GlobalFlags
GetTickCount
GlobalAlloc
GetCurrentThread
FindNextFileA
lstrcmpA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
SetLastError
GetCurrentProcess
DuplicateHandle
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
GetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
FormatMessageA
LocalFree
lstrcpynA
MulDiv

user32

GetNextDlgGroupItem
PostThreadMessageA
GetSysColorBrush
GetClassNameA
RegisterClipboardFormatA
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
FindWindowA
CharUpperA
GetMessageA
ValidateRect
GetDesktopWindow
LoadStringA
GetCursorPos
EndPaint
BeginPaint
GetWindowDC
wvsprintfA
CharNextA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
SendDlgItemMessageA
MapWindowPoints
GetFocus
SetFocus
AdjustWindowRectEx
IsWindowVisible
ScrollWindow
GetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
GetCapture
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
IntersectRect
SystemParametersInfoA
GetWindowPlacement
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GrayStringA
DrawTextA
TabbedTextOutA
SetRect
SetForegroundWindow
LoadIconA
SetScrollInfo
IsIconic
GetSystemMenu
DrawIcon
AppendMenuA
ScreenToClient
GetDlgCtrlID
LoadBitmapA
DrawFrameControl
GetSystemMetrics
KillTimer
SetTimer
UpdateWindow
SetCapture
PtInRect
MessageBeep
LoadCursorA
CopyIcon
IsWindow
ReleaseCapture
RedrawWindow
IsDialogMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
GetWindowLongA
WindowFromPoint
GetParent
GetNextDlgTabItem
GetActiveWindow
InvalidateRect
ClientToScreen
GetClientRect
GetWindowRect
DrawFocusRect
DrawStateA
FrameRect
OffsetRect
InflateRect
CopyRect
LoadMenuA
LoadImageA
GetIconInfo
CreateIconIndirect
GetDC
ReleaseDC
GetSysColor
FillRect
GetSubMenu
CallNextHookEx
CopyAcceleratorTableA
SendMessageA
TrackPopupMenuEx
PostMessageA
SetCursor
DestroyIcon
DestroyCursor
DestroyMenu
EnableWindow
WinHelpA

gdi32

Escape
GetClipBox
GetTextColor
GetDeviceCaps
SaveDC
RestoreDC
SetBkMode
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
MoveToEx
LineTo
ExtTextOutA
GetViewportExtEx
GetWindowExtEx
PatBlt
CreateDIBitmap
GetTextExtentPointA
TextOutA
RoundRect
RectVisible
PtVisible
LPtoDP
DPtoLP
GetMapMode
GetBkColor
CreateFontA
Rectangle
CreatePen
CreateSolidBrush
GetTextExtentPoint32A
CreateFontIndirectA
GetObjectA
GetPixel
SetPixel
CreateCompatibleBitmap
CreateBitmap
CreateCompatibleDC
SelectObject
SetBkColor
BitBlt
SetTextColor
DeleteDC
DeleteObject
GetStockObject

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegQueryValueA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA
ShellExecuteExA

comctl32

_TrackMouseEvent
ImageList_Create
ImageList_ReplaceIcon
ord17
ImageList_Destroy

oledlg

ord8

ole32

CoDisconnectObject
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemAlloc
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
CoTaskMemFree
CoCreateInstance
OleRun
CoInitialize
OleIsCurrentClipboard
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
StringFromCLSID

olepro32

ord253

oleaut32

SafeArrayAccessData
LoadTypeLi
SysStringLen
VariantTimeToSystemTime
SafeArrayCreateVector
SysAllocStringLen
SysAllocStringByteLen
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
VariantClear
SysFreeString
SysAllocString
GetActiveObject
VariantCopy
VariantChangeType
SafeArrayUnaccessData
GetErrorInfo
VariantInit

urlmon

URLDownloadToCacheFileA

wininet

InternetReadFile
InternetSetStatusCallback
InternetGetLastResponseInfoA
HttpQueryInfoA
HttpSendRequestExA
HttpEndRequestA
HttpSendRequestA
HttpAddRequestHeadersA
InternetErrorDlg
HttpOpenRequestA
InternetConnectA
InternetQueryDataAvailable
InternetSetOptionExA
InternetWriteFile
InternetSetFilePointer
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA

Sections

.text
Size: 588KB - Virtual size: 587KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 856KB - Virtual size: 854KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da9790083755ae50bef879d37c01260f

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

wininet

Sections

.text Size: 588KB - Virtual size: 587KB

.rdata Size: 104KB - Virtual size: 101KB

.data Size: 60KB - Virtual size: 76KB

.rsrc Size: 856KB - Virtual size: 854KB

.text
Size: 588KB - Virtual size: 587KB

.rdata
Size: 104KB - Virtual size: 101KB

.data
Size: 60KB - Virtual size: 76KB

.rsrc
Size: 856KB - Virtual size: 854KB