65b95a86dc0d9b438a9c2a5e32d4216c2078b6b980d152c66c2172b44ee08a88

Sharing

Copy URL

Twitter E-mail

General

Target

65b95a86dc0d9b438a9c2a5e32d4216c2078b6b980d152c66c2172b44ee08a88
Size

724KB
MD5

013d061af6815c11fa5716d0d04a200c
SHA1

bb2173d08c643f191752e767d38372e92c74bb7c
SHA256

65b95a86dc0d9b438a9c2a5e32d4216c2078b6b980d152c66c2172b44ee08a88
SHA512

cdc39b1d6d8b3508735aeec344f7dda6432e244306468272a7d8253dbd9becdcdc419a39239e1724fce20ec2d8035343531ff8dfa31240cc4f0cd37ccea2d6aa
SSDEEP

12288:AVGmPOiHDhkcctFS+7e876/7C7iEZ2yQlQJOmJBWX8/bbA9oJ9q3tpAGORmx7gST:AAmcm6HA9DpAGO5gCx4Io

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65b95a86dc0d9b438a9c2a5e32d4216c2078b6b980d152c66c2172b44ee08a88

Files

65b95a86dc0d9b438a9c2a5e32d4216c2078b6b980d152c66c2172b44ee08a88
.exe windows:4 windows x86 arch:x86

9f504842899ca4f4373bf120203181c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFullPathNameW
GetFileAttributesW
GetFileTime
SetErrorMode
GetStartupInfoW
ExitProcess
RtlUnwind
HeapAlloc
CreateThread
ExitThread
HeapFree
GetTimeZoneInformation
GetSystemTime
RaiseException
TerminateProcess
HeapSize
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetCurrentProcess
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetFileAttributesA
SetUnhandledExceptionFilter
SetStdHandle
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetExitCodeProcess
CreateProcessA
GetACP
GetOEMCP
CompareStringA
CompareStringW
SetEnvironmentVariableA
DuplicateHandle
GetCurrentDirectoryW
FindResourceA
GlobalAddAtomA
GetProfileStringA
SizeofResource
GlobalFlags
lstrcmpiW
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcmpW
GlobalAlloc
lstrcmpiA
GetCurrentThread
lstrcmpA
lstrcpynW
SetLastError
GetModuleHandleA
LoadLibraryA
GetVersion
lstrcatW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrcpyW
GetModuleHandleW
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceW
LoadResource
FormatMessageW
LocalFree
SuspendThread
GetCurrentThreadId
SetThreadPriority
FileTimeToLocalFileTime
lstrlenA
lstrlenW
InterlockedDecrement
InterlockedIncrement
OutputDebugStringA
CreateFileA
QueryDosDeviceA
QueryDosDeviceW
LoadLibraryW
GetProcAddress
FreeLibrary
GetVolumeInformationA
GetDriveTypeA
GetDiskFreeSpaceExA
GetVolumeInformationW
GetDiskFreeSpaceExW
DeviceIoControl
GetCommandLineW
CreateMutexW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetPrivateProfileSectionW
MulDiv
FindFirstFileA
GetModuleFileNameA
MoveFileW
GetFileAttributesExW
SetFileAttributesW
DeleteFileW
RemoveDirectoryW
CreateDirectoryW
GetModuleFileNameW
DeleteCriticalSection
WritePrivateProfileStringW
GetTickCount
ResumeThread
GetPrivateProfileIntW
GetLogicalDrives
GetDriveTypeW
SetEvent
InitializeCriticalSection
CreateEventW
GetVersionExW
GetLastError
GetFileSize
FindFirstFileW
FindNextFileW
FindClose
ResetEvent
WaitForSingleObject
GetLocalTime
EnterCriticalSection
LeaveCriticalSection
GetThreadLocale
WideCharToMultiByte
WriteFile
ReadFile
MultiByteToWideChar
PurgeComm
CreateFileW
GetCommState
SetCommState
GetCommTimeouts
SetCommTimeouts
EscapeCommFunction
CloseHandle
GetPrivateProfileStringW
GetEnvironmentVariableA
Sleep

