dd99df6ca43a1d7e1004b37b0816d6b13c3390e3ebf5f3e65004a1d54d12593a

Sharing

Copy URL

Twitter E-mail

General

Target

dd99df6ca43a1d7e1004b37b0816d6b13c3390e3ebf5f3e65004a1d54d12593a
Size

2.3MB
MD5

f122ee8eece052c632bb5d3f8b77dd57
SHA1

021b713f068ead3b2177c9c36e250f71ec3ee018
SHA256

dd99df6ca43a1d7e1004b37b0816d6b13c3390e3ebf5f3e65004a1d54d12593a
SHA512

3b345d609a348dee1330f41f7e4caa963530ecec6eceb80cb3e9283c1133997bcef6218a64a034eed050a4e18e6bb5441908e7fa934e6136211256fcf52c4e50
SSDEEP

49152:MxdKjS1/5hTOtvqRSV0DvkgIfMTy69ffZU/l4YBa5k6:MxAS1xh61qRSyDvFIyy69ffZU/lVg5n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd99df6ca43a1d7e1004b37b0816d6b13c3390e3ebf5f3e65004a1d54d12593a

Files

dd99df6ca43a1d7e1004b37b0816d6b13c3390e3ebf5f3e65004a1d54d12593a
.exe windows:6 windows x86 arch:x86

71d00e4e86f3a0f4b9584f6355ba866e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeSListHead
CreateFileW
WriteConsoleW
GetCurrentDirectoryW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindFirstFileExA
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetDriveTypeW
UnhandledExceptionFilter
GetTimeZoneInformation
GetStringTypeW
LCMapStringW
GetStdHandle
ExitProcess
HeapQueryInformation
GetFileType
SetStdHandle
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
GetCommandLineW
GetCommandLineA
VirtualQuery
VirtualAlloc
GetSystemInfo
RtlUnwind
OutputDebugStringW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SearchPathA
GetWindowsDirectoryA
FindResourceExW
GetTempFileNameA
GetTempPathA
SetErrorMode
GetACP
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
LocalReAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
VirtualProtect
SetEvent
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
FindNextFileA
LocalAlloc
lstrcpyA
InitializeCriticalSectionAndSpinCount
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
GetVolumeInformationA
lstrcmpiA
GetShortPathNameA
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
lstrcmpA
GetProfileIntA
GetCurrentProcessId
FileTimeToSystemTime
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
LoadLibraryW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
OutputDebugStringA
SetLastError
GlobalSize
GetProcessHeap
DecodePointer
HeapAlloc
HeapReAlloc
HeapSize
HeapFree
InitializeCriticalSectionEx
TerminateProcess
GlobalReAlloc
IsBadReadPtr
DeviceIoControl
ResumeThread
CreateThread
GetCurrentThread
SetThreadPriority
UnmapViewOfFile
ReleaseMutex
MapViewOfFile
OpenMutexA
OpenFileMappingA
CreateMutexA
CreateFileMappingA
GetOverlappedResult
ClearCommError
SetCommState
GetCommState
EscapeCommFunction
SetCommTimeouts
PurgeComm
SetupComm
SetCommMask
CreateEventA
IsBadStringPtrA
GetCurrentDirectoryA
GetComputerNameA
IsWow64Process
RemoveDirectoryA
SetFileAttributesA
SetThreadLocale
GetThreadLocale
GetSystemDefaultLangID
FreeResource
FindResourceA
GetVersionExA
GetCurrentProcess
MulDiv
DeleteFileA
DebugBreak
CopyFileA
CreateDirectoryA
LocalFree
FormatMessageA
GetTickCount64
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForSingleObject
ReadFile
GetFileSize
CloseHandle
WriteFile
CreateFileA
GetLastError
GetFileAttributesA
GetModuleFileNameA
GetTickCount
lstrlenA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
Sleep
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcpynA
FreeLibrary
GetProcAddress
LoadLibraryA
VerifyVersionInfoA
VerSetConditionMask
MultiByteToWideChar
RaiseException
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetFileAttributesExW

