6c99a327c237df5c0041157c572a53efdff9420f9954d94dca79c7498d3c8b0e

Sharing

Copy URL Twitter E-mail

General

Target

6c99a327c237df5c0041157c572a53efdff9420f9954d94dca79c7498d3c8b0e
Size

4.2MB
MD5

a370aea8d79eec9b51f24ec44673778d
SHA1

29e2e082d532ce6f614e8211abfb6e0f05271357
SHA256

6c99a327c237df5c0041157c572a53efdff9420f9954d94dca79c7498d3c8b0e
SHA512

f177cd884b32430a761420ec2aa99d2db034ba0fbf5e8c397470eef5d41be87c25660ae8bc9a3edade2e436074b8f89577806ae03dc9c18cea6665bd97e80ad1
SSDEEP

98304:ouhWAXu3qACvcOMbDxFxaQA4MDky50xKW3ruKTgN3MDR86CRLM5lYuDPkL1DLTGo:ru0vMDxFxaQA4MDky50xKW3ruKTgN3Mi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6c99a327c237df5c0041157c572a53efdff9420f9954d94dca79c7498d3c8b0e

Files

6c99a327c237df5c0041157c572a53efdff9420f9954d94dca79c7498d3c8b0e
.exe windows:6 windows x64 arch:x64

7375f57fb8b15746d94f7237f254244b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetVolumeInformationW
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
ResetEvent
VirtualQuery
WideCharToMultiByte
CopyFileW
GetModuleHandleW
GetCurrentProcessId
GetCurrentDirectoryW
GetSystemInfo
DeleteFileW
GlobalFlags
GetFileAttributesExW
MultiByteToWideChar
GetSystemDirectoryW
WriteConsoleW
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetVersionExW
GetFileAttributesW
FindClose
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
FindNextFileW
GetCommandLineW
SetLastError
FindFirstFileW
ReadFile
FreeLibrary
GetProcAddress
LoadLibraryW
ExitProcess
FreeResource
GetCurrentThreadId
GlobalReAlloc
MulDiv
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GlobalSize
Sleep
GlobalMemoryStatusEx
IsDebuggerPresent
CreateEventW
CloseHandle
ResumeThread
SetThreadPriority
CreateThread
WaitForSingleObject
SetEvent
GetTickCount
FindResourceW
LoadResource
LockResource
SizeofResource
TryEnterCriticalSection
InitializeCriticalSection
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
LCMapStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetConsoleMode
GetConsoleOutputCP
SetFilePointerEx
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
VirtualAlloc
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
GetCommandLineA
RtlPcToFileHeader
RtlUnwindEx
OutputDebugStringW
GetStartupInfoW
InitializeSListHead
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RaiseException
HeapReAlloc
GetLastError
HeapSize
LeaveCriticalSection
RtlCaptureContext
WaitForSingleObjectEx
GetTempFileNameW
GetWindowsDirectoryW
SetErrorMode
GetFileTime
GetFileSizeEx
SystemTimeToTzSpecificLocalTime
GetProfileIntW
GetTempPathW
SearchPathW
FindResourceExW
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameW
FlushFileBuffers
GetFileSize
CreateFileW
VerifyVersionInfoW
VerSetConditionMask
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalGetAtomNameW
lstrcpyW
GetThreadLocale
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CompareStringA
lstrcmpA
GetCurrentThread
FormatMessageW
LocalFree
CompareStringW
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleExW
EncodePointer
OutputDebugStringA
GetVersion
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
HeapFree

