649fd0bc52417c321faa416e40fd86e8e44cc1c33eb98283d748bb6329b69098

Sharing

Copy URL

Twitter E-mail

General

Target

649fd0bc52417c321faa416e40fd86e8e44cc1c33eb98283d748bb6329b69098
Size

415KB
MD5

09eef4673f311aed8f30298af209dc08
SHA1

2a8594e871e6f0de8a3668e9a3ef32deea2e4f3a
SHA256

649fd0bc52417c321faa416e40fd86e8e44cc1c33eb98283d748bb6329b69098
SHA512

40b5f13108ca2d6ac7d676c4c07521f3de1a1d70a19e36058415423243aa1e623324894bbfc84b7d58ae03147df153c094682e27bd199d40e70b3e83bdabfee8
SSDEEP

6144:1G9K0EBv7jVFpuQQuUHGohaUPBnRTRqn3Bg0tHLydyHXbLm/5mWD4U/omCK1yB:1G9/QQuUH3RRqn3i0t2ULY5mWfo9K1yB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
649fd0bc52417c321faa416e40fd86e8e44cc1c33eb98283d748bb6329b69098

Files

649fd0bc52417c321faa416e40fd86e8e44cc1c33eb98283d748bb6329b69098
.exe windows:5 windows x86 arch:x86

6c2e306e92b8d2ecd1c31ffacbb706c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasEnumConnectionsA
RasHangUpA

wininet

InternetGetConnectedState

packet

PacketAllocatePacket
PacketSetReadTimeout
PacketSetBuff
PacketSetHwFilter
PacketInitPacket
PacketFreePacket
PacketCloseAdapter
PacketReceivePacket
PacketOpenAdapter
PacketGetNetType

iphlpapi

AddIPAddress
GetIpAddrTable
GetAdaptersInfo
GetInterfaceInfo
DeleteIPAddress

skinmagic

ord1
ord8
ord4

kernel32

ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
CreateFileA
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileSizeEx
GetFileTime
RtlUnwind
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
RaiseException
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
ExitProcess
ExitThread
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
HeapCreate
VirtualFree
GetStdHandle
SetHandleCount
GetFileType
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
FileTimeToSystemTime
GetThreadLocale
GetModuleHandleW
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFlags
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryExA
InterlockedExchange
lstrcmpA
GlobalFree
GlobalAlloc
FormatMessageA
LocalFree
InterlockedDecrement
GetModuleFileNameW
GetCurrentProcessId
lstrlenA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
CompareStringA
MultiByteToWideChar
lstrcmpW
GetVersionExA
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleA
SetLastError
GetLocalTime
GetVersion
CreateThread
SetThreadPriority
GetTickCount
Sleep
TerminateThread
GetLastError
LoadLibraryA
GetProcAddress
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrcpynA
GetModuleFileNameA
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA

user32

CreateDialogIndirectParamA
MapDialogRect
SetWindowContextHelpId
DestroyMenu
GetSysColorBrush
LoadCursorA
UnregisterClassA
SetCapture
ReleaseCapture
CharUpperA
CharNextA
CopyAcceleratorTableA
IsRectEmpty
SetRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
SetMenu
IsWindowVisible
UpdateWindow
CreateWindowExA
GetNextDlgTabItem
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
OffsetRect
IntersectRect
GetWindowPlacement
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetKeyState
SetWindowPos
WindowFromPoint
IsWindowEnabled
GetParent
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
SetActiveWindow
RedrawWindow
DrawAnimatedRects
SetParent
FindWindowA
EnumChildWindows
SystemParametersInfoA
GetClassNameA
GetWindowRect
SetForegroundWindow
PostMessageA
GetCursorPos
TrackPopupMenu
LoadMenuA
SetMenuDefaultItem
IsWindow
GetMenuItemID
GetMenu
GetMenuItemCount
GetSubMenu
KillTimer
EndDialog
SetCursor
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
PostQuitMessage
IsIconic
DrawIcon
GetWindowThreadProcessId
ShowWindow
MoveWindow
GetSystemMetrics
GetDesktopWindow
SetTimer
GetSystemMenu
AppendMenuA
SetWindowRgn
LoadIconA
MessageBoxA
GetClientRect
SendMessageA
InvalidateRect
LoadImageA
DestroyIcon
DestroyCursor
EnableWindow
SetWindowTextA
IsDialogMessageA
GetClassInfoExA
SetWindowLongA

gdi32

SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
ScaleViewportExtEx
CreateBitmap
GetClipBox
GetDeviceCaps
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetStockObject
DeleteObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetObjectA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA

shell32

ShellExecuteA
Shell_NotifyIconA
SHAppBarMessage

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

oledlg

ord8

ole32

CoTaskMemAlloc
CoTaskMemFree
CoGetClassObject
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CLSIDFromProgID
CLSIDFromString
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes

oleaut32

SystemTimeToVariantTime
VariantCopy
SysAllocStringByteLen
SysFreeString
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
VariantTimeToSystemTime
SafeArrayDestroy
OleCreateFontIndirect
SysAllocString

ws2_32

htons
recvfrom
closesocket
WSAGetLastError
bind
WSASocketA
gethostbyaddr
WSAStartup
inet_ntoa
inet_addr
WSAIoctl
ntohs

Sections

.text
Size: 258KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c2e306e92b8d2ecd1c31ffacbb706c1

Headers

DLL Characteristics

File Characteristics

Imports

rasapi32

wininet

packet

iphlpapi

skinmagic

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 258KB - Virtual size: 258KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 16KB - Virtual size: 1.0MB

.rsrc Size: 75KB - Virtual size: 75KB

.text
Size: 258KB - Virtual size: 258KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 16KB - Virtual size: 1.0MB

.rsrc
Size: 75KB - Virtual size: 75KB