66e6cc1ce56f74582046e1ab9121414bea3c33f99c62cff39c651cda51b325b5

Sharing

Copy URL

Twitter E-mail

General

Target

66e6cc1ce56f74582046e1ab9121414bea3c33f99c62cff39c651cda51b325b5
Size

3.0MB
MD5

4a928462854f9f27bed0a31b3fac545b
SHA1

03f8ec344c06ae9886899058cb17553afd96315d
SHA256

66e6cc1ce56f74582046e1ab9121414bea3c33f99c62cff39c651cda51b325b5
SHA512

3034ee9493efadf61154fc4d1e50aaf3456dfe0c829c3ff31d758bdde8ed7ac7f402276dfdef64b729f6bb3537ccbdf0513bb5b6b9b96c81c9ce44cf7f76c566
SSDEEP

98304:BZ9MwG4bpbcnPlP8X+xPuk+DL6Zx96eyuKp:PHI9P8XSPurSZ/A1p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66e6cc1ce56f74582046e1ab9121414bea3c33f99c62cff39c651cda51b325b5

Files

66e6cc1ce56f74582046e1ab9121414bea3c33f99c62cff39c651cda51b325b5
.exe windows:5 windows x86 arch:x86

c89bd33bc36a56f4b49586521ea7bb13

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod

dbghelp

MiniDumpWriteDump
SymInitialize
SymFromAddr

d3d9

Direct3DCreate9

openal32

alcGetString
alGetString
alGetError
alListenerfv
alcMakeContextCurrent
alcCreateContext
alcOpenDevice
alcDestroyContext
alGenBuffers
alGenSources
alDeleteBuffers
alDeleteSources
alSourcePlay
alSourceQueueBuffers
alBufferData
alSourcePause
alSourceUnqueueBuffers
alGetSourcei
alSourceStop
alGetBufferi
alSourcef
alGetSourcef
alcGetError

kernel32

FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetConsoleMode
GetConsoleCP
WriteFile
VirtualAlloc
VirtualFree
HeapCreate
GetProcessHeap
SetEndOfFile
SetEnvironmentVariableA
TlsFree
CopyFileW
SetCurrentDirectoryW
GetModuleFileNameW
GetModuleHandleW
SetLastError
GetLastError
CreateEventW
GetCommandLineA
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
FreeLibrary
GetProcAddress
LoadLibraryW
GetCurrentDirectoryW
FindClose
FindNextFileW
FindFirstFileW
FindNextFileA
FindFirstFileA
DeleteFileW
MultiByteToWideChar
WideCharToMultiByte
OutputDebugStringW
GetCurrentProcess
MapViewOfFile
CreateFileMappingW
CloseHandle
GetFileSize
CreateFileW
CreateFileA
UnmapViewOfFile
SetThreadExecutionState
GetCurrentThreadId
CreateMutexW
SetUnhandledExceptionFilter
GetLocalTime
GetCurrentThread
GetCurrentProcessId
GetTempPathW
SetEvent
SetThreadPriority
CreateThread
WaitForSingleObject
SwitchToThread
InterlockedDecrement
GetTickCount
GetDateFormatA
GetEnvironmentStringsW
GlobalUnlock
GlobalLock
GlobalAlloc
LocalFree
InitializeCriticalSection
EnterCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InterlockedIncrement
GetSystemInfo
GetVersionExW
GetLocaleInfoA
GetUserDefaultUILanguage
FindResourceW
GetEnvironmentVariableA
GetModuleFileNameA
GetCurrentDirectoryA
GetEnvironmentVariableW
GetFileAttributesW
ResumeThread
GetThreadContext
SuspendThread
ReadProcessMemory
GetVersionExA
OutputDebugStringA
GetFullPathNameA
lstrcmpiA
LoadLibraryA
GetModuleHandleA
CreateFileMappingA
ReleaseSemaphore
CreateSemaphoreW
TlsSetValue
TlsAlloc
TlsGetValue
CompareStringW
CompareStringA
GetTimeFormatA
GetStringTypeW
GetCPInfo
LCMapStringW
LCMapStringA
SetHandleCount
ExitThread
ReadFile
HeapReAlloc
ExitProcess
GetStdHandle
GetFileType
WriteConsoleW
GetFileAttributesA
GetSystemTimeAsFileTime
GetStartupInfoA
HeapAlloc
HeapFree
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
RaiseException
RtlUnwind
InterlockedExchange
InterlockedCompareExchange
IsValidLocale
GetStringTypeA
SetStdHandle
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
GetTimeZoneInformation
SetFilePointer
GetUserDefaultLCID
FileTimeToSystemTime
EnumSystemLocalesA

user32

GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
BringWindowToTop
PeekMessageW
TranslateMessage
GetWindowPlacement
LoadIconW
RegisterClassW
AdjustWindowRect
SystemParametersInfoW
GetWindowRect
SetWindowPos
CreateWindowExW
SetWindowTextW
ShowWindow
UnregisterClassW
EnumDisplaySettingsExW
MessageBoxA
GetCursorPos
PostMessageW
GetAsyncKeyState
GetDC
ReleaseDC
ClipCursor
MessageBoxW
ScreenToClient
ClientToScreen
SetCursorPos
GetClientRect
RegisterWindowMessageW
SetCursor
EndPaint
BeginPaint
DefWindowProcW
SetWindowLongW
LoadCursorW
ReleaseCapture
SetCapture
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
SetClipboardData
EmptyClipboard
DestroyIcon
DrawIconEx
LoadImageW
DispatchMessageW
DestroyWindow

gdi32

StretchBlt
DeleteDC
GetDeviceCaps
SelectObject
SetStretchBltMode
CreateCompatibleDC
CreateDIBSection
DeleteObject

advapi32

SetNamedSecurityInfoW
GetUserNameA
AllocateAndInitializeSid
SetEntriesInAclW
FreeSid

shell32

ShellExecuteW
SHGetFolderPathW
SHCreateDirectoryExW

ole32

CoInitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocString

shlwapi

PathCombineW
PathFileExistsW
PathFindFileNameW
PathAppendW
PathIsRelativeW
PathFindExtensionW
PathRemoveFileSpecW

wtsapi32

WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 334KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c89bd33bc36a56f4b49586521ea7bb13

Headers

DLL Characteristics

File Characteristics

Imports

winmm

dbghelp

d3d9

openal32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

wtsapi32

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 334KB - Virtual size: 334KB

.data Size: 49KB - Virtual size: 346KB

.rodata Size: 2KB - Virtual size: 2KB

.rsrc Size: 224KB - Virtual size: 223KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 334KB - Virtual size: 334KB

.data
Size: 49KB - Virtual size: 346KB

.rodata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 224KB - Virtual size: 223KB