user32

GetDC
GetSystemMetrics
GetWindowDC
GetClientRect
AdjustWindowRectEx
SetCursor
GetKeyState
SetFocus
IsWindow
MessageBoxW
GetFocus
SendMessageW
GetWindowRect
EnableWindow
UnregisterClassW
LoadImageW
GetParent
GetDesktopWindow
LoadCursorW
SetTimer
GetClassInfoW
GetActiveWindow
LoadStringW
GetWindowLongPtrW
RemovePropW
CreateWindowExW
GetPropW
DestroyWindow
PostMessageW
DefWindowProcW
RegisterClassW
SetPropW
InvalidateRect
LoadIconW
ReleaseDC
DefMDIChildProcW
CopyImage
DestroyIcon
SetWindowLongW
IsZoomed
SetRect
GetWindowLongW
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
GetClassInfoExW
IsMenu
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgItem
GetMenu
GetMenuItemID
GetMenuItemCount
GetForegroundWindow
BeginPaint
EndPaint
ValidateRect
ScrollWindow
ShowScrollBar
GetWindowTextW
GetWindowTextLengthW
MapWindowPoints
EqualRect
GetClassLongPtrW
GetLastActivePopup
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
SetScrollInfo
GetScrollInfo
GetMenuStringW
GetMenuState
RemoveMenu
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
CheckDlgButton
SetWindowTextW
IsDialogMessageW
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadMenuW
SystemParametersInfoW
RegisterClipboardFormatW
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
GetMessageW
TranslateMessage
ShowOwnedPopups
GetKeyNameTextW
MapVirtualKeyW
CharNextW
CreateDialogIndirectParamW
EndDialog
DrawFocusRect
NotifyWinEvent
SendDlgItemMessageA
SetRectEmpty
GetMenuItemInfoW
InflateRect
MonitorFromPoint
GetSysColorBrush
RealChildWindowFromPoint
GetAsyncKeyState
BringWindowToTop
LoadAcceleratorsW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
SetLayeredWindowAttributes
EnumDisplayMonitors
DrawStateW
TrackMouseEvent
CharUpperW
ModifyMenuW
PostThreadMessageW
WaitMessage
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CopyAcceleratorTableW
EnumChildWindows
LockWindowUpdate
SetClassLongPtrW
InvalidateRgn
GetNextDlgGroupItem
DrawEdge
DrawFrameControl
DrawIconEx
UnionRect
GetIconInfo
SetCursorPos
CharUpperBuffW
UpdateLayeredWindow
EnableScrollBar
GetMenuDefaultItem
SetMenuDefaultItem
CopyIcon
FrameRect
SetForegroundWindow
IsClipboardFormatAvailable
DrawMenuBar
DefFrameProcW
TranslateMDISysAccel
IsCharLowerW
MapVirtualKeyExW
SubtractRect
GetUpdateRect
HideCaret
InvertRect
GetDoubleClickTime
DestroyCursor
GetComboBoxInfo
GetWindowRgn
GetSystemMenu
CallWindowProcW
GetWindow
IsWindowVisible
SetWindowPos
SetWindowLongPtrW
SetWindowRgn
FillRect
ScreenToClient
MessageBeep
WindowFromPoint
GetScrollPos
DrawIcon
ShowWindow
OffsetRect
GetCapture
RedrawWindow
GetScrollRange
CopyRect
GetDlgCtrlID
ClientToScreen
IsChild
GetTopWindow
GetSysColor
IsWindowEnabled
SetMenu
WinHelpW
LoadBitmapW
IsRectEmpty
IntersectRect
GetClassNameW
SetParent
SetCapture
SetScrollRange
KillTimer
SetScrollPos
PtInRect
UpdateWindow
ReleaseCapture
IsIconic
GetNextDlgTabItem
DeleteMenu
CreatePopupMenu
TrackPopupMenu
GetSubMenu
DestroyAcceleratorTable
CreateAcceleratorTableW
DestroyMenu
TranslateAcceleratorW
InsertMenuW
AppendMenuW
CreateMenu
GetCursorPos
GetWindowThreadProcessId
MonitorFromWindow
SetActiveWindow
OpenClipboard
GetMonitorInfoW
CloseClipboard
EmptyClipboard
MoveWindow
SetClipboardData

