44d56ebd8c1f26d7f9e0c8830c325a44e43b39f00fa62ea1d215a97bc40e9cfb

Sharing

Copy URL Twitter E-mail

General

Target

44d56ebd8c1f26d7f9e0c8830c325a44e43b39f00fa62ea1d215a97bc40e9cfb
Size

3.3MB
MD5

fc31f06739eb7b81dc40e44665e3b4d4
SHA1

b0e945a494f959948fac721f2ea71e137d42661d
SHA256

44d56ebd8c1f26d7f9e0c8830c325a44e43b39f00fa62ea1d215a97bc40e9cfb
SHA512

800a7ceff8399d4f2e7d59f60ab79e7f03bf32703bcf4f2414b23219a09d5259d91e1637839e7b999226fd773f0ae4c1d71fa96182cf4a107eb64ebc80290c3f
SSDEEP

49152:x1wNrZ6dTEhlGWJOU4EBQ02av/HHVZeHt5cEVQZ9r4a2nfpY:x1qFhlT1da02av/HHVwN5cE2Z9rEK

Score

10^/10

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44d56ebd8c1f26d7f9e0c8830c325a44e43b39f00fa62ea1d215a97bc40e9cfb

Files

44d56ebd8c1f26d7f9e0c8830c325a44e43b39f00fa62ea1d215a97bc40e9cfb
.exe windows:4 windows x86 arch:x86

d2b87c911c324369fb3ab2dbd8a3858a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundW

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

comctl32

InitCommonControlsEx

kernel32

SetEndOfFile
SetEnvironmentVariableW
SetErrorMode
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnlockFile
VirtualAlloc
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
QueryPerformanceFrequency
WritePrivateProfileStringW
QueryPerformanceCounter
OutputDebugStringW
OutputDebugStringA
MultiByteToWideChar
RtlUnwind
GetStartupInfoA
GetVersion
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
SetHandleCount
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
InterlockedDecrement
InterlockedIncrement
GetStringTypeA
LCMapStringA
MulDiv
lstrcpyW
lstrcmpW
lstrcmpiW
lstrcmpA
LockResource
LockFile
LocalReAlloc
LocalFree
LocalAlloc
LoadResource
LoadLibraryW
LoadLibraryExW
LCMapStringW
IsValidCodePage
IsProcessorFeaturePresent
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
SearchPathW
GlobalSize
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalGetAtomNameW
GlobalFree
GlobalFlags
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetWindowsDirectoryW
GetVolumeInformationW
GetVersionExW
GetTimeZoneInformation
GetTempPathW
GetTempFileNameW
GetSystemInfo
GetSystemDirectoryW
GetStringTypeW
GetStdHandle
GetStartupInfoW
GetProfileIntW
GetProcessHeap
GetProcAddress
GetPrivateProfileStringW
GetPrivateProfileIntW
GetOEMCP
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetLocaleInfoW
GetLastError
GetFullPathNameW
GetFileType
GetFileTime
GetFileAttributesW
GetFileAttributesExW
GetEnvironmentStringsW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetCPInfo
GetConsoleOutputCP
GetConsoleMode
GetCommandLineW
GetACP
FreeLibraryAndExitThread
FreeEnvironmentStringsW
FormatMessageW
FlushFileBuffers
FindResourceW
FindResourceExW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitProcess
DuplicateHandle
DeleteFileW
DeleteCriticalSection
CreateThread
CreateFileW
CopyFileW
CompareStringW
CloseHandle
GetSystemTimeAsFileTime
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
ResumeThread
ReadFile
GlobalUnlock
RaiseException
WriteFile

