f830c00b21c2d7eac58601924151807bf8356ba2c42273a51a15d859566e9848

Sharing

Copy URL Twitter E-mail

General

Target

f830c00b21c2d7eac58601924151807bf8356ba2c42273a51a15d859566e9848
Size

2.1MB
MD5

52b24ac602e144515006434acd67b425
SHA1

14c9bc4a55d57d599c6f408936d90d1f7d3b3215
SHA256

f830c00b21c2d7eac58601924151807bf8356ba2c42273a51a15d859566e9848
SHA512

47e7dbd75353f6755c9ea2c11a3a44d123f2df4e761bb9e1d3ef05a70b4952b4ff80aa782efb571c745574fcbc8a37c22be1b24df2cbaca143203f1a0a4d4d9f
SSDEEP

24576:g3ZUVZciyjQmoh4iXvMzA14jjrHvOjCHIAWzq/m2mWyeSAeu0kr8gfsTklAj2OES:05P21RWyeSA1tf25Gc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f830c00b21c2d7eac58601924151807bf8356ba2c42273a51a15d859566e9848

Files

f830c00b21c2d7eac58601924151807bf8356ba2c42273a51a15d859566e9848
.exe windows:4 windows x86 arch:x86

193fd85ed71fb8aeeab3e31317697dc1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadModule
WinExec
GetWindowsDirectoryA
GetSystemDirectoryA
GetVersionExA
GetModuleFileNameA
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
CreateMutexA
GetLastError
ReleaseMutex
GetModuleHandleA
GetVersion
LoadLibraryA
FreeLibrary
GlobalLock
GlobalUnlock
AllocConsole
SetConsoleTitleA
GlobalMemoryStatus
GetLocalTime
GetCurrentProcess
GetProcessTimes
Sleep
GetStdHandle
OutputDebugStringA
CreatePipe
SearchPathA
CloseHandle
TerminateProcess
CreateFileA
ReadFile
WriteFile
SetEndOfFile
FlushFileBuffers
LockFileEx
LockFile
UnlockFileEx
UnlockFile
SetFilePointer
DeleteFileA
MoveFileA
CreateDirectoryA
SetCurrentDirectoryA
RemoveDirectoryA
GetCurrentDirectoryA
FormatMessageA
LocalFree
SetLastError
FindResourceA
LoadResource
LockResource
GetEnvironmentVariableA
GetProfileStringA
lstrlenA
lstrcpyA
GetTempPathA
GetTempFileNameA
FindFirstFileA
CompareFileTime
FindNextFileA
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
GetVolumeInformationA
VirtualAlloc
GetStartupInfoA
GetSystemTimeAsFileTime
DuplicateHandle
GetDriveTypeA
RtlUnwind
VirtualQuery
ExitProcess
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStrings
UnhandledExceptionFilter
SetStdHandle
GetFullPathNameA
SetConsoleCtrlHandler
GetTimeZoneInformation
FreeResource
GlobalSize
lstrcatA
MultiByteToWideChar
lstrcmpA
GlobalAlloc
GlobalFree
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
QueryPerformanceFrequency
QueryPerformanceCounter
GlobalCompact
GlobalUnfix
GlobalReAlloc
GlobalAddAtomA
GlobalGetAtomNameA
GlobalDeleteAtom
_lopen
_llseek
_lread
_hread
_lclose
_lcreat
_hwrite
GetTickCount
GetProfileIntA
GetPrivateProfileIntA
GetPrivateProfileStringA
WriteProfileStringA
WritePrivateProfileStringA
GlobalFindAtomA
GlobalFlags
GetLargestConsoleWindowSize