user32

WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
MapWindowPoints
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
EndPaint
BeginPaint
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
DefWindowProcA
GetMessageTime
RegisterWindowMessageA
MapVirtualKeyA
GetKeyNameTextA
IsDialogMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
IsWindowEnabled
SetFocus
SendDlgItemMessageA
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
GetMonitorInfoA
MoveWindow
ShowWindow
RemoveMenu
GetMenuState
GetMenuStringA
UnregisterClassA
CallWindowProcA
ReplyMessage
SetForegroundWindow
CheckMenuRadioItem
InsertMenuA
DrawIcon
IsIconic
GetSystemMenu
LoadAcceleratorsA
TranslateAcceleratorA
LoadIconW
GetDlgCtrlID
SetActiveWindow
GetCursorPos
BringWindowToTop
LoadMenuA
InsertMenuItemA
UnpackDDElParam
SendMessageA
GetClientRect
GetSystemMetrics
ShowScrollBar
GetSysColorBrush
wsprintfA
IsClipboardFormatAvailable
AdjustWindowRect
DestroyWindow
CreateDialogIndirectParamA
SetTimer
KillTimer
SystemParametersInfoA
LoadCursorA
DestroyIcon
GetWindowThreadProcessId
IsWindowVisible
MessageBeep
SetRect
LoadMenuW
DispatchMessageA
PeekMessageA
EnableMenuItem
GetSubMenu
CheckMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
LoadBitmapW
DrawTextExA
GrayStringA
TabbedTextOutA
GetWindowDC
ClientToScreen
WindowFromPoint
DestroyMenu
GetMenuItemInfoA
EndDialog
GetNextDlgTabItem
CharUpperA
DeleteMenu
GetMenuItemID
IsRectEmpty
IntersectRect
SetWindowLongA
GetWindowTextW
IsWindow
SetLayeredWindowAttributes
SetRectEmpty
LoadCursorW
EnumDisplayMonitors
GetMessageA
TranslateMessage
GetAsyncKeyState
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
MapDialogRect
PostQuitMessage
ShowOwnedPopups
RealChildWindowFromPoint
SetDlgItemInt
InvalidateRect
UpdateWindow
EnableWindow
GetParent
GetWindow
GetFocus
PostMessageA
GetDC
ReleaseDC
OffsetRect
InflateRect
PtInRect
FillRect
GetWindowRect
GetDesktopWindow
GetSysColor
GetKeyState
GetMessagePos
ScreenToClient
AppendMenuA
CreatePopupMenu
GetMenuItemCount
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
DrawTextA
EqualRect
CopyRect
DrawFocusRect
DestroyCursor
LoadImageA
RedrawWindow
GetIconInfo
GetActiveWindow
GetCapture
SetCapture
ReleaseCapture
FrameRect
DrawStateA
GetWindowLongA
SetCursor
GetDlgItem
SetWindowPos
LoadStringW
MessageBoxA
ReuseDDElParam
DrawEdge
DrawFrameControl
SetWindowRgn
DrawIconEx
GetKeyboardLayout
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
MonitorFromWindow
CopyAcceleratorTableA
TrackMouseEvent
IsZoomed
SetCursorPos
SetParent
LockWindowUpdate
SetClassLongA
LoadImageW
UpdateLayeredWindow
UnionRect
MonitorFromPoint
GetComboBoxInfo
GetMenuDefaultItem
GetDoubleClickTime
GetWindowRgn
GetNextDlgGroupItem
CreateMenu
PostThreadMessageA
WaitMessage
SubtractRect
GetUpdateRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
CharUpperBuffA
RegisterClipboardFormatA
MapVirtualKeyExA
IsCharLowerA
ModifyMenuA
SetMenuDefaultItem
CopyIcon
CopyImage

