d7049c33ab8dc4d550c0dfb06a81ad6840eec0a64609330976c578e209ac6db1

Sharing

Copy URL Twitter E-mail

General

Target

d7049c33ab8dc4d550c0dfb06a81ad6840eec0a64609330976c578e209ac6db1
Size

568KB
MD5

bfedaec8425e3ee5bfa74337fb07b660
SHA1

cc22b7e5f0e3f60cc8122f41ec108c8c26be780f
SHA256

d7049c33ab8dc4d550c0dfb06a81ad6840eec0a64609330976c578e209ac6db1
SHA512

1becda10a2f72f51dbb2878619b3a7db6913850641ed17493fee66a0faec9a42ee24a3c5f120d0ceca26243e048ddb4eef0895e8534d1239735c1c9acf162288
SSDEEP

12288:yGSYZxB7I02La97rPXoSA8+fAyk9bhS+7Q:l7I0caNXy9jGoh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7049c33ab8dc4d550c0dfb06a81ad6840eec0a64609330976c578e209ac6db1

Files

d7049c33ab8dc4d550c0dfb06a81ad6840eec0a64609330976c578e209ac6db1
.exe windows:4 windows x86 arch:x86

05574f64ebe0c2cbaffc6317182efd25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineA
ExitProcess
GetLocalTime
HeapAlloc
HeapFree
RaiseException
TerminateProcess
GetACP
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
GetSystemTime
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
SetEndOfFile
FindClose
CreateFileA
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
GetTimeZoneInformation
SetEnvironmentVariableA
GetTickCount
GetOEMCP
SetErrorMode
TlsGetValue
GetCPInfo
GetProcessVersion
GlobalReAlloc
LocalReAlloc
TlsSetValue
TlsAlloc
TlsFree
GlobalHandle
GlobalFlags
LocalAlloc
SizeofResource
LocalFileTimeToFileTime
SystemTimeToFileTime
GetThreadLocale
GetFileSize
GetShortPathNameA
FindFirstFileA
GetStringTypeExA
GetVolumeInformationA
GetEnvironmentVariableA
MoveFileA
FindResourceA
LoadResource
GetTempPathA
DeleteFileA
GetComputerNameA
GetLastError
lstrlenA
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
FlushFileBuffers
UnlockFile
LockFile
ReadFile
SetFilePointer
WriteFile
LCMapStringW
GetCurrentProcess
DuplicateHandle
GetProfileStringA
MulDiv
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageA
LocalFree
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFullPathNameA
GetTempFileNameA
GetFileAttributesA
WritePrivateProfileStringA
GetPrivateProfileIntA
lstrcpynA
SetLastError
WaitForSingleObject
CloseHandle
GlobalAlloc
GetCurrentThread
lstrcmpA
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
LockResource
GetStringTypeA
GetStringTypeW
GetVersionExA
CompareStringW
GetModuleFileNameA

user32

DestroyIcon
CharNextA
SetWindowContextHelpId
MapDialogRect
InflateRect
GetDCEx
LockWindowUpdate
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
SetParent
RegisterClipboardFormatA
PostThreadMessageA
KillTimer
SetTimer
UnionRect
PtInRect
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
LoadMenuA
DestroyMenu
GetDesktopWindow
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
IsRectEmpty
FindWindowA
InvalidateRect
LoadStringA
GetMessageA
TranslateMessage
GetCursorPos
ShowOwnedPopups
PostQuitMessage
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
LoadIconA
PostMessageA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
GetFocus
SetFocus
AdjustWindowRectEx
WindowFromPoint
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetNextDlgTabItem
GetSysColorBrush
CharUpperA
SetRect
ScreenToClient
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetSystemMetrics
DrawMenuBar
GetMenuItemID
GetMenu
GetMenuItemCount
GetSubMenu
RemoveMenu
SetCursor
ReleaseCapture
SetCapture
GetParent
LoadCursorA
GetSysColor
GetClientRect
GetKeyState
CallWindowProcA
EnumChildWindows
GetClassNameA
GetWindowLongA
SetWindowLongA
SendMessageA
UpdateWindow
EnableWindow
DispatchMessageA
ValidateRect
IsWindowUnicode
HideCaret
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
UnregisterClassA

gdi32

DeleteObject
CreateRectRgn
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
StretchDIBits
CreateCompatibleBitmap
GetCharWidthA
CreateFontA
GetTextMetricsA
GetTextColor
GetBkColor
GetMapMode
PatBlt
SetRectRgn
CombineRgn
CreateRectRgnIndirect
GetTextExtentPointA
IntersectClipRect
SelectClipRgn
ScaleWindowExtEx
ExcludeClipRect
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
SetViewportOrgEx
SetMapMode
OffsetViewportOrgEx
SelectPalette
GetStockObject
SetBkMode
RestoreDC
SaveDC
SelectObject
DeleteDC
DPtoLP
CreateBitmap
SetBkColor
LPtoDP
GetClipBox
SetTextColor
BitBlt
CreatePalette
CreateCompatibleDC
CreateDIBitmap
GetObjectA
RealizePalette
CreateFontIndirectA

comdlg32

GetFileTitleA
PrintDlgA
GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegQueryValueA
RegCloseKey
RegOpenKeyA
RegCreateKeyExA
RegOpenKeyExA
GetFileSecurityA
RegSetValueExA
SetFileSecurityA
RegCreateKeyA
RegSetValueA

shell32

ExtractIconA
SHGetFileInfoA
DragQueryFileA
DragFinish
ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

CoTaskMemAlloc
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoTaskMemFree
CLSIDFromProgID
CoInitialize
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRevokeClassObject
CoUninitialize
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString

olepro32

ord253

oleaut32

SysStringLen
VariantTimeToSystemTime
SafeArrayGetDim
VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SysAllocStringLen
SysFreeString
VariantInit
VariantClear

urlmon

CoInternetGetSession
ReleaseBindInfo
CoInternetParseUrl

wininet

InternetCanonicalizeUrlA

Sections

.text
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05574f64ebe0c2cbaffc6317182efd25

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

wininet

Sections

.text Size: 244KB - Virtual size: 240KB

.rdata Size: 60KB - Virtual size: 58KB

.data Size: 24KB - Virtual size: 40KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 244KB - Virtual size: 240KB

.rdata
Size: 60KB - Virtual size: 58KB

.data
Size: 24KB - Virtual size: 40KB

.rsrc
Size: 24KB - Virtual size: 23KB