user32

GetActiveWindow
MessageBoxA
ExitWindowsEx
PostQuitMessage
IsWindow
ShowWindow
SetFocus
GetFocus
SetForegroundWindow
CallWindowProcA
IsChild
IsIconic
IsZoomed
GetWindowLongA
CloseWindow
SetWindowLongA
SetWindowWord
FindWindowA
GetClassInfoA
IsWindowVisible
WindowFromPoint
EnableWindow
IsWindowEnabled
PeekMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
OemToCharA
CharToOemA
DefWindowProcA
WaitMessage
IsDialogMessageA
OemToCharBuffA
CharToOemBuffA
GetWindowRect
MoveWindow
GetDC
GetClientRect
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
ReleaseDC
BringWindowToTop
GetParent
ScreenToClient
GetClassNameA
PostMessageA
SendMessageA
GetDlgItem
GetNextDlgTabItem
GetDlgCtrlID
GetSysColor
DialogBoxParamA
LoadCursorA
SetCursor
DialogBoxIndirectParamA
EndDialog
CreateDialogParamA
CreateDialogIndirectParamA
SetPropA
GetPropA
UpdateWindow
MessageBeep
OffsetRect
ClientToScreen
GetWindow
BeginPaint
GetCursorPos
GetWindowTextLengthA
GetWindowTextA
DrawTextA
EndPaint
MapWindowPoints
DrawFocusRect
GetDialogBaseUnits
FillRect
InvertRect
MapDialogRect
InvalidateRect
FrameRect
GetWindowThreadProcessId
GetWindowWord
ChildWindowFromPoint
SetParent
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetMenuItemCount
GetMenuItemInfoA
SetMenuItemInfoA
SetWindowPos
GetDesktopWindow
SetActiveWindow
SetWindowTextA
DestroyWindow
CreateCursor
DestroyCursor
SetCursorPos
ShowCursor
GetSystemMetrics
GetWindowDC
SetRectEmpty
CopyRect
SetCapture
GetCapture
ReleaseCapture
DrawStateA
LoadIconA
DrawIcon
DestroyIcon
CreateMenu
CreatePopupMenu
TrackPopupMenu
EnableMenuItem
CheckMenuItem
GetMenuItemID
GetSystemMenu
DestroyMenu
GetSubMenu
GetMenuStringA
GetMenuState
DrawMenuBar
HiliteMenuItem
LoadMenuA
AppendMenuA
SetMenu
ModifyMenuA
InsertMenuA
RemoveMenu
LoadBitmapA
IsMenu
RegisterClassA
SetClassWord
CreateWindowExA
DrawTextExA
GetKeyState
GetAsyncKeyState
GetKeyboardState
SetKeyboardState
MapVirtualKeyA
keybd_event
GetClassLongA
SetClassLongA
SetScrollRange
SetScrollPos
GetScrollRange
GetScrollPos
DefFrameProcA
DefMDIChildProcA
GetDCEx
SetTimer
KillTimer
wsprintfA
PtInRect
LoadStringA
GetClipboardData
IsClipboardFormatAvailable
GetCaretPos
CreateCaret
DestroyCaret
ShowCaret
SetCaretPos
HideCaret
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsA
RegisterWindowMessageA

winspool.drv

EnumPrintersA
OpenPrinterA
ClosePrinter
StartDocPrinterA
StartPagePrinter
WritePrinter
EndPagePrinter
EndDocPrinter
GetPrinterA

ole32

OleInitialize
OleUninitialize
CoInitialize
CLSIDFromString
CoCreateInstance
CLSIDFromProgID
StringFromCLSID
CoTaskMemFree

shell32

ShellAboutA
ExtractIconA
DragAcceptFiles
DragQueryFileA
DragQueryPoint

oleaut32

VarR8FromCy
VarR8FromDec
LoadTypeLib
VariantInit
SysAllocString
VariantClear

advapi32

RegOpenKeyA
RegQueryValueA
RegCreateKeyA
RegSetValueA
RegSetValueExA
RegDeleteKeyA
RegEnumKeyA
RegEnumValueA
RegCloseKey

comctl32

ImageList_AddMasked
InitCommonControls
InitCommonControlsEx

comdlg32

ChooseColorA
ChooseFontA
PrintDlgA
PageSetupDlgA
CommDlgExtendedError
GetSaveFileNameA
GetOpenFileNameA
FindTextA