gdi32

GetWindowOrgEx
CreatePatternBrush
GetPixel
CreateRectRgn
CreateBitmap
CombineRgn
GetViewportOrgEx
PatBlt
CreateRoundRectRgn
GetTextMetricsW
CreatePen
Rectangle
Ellipse
CreateSolidBrush
CreateEllipticRgn
RoundRect
GetTextExtentPoint32W
BitBlt
CreateCompatibleBitmap
SelectObject
CreateDIBSection
SetDIBColorTable
CreateCompatibleDC
GdiAlphaBlend
CreateHatchBrush
RealizePalette
GetStockObject
GetDIBits
GetDeviceCaps
GetSystemPaletteEntries
SelectPalette
GetObjectW
SetStretchBltMode
CreateFontIndirectW
DeleteObject
DeleteDC
SetBkColor
SetTextColor
CopyMetaFileW
CreateDCW
Escape
ExcludeClipRect
GetObjectType
GetViewportExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetPixel
GetWindowExtEx
CreatePalette
SetTextAlign
StretchBlt
GetClipBox
SetPixelV
GetTextFaceW
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
SetPaletteEntries
ExtFloodFill
LPtoDP
GetPaletteEntries
GetNearestPaletteIndex
EnumFontFamiliesExW
Polyline
Polygon
CreatePolygonRgn
OffsetRgn
GetRgnBox
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
DPtoLP
SetRectRgn
GetMapMode
GetTextColor
GetBkColor
CreateRectRgnIndirect
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
SetROP2

advapi32

RegDeleteValueW
RegEnumKeyW
RegEnumKeyExW
RegEnumValueW
RegDeleteKeyW
RegQueryValueExW
RegCloseKey
RegQueryValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW

shell32

SHAppBarMessage
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
DragFinish
SHGetDesktopFolder
SHGetFileInfoW
Shell_NotifyIconW
ShellExecuteW
DragQueryFileW

ole32

ReleaseStgMedium
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoCreateGuid
OleDuplicateData
CoGetClassObject
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
DoDragDrop
OleGetClipboard
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
CoInitializeEx
CreateStreamOnHGlobal
CoUninitialize
CoCreateInstance
CreateILockBytesOnHGlobal
CoInitialize
CoDisconnectObject

oleaut32

SysAllocStringLen
VarBstrFromDate
SafeArrayDestroy
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear
VariantChangeType
VariantCopy
VariantInit
LoadTypeLi
SysFreeString
OleCreateFontIndirect
SysAllocString

comctl32

ImageList_Create
ImageList_AddMasked
InitCommonControlsEx
ImageList_Destroy

libcurl

curl_slist_free_all
curl_global_init
curl_global_cleanup
curl_easy_setopt
curl_easy_init
curl_easy_getinfo
curl_easy_cleanup
curl_slist_append
curl_easy_pause
curl_easy_perform

gdiplus

GdipCreateBitmapFromFile
GdipGetImageWidth
GdipSetCompositingMode
GdipGetImagePalette
GdipDeleteGraphics
GdiplusShutdown
GdipSetInterpolationMode
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipBitmapLockBits
GdipFree
GdipGetImagePixelFormat
GdipDisposeImage
GdipCreateFromHDC
GdipDrawImageRectI
GdipAlloc
GdipCreateBitmapFromStream
GdipBitmapUnlockBits
GdipCloneImage
GdipGetImagePaletteSize
GdipGetImageHeight
GdiplusStartup

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
StrFormatKBSizeW

uxtheme

GetThemePartSize
OpenThemeData
CloseThemeData
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
DrawThemeParentBackground
DrawThemeText
GetWindowTheme
IsAppThemed
DrawThemeBackground

oledlg

OleUIBusyW

ws2_32

WSACleanup

pdh

PdhGetFormattedCounterValue
PdhCloseQuery
PdhOpenQueryW
PdhRemoveCounter
PdhCollectQueryData
PdhAddCounterW

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 608KB - Virtual size: 607KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7375f57fb8b15746d94f7237f254244b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

libcurl

gdiplus

msimg32

shlwapi

uxtheme

oledlg

ws2_32

pdh

oleacc

imm32

winmm

winspool.drv

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 608KB - Virtual size: 607KB

.data Size: 34KB - Virtual size: 66KB

.pdata Size: 96KB - Virtual size: 95KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 64KB - Virtual size: 64KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 608KB - Virtual size: 607KB

.data
Size: 34KB - Virtual size: 66KB

.pdata
Size: 96KB - Virtual size: 95KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 64KB - Virtual size: 64KB