user32

SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
CheckDlgButton
UpdateWindow
SendDlgItemMessageW
SendDlgItemMessageA
MapWindowPoints
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
IsChild
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthW
GetDlgCtrlID
CreateWindowExW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageW
OffsetRect
IntersectRect
SystemParametersInfoW
GetWindowPlacement
GetWindowRect
GetNextDlgTabItem
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamW
DestroyWindow
MoveWindow
IsWindowEnabled
GetMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExW
BroadcastSystemMessageW
FillRect
InvalidateRect
GetAsyncKeyState
wsprintfW
PostMessageW
UnregisterClassW
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
GetWindowTextA
GetParent
LockWindowUpdate
CopyRect
GetWindowLongW
SetWindowLongW
GetSysColor
FindWindowW
SetWindowPos
MessageBoxW
RegisterDeviceNotificationW
KillTimer
UnregisterDeviceNotification
RedrawWindow
LoadImageW
EnableMenuItem
PostThreadMessageW
SetParent
RegisterClipboardFormatW
GetDesktopWindow
GetWindow
GetWindowTextW
LoadIconW
GetWindowModuleFileNameW
GetClientRect
IsIconic
DrawIcon
GetSystemMetrics
GetSystemMenu
DrawTextA
DrawFocusRect
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
EnableWindow
SendMessageW
SetTimer
DispatchMessageW
TranslateMessage
PeekMessageW
AppendMenuW
GetDCEx
CharUpperW
MessageBeep
GetNextDlgGroupItem
CopyAcceleratorTableW
CharNextW
SetCapture
SetRect
WindowFromPoint
ReleaseCapture
PtInRect
GetClassNameW
GetSysColorBrush
LoadCursorW
MapDialogRect
SetWindowContextHelpId
SetCursor
PostQuitMessage
InflateRect
GrayStringW
DrawTextW
TabbedTextOutW
EndPaint
ShowWindow
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
DestroyMenu
LoadStringW
IsZoomed
SetRectEmpty
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
GetDlgItem
BeginPaint

gdi32

SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
DeleteObject
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
PatBlt
CreateRectRgnIndirect
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
GetTextColor
GetBkColor
LPtoDP
BitBlt
CreateCompatibleDC
RestoreDC
SaveDC
GetTextMetricsW
SelectObject
GetTextExtentPoint32W
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetObjectW
CreateFontIndirectW
GetStockObject
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
CreateDCW
GetDeviceCaps
CreateDIBitmap
ExtTextOutA
GetTextExtentPointA
DeleteDC

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegEnumKeyW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW

shell32

StrStrIA
StrChrA

comctl32

ImageList_LoadImageW
ImageList_Destroy
ord17

oledlg

OleUIBusyW

ole32

OleUninitialize
OleInitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
StringFromGUID2
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoFreeUnusedLibraries

olepro32

ord253

oleaut32

SysStringLen
VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
VarBstrFromDate
VarDateFromStr
VariantChangeType
SysAllocString
VariantCopy
VariantClear

wsock32

send
ioctlsocket
connect
closesocket
WSACleanup
recv
WSAStartup
socket
htons

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

shlwapi

StrTrimA
StrTrimW

setupapi

SetupDiChangeState
SetupDiSetClassInstallParamsW
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiRemoveDevice
SetupDiGetDeviceInstanceIdW
SetupDiGetClassDevsW
SetupDiRemoveDeviceInterface
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA

cfgmgr32

CM_Get_DevNode_Registry_PropertyW
CM_Get_DevNode_Status
CM_Get_Parent

Sections

.text
Size: 448KB - Virtual size: 447KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f504842899ca4f4373bf120203181c8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

version

shlwapi

setupapi

cfgmgr32

Sections

.text Size: 448KB - Virtual size: 447KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 128KB - Virtual size: 183KB

.tls Size: 4KB - Virtual size: 12B

.rsrc Size: 84KB - Virtual size: 81KB

.text
Size: 448KB - Virtual size: 447KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 128KB - Virtual size: 183KB

.tls
Size: 4KB - Virtual size: 12B

.rsrc
Size: 84KB - Virtual size: 81KB