39723c73874a50ad36716ffd7f24f0b438a09a4e19e3192fbd9e3c608d5fa4fe

Sharing

Copy URL

Twitter E-mail

General

Target

39723c73874a50ad36716ffd7f24f0b438a09a4e19e3192fbd9e3c608d5fa4fe
Size

2.8MB
MD5

78df0bced818946572b183cb901e1a20
SHA1

6a5d3ae6a7a0d6d615566ad0161534ec029f29ce
SHA256

39723c73874a50ad36716ffd7f24f0b438a09a4e19e3192fbd9e3c608d5fa4fe
SHA512

c3f2a7880875398f4d8153403de8e3bf2b73e460bac7ea7d6759b0f5541c0fdf82c2419fc4ae2f0c726da4cee9f3c26c047fc46bda6fa133588d29c31c33a8f6
SSDEEP

49152:+0tT8S6vv1aPn/OtD0Xi7Xf5VvZk05MkKUHx4/OKiUiBCr:+0tQNuKDYi7PXx7RxKLiEr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39723c73874a50ad36716ffd7f24f0b438a09a4e19e3192fbd9e3c608d5fa4fe

Files

39723c73874a50ad36716ffd7f24f0b438a09a4e19e3192fbd9e3c608d5fa4fe
.exe windows:4 windows x86 arch:x86

a1e174e3b7722271fc99bcb9b78a287b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

kcommoninstall.pdb

Imports

imm32

ImmDisableIME

kernel32

WaitForMultipleObjects
VirtualFree
VirtualAlloc
SetEvent
ReleaseSemaphore
ResetEvent
CreateSemaphoreW
CreateEventW
lstrcpyW
lstrcatW
GetWindowsDirectoryW
SetFileAttributesW
GetPrivateProfileIntW
GetPrivateProfileStringW
CreateFileA
lstrcmpiW
RaiseException
InterlockedIncrement
GetStdHandle
LoadLibraryExW
GetDiskFreeSpaceExW
GlobalFree
GetCommandLineW
GlobalUnlock
GlobalLock
GlobalAlloc
FlushInstructionCache
FreeResource
MapViewOfFileEx
InterlockedExchange
OutputDebugStringW
GetDriveTypeW
CreateProcessW
GetExitCodeProcess
lstrcmpW
CreateThread
GetComputerNameA
SetEndOfFile
ReadFile
WideCharToMultiByte
FindFirstFileA
InterlockedDecrement
GetUserDefaultLangID
FindResourceExW
WriteFile
FindResourceW
SizeofResource
lstrlenA
GetFileAttributesW
DeviceIoControl
GlobalMemoryStatusEx
FormatMessageA
ExpandEnvironmentStringsA
SleepEx
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetFullPathNameA
GetDriveTypeA
GetCurrentDirectoryA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoW
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
LCMapStringA
RtlUnwind
IsValidCodePage
GetOEMCP
GetCPInfo
GetStartupInfoA
SetHandleCount
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
HeapCreate
GetStartupInfoW
VirtualQuery
VirtualProtect
ExitThread
ExitProcess
GetModuleHandleA
GetFileType
SetStdHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
LoadLibraryA
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
MultiByteToWideChar
lstrlenW
CreateFileW
LockResource
FileTimeToLocalFileTime
GetLocalTime
ReleaseMutex
SetFilePointer
CreateMutexW
GetCurrentThreadId
GetFileSizeEx
WaitForSingleObject
GetCurrentProcessId
GetSystemTimeAsFileTime
FileTimeToSystemTime
FlushFileBuffers
SetLastError
SetCurrentDirectoryW
UnmapViewOfFile
GetCurrentDirectoryW
MapViewOfFile
CreateFileMappingW
GetTempFileNameW
GetTickCount
GetVolumeInformationW
CopyFileW
MoveFileExW
MoveFileW
InterlockedCompareExchange
GetSystemInfo
Sleep
LocalFree
LocalAlloc
GetTempPathW
GetVersionExW
GetSystemDirectoryW
TerminateProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
ExpandEnvironmentStringsW
DeleteCriticalSection
LeaveCriticalSection
GetCurrentProcess
EnterCriticalSection
FreeLibrary
OpenProcess
InitializeCriticalSection
GetProcAddress
LoadLibraryW
QueryDosDeviceW
GetLogicalDriveStringsW
GetModuleHandleW
RemoveDirectoryW
FindClose
FindNextFileW
DeleteFileW
FindFirstFileW
GetModuleFileNameW
GetLastError
CloseHandle
CreateDirectoryW
LoadResource
GetFileSize

