34ab07af89a1c844499728b49f31278b0e28befa20bc3875b521f610ed4656f2

Sharing

Copy URL Twitter E-mail

General

Target

34ab07af89a1c844499728b49f31278b0e28befa20bc3875b521f610ed4656f2
Size

300KB
MD5

42918f32eb56a195d46812f909e4113d
SHA1

1132eb33563925cc6061cc0aa3d71e2c6e8bf3d4
SHA256

34ab07af89a1c844499728b49f31278b0e28befa20bc3875b521f610ed4656f2
SHA512

9477eacf8b36a2ed24d8aeebd103e2f507f582c5e318fdcbdedb8281202c6a8b5e98ef96924aa0b8d397ac6edc2bfda5b793e343e3f11066a2a1d25e60007d52
SSDEEP

6144:nUIpLQHP1a8Vqw3wT2DLt8jnSdxd2kCo0tcd95rTpl:nUl4w3wTWekCoacJf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34ab07af89a1c844499728b49f31278b0e28befa20bc3875b521f610ed4656f2

Files

34ab07af89a1c844499728b49f31278b0e28befa20bc3875b521f610ed4656f2
.exe windows:4 windows x86 arch:x86

0e130f51cfb6206bdc93e3a40927c9c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mmioOpenA
mmioDescend
mmioRead
mmioAscend
midiOutReset
midiOutUnprepareHeader
midiStreamClose
midiStreamOpen
timeEndPeriod
timeKillEvent
timeSetEvent
timeBeginPeriod
timeGetDevCaps
midiStreamProperty
midiOutPrepareHeader
midiStreamOut
midiStreamRestart
midiStreamStop
mciSendCommandA
mciGetErrorStringA
PlaySoundA
timeGetTime

kernel32

TlsAlloc
DeleteCriticalSection
TlsFree
LeaveCriticalSection
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
GetCurrentDirectoryA
GetFileAttributesA
GetFileTime
SetErrorMode
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
TerminateProcess
GetFileType
GetStartupInfoA
GetCommandLineA
RaiseException
HeapFree
HeapAlloc
GetACP
HeapReAlloc
HeapSize
SetStdHandle
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFullPathNameA
Sleep
GlobalMemoryStatus
GlobalUnlock
GlobalLock
LocalFree
LocalAlloc
GlobalAlloc
GlobalReAlloc
_lclose
OpenFile
GlobalFree
_lwrite
CloseHandle
CreateFileA
ReadFile
GetFileSize
SetFilePointer
GetDriveTypeA
GetWindowsDirectoryA
FindClose
FileTimeToLocalFileTime
FindFirstFileA
GetVersionExA
GlobalHandle
InitializeCriticalSection
LockResource
LoadResource
FindResourceA
FindNextFileA
GetVersion
GlobalAddAtomA
GlobalGetAtomNameA
lstrcpynA
lstrlenA
lstrcpyA
lstrcatA
GetProcAddress
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
lstrcmpiA
GetCurrentThreadId
FreeLibrary
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
SetLastError
MulDiv
GetCurrentThread
lstrcmpA
FileTimeToSystemTime
GetLastError
DuplicateHandle
GetCurrentProcess
WriteFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DeleteFileA
GetVolumeInformationA
GetModuleFileNameA

user32

DefWindowProcA
GetWindowTextA
GetWindowTextLengthA
TrackPopupMenu
RegisterClassA
MessageBoxA
GetTopWindow
SetScrollPos
SetScrollRange
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
ScreenToClient
AdjustWindowRectEx
DispatchMessageA
GetSysColor
MapWindowPoints
SendDlgItemMessageA
IsDialogMessageA
SetWindowTextA
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
ClientToScreen
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
UnregisterClassA
PostQuitMessage
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
CharUpperA
CreateDialogIndirectParamA
EndDialog
ShowOwnedPopups
GetClassNameA
GetSysColorBrush
LoadStringA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SystemParametersInfoA
GetWindowPlacement
GetLastActivePopup
BringWindowToTop
IsWindowVisible
IsIconic
GetFocus
CopyRect
GetDlgItem
SetWindowLongA
GetKeyState
SetWindowPos
GetDlgCtrlID
GetMenuItemCount
GetSubMenu
GetMenuItemID
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
GetMenu
GetClassInfoA
DestroyMenu
SetFocus
GetParent
GetActiveWindow
ShowWindow
GetWindowLongA
IsWindow
GetWindow
IsWindowEnabled
GetCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
LoadIconA
EnableWindow
EqualRect
PtInRect
SetCursor
CreateMenu
AppendMenuA
CreatePopupMenu
KillTimer
SetTimer
PostMessageA
LoadCursorA
PeekMessageA
EnumDisplaySettingsA
ChangeDisplaySettingsA
FindWindowA
UnionRect
ReleaseDC
OffsetRect
UpdateWindow
GetDC
SendMessageA
GetSystemMetrics
AdjustWindowRect
GetDesktopWindow
GetWindowRect
SetCapture
ReleaseCapture
GetClientRect
InvalidateRect
wsprintfA
LoadMenuA
DestroyWindow
RegisterWindowMessageA

gdi32

Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
LineTo
MoveToEx
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetBkMode
SelectObject
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateFontA
SetPixel
CreateRectRgnIndirect
CreatePatternBrush
SelectPalette
RoundRect
StretchBlt
GetDIBits
CreatePen
AnimatePalette
CreateBitmap
GetPixel
CreateCompatibleBitmap
CreateDIBitmap
DeleteObject
CreateDIBSection
PatBlt
CreatePalette
GetStockObject
CreateICA
DeleteDC
BitBlt
CreateSolidBrush
Rectangle
GetTextExtentPoint32A
CreateCompatibleDC
SetDIBColorTable
GetDeviceCaps
RealizePalette

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

DragQueryFileA
DragFinish

comctl32

ord17

Sections

.text
Size: 224KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e130f51cfb6206bdc93e3a40927c9c7

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 224KB - Virtual size: 220KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 32KB - Virtual size: 93KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 224KB - Virtual size: 220KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 32KB - Virtual size: 93KB

.rsrc
Size: 8KB - Virtual size: 6KB