gdi32

ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
Escape
SetRectRgn
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
CreateDIBSection
CreatePalette
GetPaletteEntries
Rectangle
RealizePalette
EnumFontFamiliesExA
SetPixel
StretchBlt
SetDIBColorTable
GetRgnBox
OffsetRgn
RoundRect
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceA
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
BitBlt
CreateBitmap
SetTextColor
SetBkColor
CreateDCA
CopyMetaFileA
DeleteDC
GetBkColor
GetTextColor
DPtoLP
GetDeviceCaps
GetTextMetricsA
SelectObject
PatBlt
CreateRectRgnIndirect
GetStockObject
DeleteObject
CreateFontIndirectA
CreateCompatibleBitmap
CreateCompatibleDC
GetObjectA
GetCurrentObject
GetTextExtentPoint32A

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumKeyA
AdjustTokenPrivileges
OpenProcessToken
RegDeleteKeyA
RegSetValueA
RegEnumKeyExA
RegQueryValueA
LookupPrivilegeValueA
RegEnumValueA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHFileOperationA
DragAcceptFiles
DragQueryFileA
DragFinish
SHGetFileInfoA
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHAppBarMessage
ShellExecuteA

comctl32

ImageList_GetImageInfo
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_Draw
ImageList_AddMasked
ImageList_GetImageCount
_TrackMouseEvent

shlwapi

PathFindFileNameA
PathRemoveExtensionA
PathFileExistsA
PathIsRootA
PathRemoveBackslashA
PathRemoveFileSpecA
PathIsDirectoryA
PathAddBackslashA
PathIsUNCA
PathStripToRootA
PathRemoveFileSpecW
StrFormatKBSizeA
PathFindExtensionA

uxtheme

IsAppThemed
GetWindowTheme
GetThemeSysColor
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
DrawThemeText
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent

ole32

OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CreateStreamOnHGlobal
CoDisconnectObject
CoCreateGuid
OleRun
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoInitializeEx
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CoTaskMemFree
StringFromIID
IIDFromString
CoUninitialize
CoInitialize
OleGetClipboard
DoDragDrop

oleaut32

SafeArrayCreate
SafeArrayDestroy
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
SystemTimeToVariantTime
SafeArrayPutElement
VarBstrFromDate
LoadTypeLi
SysStringLen
SysAllocStringLen
VariantChangeType
SysFreeString
VariantClear
SysAllocString
SysAllocStringByteLen
VariantTimeToSystemTime
VariantInit
VariantCopy

iphlpapi

GetAdaptersAddresses

winmm

PlaySoundA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

ws2_32

connect
ioctlsocket
select
getsockopt
send
recv
setsockopt
gethostbyname
htonl
WSAStartup
WSACleanup
ntohl
WSACloseEvent
WSACreateEvent
WSAResetEvent
WSAEventSelect
WSAGetLastError
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
inet_ntoa
htons
inet_addr
closesocket
socket

gdiplus

GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipSetInterpolationMode

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

wininet

HttpQueryInfoA
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetSetFilePointer
InternetOpenA
InternetConnectA
InternetQueryDataAvailable
InternetSetStatusCallback
InternetGetLastResponseInfoA
InternetSetOptionA
InternetWriteFile
InternetReadFile
InternetCloseHandle

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384KB - Virtual size: 383KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71d00e4e86f3a0f4b9584f6355ba866e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

iphlpapi

winmm

version

ws2_32

gdiplus

oleacc

wininet

imm32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 384KB - Virtual size: 383KB

.data Size: 29KB - Virtual size: 54KB

.gfids Size: 105KB - Virtual size: 105KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 74KB - Virtual size: 73KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 384KB - Virtual size: 383KB

.data
Size: 29KB - Virtual size: 54KB

.gfids
Size: 105KB - Virtual size: 105KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 74KB - Virtual size: 73KB