98343a5fa5e885f53e7e6fa1c2caae1cc3d6ed44bf9a3ed6ff6d1dd8fe695dc1

Sharing

Copy URL

Twitter E-mail

General

Target

98343a5fa5e885f53e7e6fa1c2caae1cc3d6ed44bf9a3ed6ff6d1dd8fe695dc1
Size

765KB
MD5

43e492e1f4aa9ca233cbc437f6119632
SHA1

8aa6b405b180ac52b73ebaf52a3b60200a7ce7a8
SHA256

98343a5fa5e885f53e7e6fa1c2caae1cc3d6ed44bf9a3ed6ff6d1dd8fe695dc1
SHA512

a467be1cc2ccc8faf8404633950144e33ff5a2f89de0f2111ed10e99767663bc5e08b5c51a34a87ba7a75378a369a716387a7d3f4f305e266b2c9b12d443414a
SSDEEP

12288:/v94T+vKj34Yq/I5GKjVKpxnpmA9wCY1esPk:d4T+vq341/I5jVK7np99wC4esPk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98343a5fa5e885f53e7e6fa1c2caae1cc3d6ed44bf9a3ed6ff6d1dd8fe695dc1

Files

98343a5fa5e885f53e7e6fa1c2caae1cc3d6ed44bf9a3ed6ff6d1dd8fe695dc1
.exe windows:6 windows x86 arch:x86

fd5645809ee71c72ae118d2e5d09b8f4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
GetCurrentDirectoryW
GetTickCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
WriteConsoleW
ReadConsoleW
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
GetTimeZoneInformation
GlobalFlags
ExitProcess
GetStdHandle
HeapQueryInformation
VirtualQuery
GetSystemInfo
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
CreateThread
GetFileType
GetDriveTypeW
RtlUnwind
LCMapStringW
lstrlenW
MoveFileExW
FindNextFileW
RemoveDirectoryW
CreateDirectoryW
OutputDebugStringW
SetErrorMode
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
FileTimeToSystemTime
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
CreateEventW
CompareStringA
GetVersionExW
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GetLocaleInfoW
GlobalDeleteAtom
GetSystemDirectoryW
EncodePointer
GetCurrentProcessId
GetThreadLocale
LoadLibraryA
LoadLibraryExW
WriteFile
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
lstrcmpA
GlobalFree
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
SetLastError
OutputDebugStringA
GetACP
DeleteCriticalSection
DecodePointer
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
TerminateProcess
GetCurrentThreadId
SetFileAttributesW
SetFileTime
CopyFileW
SetCurrentDirectoryW
DuplicateHandle
GetExitCodeProcess
WaitForSingleObject
GetPriorityClass
ExitThread
GetExitCodeThread
LocalFree
FormatMessageW
lstrcpynW
RaiseException
AssignProcessToJobObject
CreateJobObjectW
CreateProcessW
GlobalUnlock
GlobalLock
GlobalAlloc
VirtualFreeEx
ReadProcessMemory
WriteProcessMemory
VirtualAllocEx
OpenProcess
MulDiv
QueryInformationJobObject
VirtualAlloc
GetModuleHandleW
VirtualFree
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentProcess
GetCurrentThread
GetTempFileNameW
GetTempPathW
DeleteFileW
ExpandEnvironmentStringsW
GetFileAttributesW
SetFilePointer
ReadFile
CreateFileW
CloseHandle
WideCharToMultiByte
Sleep
GetModuleFileNameW
FreeLibrary
GetProcAddress
GetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
SetStdHandle
LoadLibraryW