user32

CharLowerW
GetMonitorInfoW
DestroyWindow
DefWindowProcW
CharNextW
IsWindow
EnumDisplayDevicesA
EnumDisplaySettingsW
EnumDisplayDevicesW
GetSystemMetrics
UnregisterClassA
GetMessageW
EqualRect
GetDlgCtrlID
TranslateMessage
LoadIconW
DispatchMessageW
CopyRect
SetRectEmpty
SetWindowTextW
SetCapture
ScreenToClient
GetDC
SendMessageW
ReleaseCapture
ReleaseDC
PtInRect
InvalidateRect
GetCursorPos
GetDlgItem
KillTimer
MoveWindow
ShowWindow
InflateRect
SetForegroundWindow
FindWindowW
GetWindowTextLengthW
GetParent
IsWindowVisible
GetActiveWindow
SetWindowLongW
IntersectRect
GetWindow
OffsetRect
IsWindowEnabled
GetWindowRect
PostMessageW
EnableWindow
GetWindowLongW
DrawIconEx
GetClientRect
CallWindowProcW
GetWindowThreadProcessId
MapWindowPoints
RegisterClassExW
GetForegroundWindow
GetFocus
IsChild
SystemParametersInfoW
SetCursor
SetWindowPos
SetFocus
LoadCursorW
IsDialogMessageW
UpdateLayeredWindow
AttachThreadInput
ClientToScreen
GetScrollPos
IsRectEmpty
DrawTextW
WindowFromPoint
BeginPaint
SetActiveWindow
DestroyIcon
CreateWindowExW
EndPaint
GetNextDlgTabItem
LoadImageW
RegisterWindowMessageW
GetKeyState
SetRect
GetWindowTextW
GetClassInfoExW
LoadBitmapW
PostThreadMessageW
MonitorFromWindow
PeekMessageW
CharUpperW
GetDesktopWindow
SetTimer
LoadStringW

gdi32

GetClipRgn
ExtSelectClipRgn
Rectangle
CreateRectRgn
MoveToEx
GetTextColor
GetViewportOrgEx
LineTo
RectInRegion
ExtTextOutW
SetBkColor
CreateDIBSection
SaveDC
CreateCompatibleDC
SelectClipRgn
GetStockObject
SetBkMode
CombineRgn
CreateRectRgnIndirect
DeleteObject
SetTextColor
DeleteDC
GetTextExtentPoint32W
GetTextMetricsW
SetViewportOrgEx
GetCurrentObject
SelectObject
CreateFontIndirectW
BitBlt
CreateCompatibleBitmap
CreateBitmap
GetObjectW
StretchBlt
CreatePen
TextOutW
RestoreDC
GetDeviceCaps
SetStretchBltMode
OffsetRgn
RoundRect
CreateRoundRectRgn

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyW
OpenProcessToken
LookupPrivilegeValueW
ControlService
StartServiceW
QueryServiceStatus
DeleteService
ChangeServiceConfig2W
ChangeServiceConfigW
OpenServiceW
CloseServiceHandle
CreateServiceW
OpenSCManagerW
RegEnumValueW
GetNamedSecurityInfoW
CreateProcessAsUserW
SetNamedSecurityInfoW
SetEntriesInAclW
BuildExplicitAccessWithNameW
DeleteAce
GetAce
RegQueryInfoKeyW
RegDeleteKeyW
RegEnumKeyExW
RegDeleteValueW
SetTokenInformation
DuplicateTokenEx
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
RegSetValueExW
AdjustTokenPrivileges