user32

PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropW
ScreenToClient
ScrollWindow
SendDlgItemMessageA
SendMessageW
SetActiveWindow
SetCapture
SetClassLongW
SetClipboardData
SetCursorPos
SetFocus
SetForegroundWindow
SetMenu
SetMenuDefaultItem
SetMenuItemBitmaps
SetMenuItemInfoW
SetParent
SetPropW
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowsHookExW
SetWindowTextW
ShowOwnedPopups
ShowScrollBar
ShowWindow
SubtractRect
SystemParametersInfoW
TabbedTextOutW
ToUnicodeEx
TrackPopupMenu
TranslateAcceleratorW
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassW
UpdateWindow
ValidateRect
WaitMessage
WindowFromPoint
WinHelpW
OpenClipboard
OffsetRect
MoveWindow
ModifyMenuW
MessageBoxW
MessageBeep
MapWindowPoints
MapVirtualKeyW
MapVirtualKeyExW
MapDialogRect
LockWindowUpdate
LoadMenuW
LoadImageW
LoadIconW
LoadCursorW
LoadBitmapW
LoadAcceleratorsW
KillTimer
IsZoomed
IsWindowVisible
IsWindowEnabled
IsRectEmpty
IsMenu
IsIconic
IsDialogMessageW
IsClipboardFormatAvailable
IsChild
IsCharLowerW
InvertRect
InvalidateRect
IntersectRect
InsertMenuW
InsertMenuItemW
InflateRect
HideCaret
GrayStringW
GetWindowThreadProcessId
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetUpdateRect
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropW
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetMessageW
GetMessageTime
GetMessagePos
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
ReuseDDElParam
UnpackDDElParam
GetMenuDefaultItem
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyState
GetKeyNameTextW
GetKeyboardState
GetKeyboardLayout
GetIconInfo
GetForegroundWindow
GetFocus
GetDoubleClickTime
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetClassInfoExW
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FillRect
EqualRect
EndPaint
EndDialog
EndDeferWindowPos
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextW
DrawTextExW
DrawStateW
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DestroyAcceleratorTable
DeleteMenu
DefWindowProcW
DefMDIChildProcW
DefFrameProcW
CreateWindowExW
CreatePopupMenu
CreateMenu
CreateDialogIndirectParamW
CreateAcceleratorTableW
CopyRect
CopyImage
CopyIcon
CopyAcceleratorTableW
CloseClipboard
ClientToScreen
CheckMenuItem
CheckDlgButton
CharUpperW
CharUpperBuffW
CallWindowProcW
CallNextHookEx
BringWindowToTop
BeginPaint
BeginDeferWindowPos
AppendMenuW
AdjustWindowRectEx
GetWindowRgn

gdi32

EnumFontFamiliesW
Escape
ExcludeClipRect
ExtFloodFill
ExtSelectClipRgn
FillRgn
FrameRgn
GetBkColor
GetBoundsRect
GetClipBox
GetDeviceCaps
GetNearestPaletteIndex
GetObjectType
CreateFontIndirectW
GetObjectW
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextCharsetInfo
GetTextColor
GetTextExtentPoint32W
GetTextFaceW
GetTextMetricsW
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
IntersectClipRect
LineTo
LPtoDP
MoveToEx
DPtoLP
OffsetViewportOrgEx
OffsetWindowOrgEx
EnumFontFamiliesExW
Polyline
PtInRegion
PtVisible
RealizePalette
Rectangle
RectVisible
RestoreDC
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetDIBColorTable
SetMapMode
SetPaletteEntries
SetPixel
SetPixelV
SetPolyFillMode
SetRectRgn
SetROP2
SetTextAlign
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StretchBlt
TextOutW
DeleteObject
DeleteDC
CreateSolidBrush
CreateRoundRectRgn
CreateRectRgnIndirect
PatBlt
Ellipse
CreateRectRgn
CreatePolygonRgn
CreatePen
CreatePatternBrush
CreatePalette
OffsetRgn
BitBlt
CreateEllipticRgn
CreateDIBSection
CreateDIBitmap
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
CopyMetaFileW
CombineRgn
CreateHatchBrush

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

SetTokenInformation
RegSetValueExW
RegQueryValueW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
OpenProcessToken

shell32

DragFinish
DragQueryFileW
ShellExecuteW
CommandLineToArgvW

ole32

OleLockRunning
OleGetClipboard
OleDuplicateData
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CreateStreamOnHGlobal
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoLockObjectExternal
CoDisconnectObject
CoCreateInstance
CoCreateGuid
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
CoInitialize
DoDragDrop

shlwapi

PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW

ws2_32

WSAStartup

Sections

.text
Size: 764KB - Virtual size: 762KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.key5
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d2b87c911c324369fb3ab2dbd8a3858a

Headers

File Characteristics

Imports

winmm

imm32

comctl32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

shlwapi

ws2_32

Sections

.text Size: 764KB - Virtual size: 762KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 12KB - Virtual size: 20KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.key5 Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 764KB - Virtual size: 762KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 12KB - Virtual size: 20KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.key5
Size: 1.2MB - Virtual size: 1.2MB