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteDC
SetTextColor
SetBkColor
SetBkMode
GetTextColor
GetBkColor
GetStockObject
GetPixel
GetTextExtentPointA
CreateBitmap
CreatePatternBrush
UnrealizeObject
DeleteObject
RoundRect
CreateDIBitmap
CreateHatchBrush
GetMetaFileBitsEx
SetWinMetaFileBits
GetWinMetaFileBits
SetMetaFileBitsEx
CreateSolidBrush
CreateBrushIndirect
SetWindowOrgEx
GetWindowOrgEx
GetViewportOrgEx
GetObjectA
SelectPalette
RealizePalette
CreateDCA
SetWindowExtEx
SetViewportExtEx
SetViewportOrgEx
SaveDC
RestoreDC
ExtTextOutA
CreateBitmapIndirect
StretchBlt
SetPixel
GetObjectType
MoveToEx
Arc
Chord
Ellipse
LineTo
FloodFill
ExtFloodFill
PolyPolygon
SetPolyFillMode
Rectangle
Pie
GetTextMetricsA
SetTextAlign
TextOutA
GetTextExtentPoint32A
GetDeviceCaps
GetDIBits
CreatePalette
SetDIBitsToDevice
StretchDIBits
GetTextAlign
SetTextJustification
SetStretchBltMode
GetMapMode
SetMapMode
PatBlt
CreatePen
CreateFontA
AddFontResourceA
RemoveFontResourceA
GetTextFaceA
EnumFontsA
SetBrushOrgEx
CreateRectRgn
SetROP2
FrameRgn
StartDocA
EndDoc
StartPage
EndPage
Escape
ResetDCA
EnumFontFamiliesA
AbortDoc
CreateEnhMetaFileA
CloseEnhMetaFile
DeleteEnhMetaFile
GetEnhMetaFileA
PlayEnhMetaFile
CreateMetaFileA
CloseMetaFile
DeleteMetaFile
GetMetaFileA
PlayMetaFile