shell32

SHGetSpecialFolderPathW
SHFileOperationW
ShellExecuteW
SHGetSpecialFolderLocation
SHGetMalloc
SHGetFolderPathW
SHGetPathFromIDListW
SHBrowseForFolderW

ole32

CoSetProxyBlanket
CoUninitialize
CoInitialize
CoCreateGuid
CreateStreamOnHGlobal
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoInitializeEx
CoInitializeSecurity
CoCreateInstance

oleaut32

VariantInit
SafeArrayUnlock
SafeArrayLock
VarUI4FromStr
SysStringLen
VariantCopy
SysAllocString
SysFreeString
VariantClear

shlwapi

PathFileExistsW
PathRemoveFileSpecW
PathAppendW
PathFindFileNameW
PathAddBackslashW
StrToIntW
StrToIntA
PathRemoveExtensionW

comctl32

_TrackMouseEvent
InitCommonControlsEx

msimg32

AlphaBlend

gdiplus

GdipSetPenStartCap
GdipGetImageWidth
GdipSetPenEndCap
GdipGetImageHeight
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetTextRenderingHint
GdipCreatePen1
GdipSetInterpolationMode
GdipDeleteFont
GdipCreateLineBrushFromRectWithAngleI
GdipSetImageAttributesColorMatrix
GdipTranslateWorldTransform
GdipCreateBitmapFromScan0
GdipAddPathPieI
GdipDrawLinesI
GdipRotateWorldTransform
GdipGetImagePixelFormat
GdipFillRectangleI
GdipLoadImageFromFile
GdipResetWorldTransform
GdipDrawString
GdipSetClipPath
GdipGetImageGraphicsContext
GdipSetCompositingQuality
GdipSetPixelOffsetMode
GdipGraphicsClear
GdipCloneImage
GdipGetFamily
GdipSetPenDashStyle
GdipDrawImageRectI
GdipDrawPath
GdipCreateStringFormat
GdipClosePathFigure
GdipNewPrivateFontCollection
GdipCloneBitmapArea
GdipDrawImagePointsRectI
GdipDisposeImage
GdipAddPathArcI
GdipDeletePrivateFontCollection
GdipAddPathStringI
GdipDeletePath
GdipSetStringFormatAlign
GdipCreateSolidFill
GdipGetFontSize
GdipPrivateAddFontFile
GdipDrawImageRectRectI
GdipCreateFont
GdipCreatePath
GdiplusShutdown
GdipLoadImageFromStream
GdipDeleteGraphics
GdipFillPath
GdipGetFontCollectionFamilyCount
GdipMeasureString
GdipDrawRectangleI
GdipCreateFromHDC
GdipImageRotateFlip
GdipDrawImageI
GdipAlloc
GdipCloneBrush
GdipCreateFontFromLogfontW
GdipAddPathRectangleI
GdipGetFontCollectionFamilyList
GdipCreateBitmapFromStream
GdipSetStringFormatLineAlign
GdipDeleteBrush
GdiplusStartup
GdipCloneFontFamily
GdipFillRectangle
GdipDrawLine
GdipDrawImageRectRect
GdipSetStringFormatFlags
GdipSetSmoothingMode
GdipSetStringFormatTrimming
GdipCreateHBITMAPFromBitmap
GdipSetPenMode
GdipFree
GdipDeleteFontFamily
GdipDeleteStringFormat
GdipDeletePen

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wtsapi32

WTSFreeMemory
WTSEnumerateSessionsW

psapi

GetProcessImageFileNameW
GetModuleFileNameExW

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 1024KB - Virtual size: 1021KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1e174e3b7722271fc99bcb9b78a287b

Headers

File Characteristics

PDB Paths

Imports

imm32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

version

wtsapi32

psapi

iphlpapi

Sections

.text Size: 1024KB - Virtual size: 1021KB

.rdata Size: 176KB - Virtual size: 173KB

.data Size: 24KB - Virtual size: 41KB

.rsrc Size: 104KB - Virtual size: 102KB

.text
Size: 1024KB - Virtual size: 1021KB

.rdata
Size: 176KB - Virtual size: 173KB

.data
Size: 24KB - Virtual size: 41KB

.rsrc
Size: 104KB - Virtual size: 102KB