user32

GetScrollPos
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetMenu
GetMenu
GetCapture
GetKeyState
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsChild
IsMenu
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
IsDialogMessageW
GetWindow
SetWindowLongW
GetWindowTextW
SetWindowTextW
GetFocus
SetFocus
GetDlgCtrlID
SendDlgItemMessageW
DestroyWindow
SetDlgItemTextW
MoveWindow
UnhookWindowsHookEx
GetSysColor
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetDesktopWindow
SetActiveWindow
CheckMenuItem
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
IsWindow
GetLastActivePopup
GetWindowLongW
MessageBoxW
IsWindowEnabled
CharUpperW
SetPropW
GetPropW
RemovePropW
AdjustWindowRectEx
MapWindowPoints
EqualRect
PtInRect
GetClassLongW
GetMenuItemCount
GetMenuItemID
GetMonitorInfoW
GetClassNameW
GetTopWindow
SetWindowsHookExW
CallNextHookEx
WinHelpW
MonitorFromWindow
RegisterClassExW
CreateWindowExW
DefWindowProcW
ShowWindow
CopyRect
SetWindowPos
GetWindowThreadProcessId
IsWindowVisible
EnumWindows
ScreenToClient
PostMessageW
GetClientRect
SendMessageW
ClientToScreen
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
LoadIconW
IsIconic
GetSystemMetrics
DrawIcon
GetDC
ReleaseDC
LoadImageW
GetWindowRect
SetTimer
KillTimer
EnableWindow
GetThreadDesktop
CreateDesktopW
SetThreadDesktop
CloseDesktop
CreateMenu
CreatePopupMenu
AppendMenuW
GetSubMenu
GetCursorPos
UpdateWindow
TrackPopupMenu
UnregisterClassW
SendDlgItemMessageA
SetRectEmpty
OffsetRect
GetParent
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
DestroyMenu
PostQuitMessage
SetWindowContextHelpId
MapDialogRect
GetMessageW
TranslateMessage
SetCursor
GetSysColorBrush
LoadCursorW
RealChildWindowFromPoint
IntersectRect
InvalidateRect
SetCapture
ReleaseCapture
CharNextW
CopyAcceleratorTableW
InvalidateRgn
PostThreadMessageW
RegisterClipboardFormatW
SetRect
MessageBeep
GetNextDlgGroupItem
GetActiveWindow
IsRectEmpty

gdi32

ExtSelectClipRgn
SelectObject
SetBkColor
SetMapMode
GetObjectW
TextOutW
SaveDC
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
RestoreDC
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetClipBox
Escape
DeleteObject
CreateBitmap
DeleteDC
GetStockObject
SetBkMode
SetTextColor
CreateFontW
GetDeviceCaps
ExtTextOutW
CreateSolidBrush

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

ReportEventW
DeregisterEventSource
OpenThreadToken
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegUnLoadKeyW
RegLoadKeyW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueW
CopySid
GetLengthSid
GetTokenInformation
OpenProcessToken
RegisterEventSourceW

shell32

SHGetFolderPathW
ShellExecuteW
ord51

comctl32

InitCommonControlsEx
ImageList_AddMasked

shlwapi

PathFileExistsW
PathMatchSpecW
PathFindExtensionW
UrlUnescapeW
PathIsUNCW
PathStripToRootW
PathFindFileNameW

ole32

CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoFreeUnusedLibraries
CoInitialize
CLSIDFromProgID
OleInitialize
CoCreateGuid
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoCreateInstance
CoInitializeEx
OleUninitialize
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CLSIDFromString
CoGetClassObject

oleaut32

SafeArrayCreateVector
SysFreeString
SafeArrayPutElement
OleCreateFontIndirect
SysAllocString
SysStringLen
VariantCopy
VariantChangeType
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
SafeArrayDestroy
VariantClear
VariantInit

oledlg

OleUIBusyW

rpcrt4

UuidToStringW
RpcStringFreeW
UuidCreate

winhttp

WinHttpSetOption
WinHttpCloseHandle
WinHttpQueryHeaders
WinHttpReadData
WinHttpCrackUrl
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpOpenRequest
WinHttpOpen
WinHttpQueryDataAvailable
WinHttpConnect

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 471KB - Virtual size: 471KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd5645809ee71c72ae118d2e5d09b8f4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

rpcrt4

winhttp

oleacc

Sections

.text Size: 471KB - Virtual size: 471KB

.rdata Size: 112KB - Virtual size: 111KB

.data Size: 11KB - Virtual size: 22KB

.rsrc Size: 140KB - Virtual size: 139KB

.reloc Size: 29KB - Virtual size: 29KB

.text
Size: 471KB - Virtual size: 471KB

.rdata
Size: 112KB - Virtual size: 111KB

.data
Size: 11KB - Virtual size: 22KB

.rsrc
Size: 140KB - Virtual size: 139KB

.reloc
Size: 29KB - Virtual size: 29KB