ace32

AdsSetServerType
AdsGetDateFormat
AdsSetDateFormat
AdsGetEpoch
AdsSetEpoch
AdsApplicationExit
AdsIsServerLoaded
AdsGetConnectionType
AdsUnlockRecord
AdsGetTableConnection
AdsGetServerTime
AdsShowError
AdsIsTableLocked
AdsIsRecordLocked
AdsGetTableCharType
AdsGetDefault
AdsSetDefault
AdsGetSearchPath
AdsSetSearchPath
AdsGetDeleted
AdsShowDeleted
AdsGetExact
AdsSetExact
AdsBinaryToFile
AdsFileToBinary
AdsGetIndexHandleByOrder
AdsGetIndexHandle
AdsGetRecordNum
AdsGetKeyNum
AdsGetRecordCount
AdsGetScope
AdsGetAOF
AdsGetFilter
AdsGotoTop
AdsAtEOF
AdsSkip
AdsAddCustomKey
AdsDeleteCustomKey
AdsClearAOF
AdsEvalAOF
AdsGetTableAlias
AdsGetAOFOptLevel
AdsIsRecordInAOF
AdsRefreshAOF
AdsSetAOF
AdsEnableEncryption
AdsDisableEncryption
AdsEncryptTable
AdsDecryptTable
AdsEncryptRecord
AdsDecryptRecord
AdsIsEncryptionEnabled
AdsIsRecordEncrypted
AdsIsTableEncrypted
AdsConnect
AdsDisconnect
AdsCreateSQLStatement
AdsStmtSetTableType
AdsCloseSQLStatement
AdsExecuteSQLDirect
AdsPrepareSQL
AdsExecuteSQL
AdsCloseAllTables
AdsWriteAllRecords
AdsRefreshRecord
AdsCopyTable
AdsConvertTable
AdsRegisterProgressCallback
AdsClearProgressCallback
AdsIsExprValid
AdsGetNumIndexes
AdsGetHandleType
AdsGetLastError
AdsGetNumOpenTables
AdsBeginTransaction
AdsCommitTransaction
AdsFailedTransactionRecovery
AdsInTransaction
AdsRollbackTransaction
AdsCacheRecords
AdsReindex
AdsGetVersion
AdsCacheOpenTables
AdsCacheOpenCursors
AdsGetNumActiveLinks
AdsDDAddTable
AdsDDRemoveTable
AdsDDRemoveIndexFile
AdsDDAddUserToGroup
AdsDDRemoveUserFromGroup
AdsConnect60
AdsDDCreate
AdsDDCreateUser
AdsDDDeleteUser
AdsDDGetDatabaseProperty
AdsDDSetDatabaseProperty
AdsDDGetUserProperty
AdsRestructureTable
AdsCopyTableContents
AdsFindFirstTable
AdsFindNextTable
AdsFindClose
AdsCheckExistence
AdsDeleteFile
AdsStmtSetTablePassword
AdsCloseCachedTables
AdsSetDecimals
AdsExtractKey
AdsOpenIndex
AdsCloseIndex
AdsAtBOF
AdsIsFound
AdsGetKeyType
AdsSetScope
AdsClearScope
AdsGetRelKeyPos
AdsSetRelKeyPos
AdsCloseTable
AdsGotoBottom
AdsGotoRecord
AdsSeekLast
AdsSeek
AdsAppendRecord
AdsDeleteRecord
AdsIsRecordDeleted
AdsGetNumFields
AdsGetFieldName
AdsWriteRecord
AdsFlushFileBuffers
AdsGetRecord
AdsGetFieldRaw
AdsGetField
AdsGetDouble
AdsGetJulian
AdsGetLogical
AdsGetMemoDataType
AdsGetMemoLength
AdsGetString
AdsGetBinaryLength
AdsGetBinary
AdsSetRecord
AdsSetFieldRaw
AdsSetString
AdsSetDouble
AdsSetJulian
AdsSetLogical
AdsSetBinary
AdsRecallRecord
AdsCreateTable
AdsGetRecordLength
AdsGetLastTableUpdate
AdsGetNumLocks
AdsGetAllLocks
AdsGetTableFilename
AdsOpenTable
AdsGetFieldType
AdsGetFieldLength
AdsGetFieldDecimals
AdsGetTableType
AdsPackTable
AdsZapTable
AdsClearRelation
AdsSetScopedRelation
AdsSetRelation
AdsCloseAllIndexes
AdsGetIndexOrderByHandle
AdsGetIndexName
AdsGetIndexExpr
AdsCreateIndex
AdsDeleteIndex
AdsGetIndexCondition
AdsIsIndexDescending
AdsIsIndexUnique
AdsGetKeyLength
AdsGetIndexFilename
AdsIsIndexCustom
AdsClearFilter
AdsSetFilter
AdsLockRecord
AdsLockTable
AdsUnlockTable
AdsCustomizeAOF

Sections

.text
Size: 972KB - Virtual size: 971KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 913KB - Virtual size: 912KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 295KB - Virtual size: 349KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

193fd85ed71fb8aeeab3e31317697dc1

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

ole32

shell32

oleaut32

advapi32

comctl32

comdlg32

gdi32

ace32

Sections

.text Size: 972KB - Virtual size: 971KB

.rdata Size: 913KB - Virtual size: 912KB

.rsrc Size: 1024B - Virtual size: 668B

.data Size: 295KB - Virtual size: 349KB

.text
Size: 972KB - Virtual size: 971KB

.rdata
Size: 913KB - Virtual size: 912KB

.rsrc
Size: 1024B - Virtual size: 668B

.data
Size: 295KB - Virtual size: 349KB