7e241c8d5ab3366f3ab3a1d6c9ede684a23eb7a6d65c185bf0477bfddd140af4

Sharing

Copy URL Twitter E-mail

General

Target

7e241c8d5ab3366f3ab3a1d6c9ede684a23eb7a6d65c185bf0477bfddd140af4
Size

7.2MB
MD5

c2659e6aff50e5006152992874069082
SHA1

41d27ef303f6d8d0bb674d2f86b130a10fd8f9fe
SHA256

7e241c8d5ab3366f3ab3a1d6c9ede684a23eb7a6d65c185bf0477bfddd140af4
SHA512

29c3c6a87455d55f29369e634b0edac9561948aad0e5b3379391ccdb366a74a5f76d6e7abbfdeb56511da5b80337dc45411b6b73828702f56edfbe7b13d118b5
SSDEEP

196608:k6Y0sen7+cBx2b1auk7DQXFwQKrsc0zFLOyomFHKnPgL:s5ItBDQ1NKrsFFJL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7e241c8d5ab3366f3ab3a1d6c9ede684a23eb7a6d65c185bf0477bfddd140af4

Files

7e241c8d5ab3366f3ab3a1d6c9ede684a23eb7a6d65c185bf0477bfddd140af4
.exe windows:5 windows x86 arch:x86

eb261ba67775f7abc97684254e816284

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACleanup
WSAGetLastError
__WSAFDIsSet
select
WSASetLastError
recv
send
bind
closesocket
connect
getpeername
getsockname
getsockopt
htons
ntohs
setsockopt
WSAIoctl
getaddrinfo
freeaddrinfo
accept
listen
recvfrom
sendto
ioctlsocket
gethostname
WSAStartup
getservbyname
gethostbyname
htonl
shutdown
socket

kernel32

GetUserDefaultLCID
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
ResetEvent
WaitForSingleObjectEx
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetTimeZoneInformation
SetErrorMode
EnumSystemLocalesW
IsValidLocale
GetOEMCP
IsValidCodePage
GetConsoleCP
ReadConsoleW
GetConsoleMode
SetStdHandle
VirtualQuery
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineW
GetCommandLineA
SetFilePointerEx
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetACP
RtlUnwind
GetStringTypeW
LCMapStringW
GetCPInfo
GetTempFileNameW
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
GetProfileIntW
SearchPathW
ExitProcess
FindResourceExW
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalGetAtomNameW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
LocalAlloc
lstrcmpiW
DuplicateHandle
UnlockFile
LockFile
GetFullPathNameW
FlushFileBuffers
ResumeThread
SetThreadPriority
CreateEventW
SetEvent
GetPrivateProfileIntW
GetCurrentThread
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
lstrcmpA
GlobalSize
GetCurrentProcessId
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleA
FreeResource
GetCurrentThreadId
EncodePointer
OutputDebugStringA
VerifyVersionInfoW
VerSetConditionMask
FormatMessageA
PeekNamedPipe
GetStdHandle
GetFileType
WaitForMultipleObjects
ExpandEnvironmentStringsA
GetTickCount
SleepEx
InitializeCriticalSection
SetEndOfFile
GetFileSize
ReleaseMutex
CreateMutexA
VirtualAlloc
InterlockedCompareExchange
VirtualFree
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFilePointer
SetFileTime
SetLastError
ReadFile
GetCurrentProcess
GlobalUnlock
GlobalLock
CopyFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
RemoveDirectoryW
DeleteFileW
GetFileAttributesW
LocalFree
FormatMessageW
CopyFileExW
MoveFileWithProgressW
WriteFile
GetTempPathW
OutputDebugStringW
GetWindowsDirectoryW
GetSystemDirectoryW
FindClose
FindNextFileW
FindFirstFileW
MulDiv
GetVolumeInformationW
DefineDosDeviceW
DeviceIoControl
CreateFileW
GlobalFree
GlobalAlloc
CloseHandle
CreateDirectoryW
GetLocalTime
SetFileAttributesW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
HeapFree
SetConsoleMode
GetLastError
WritePrivateProfileStringW
GetPrivateProfileStringW
GetCurrentDirectoryW
GetModuleFileNameW
WinExec
lstrlenW
lstrcatW
GetDiskFreeSpaceExW
GetDriveTypeW
GetLogicalDriveStringsW
Sleep
GlobalMemoryStatusEx
GetModuleHandleW
GetVersionExW
GetSystemInfo
FreeLibrary
GetProcAddress
LoadLibraryW
lstrcpyW
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
FindFirstFileExW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetConsoleCtrlHandler
WriteConsoleW
GetSystemTime
FlushConsoleInputBuffer
GlobalMemoryStatus
ReadConsoleInputA

user32

SystemParametersInfoW
SetLayeredWindowAttributes
DrawIconEx
IsRectEmpty
DrawFocusRect
GetSysColorBrush
SetWindowRgn
DrawFrameControl
DrawEdge
PostQuitMessage
MapVirtualKeyW
GetKeyNameTextW
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
DrawStateW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuState
GetMenuStringW
GetWindowThreadProcessId
FillRect
GetWindowDC
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
EqualRect
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
EnumDisplayMonitors
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
TrackMouseEvent
IsZoomed
PostThreadMessageW
WaitMessage
SubtractRect
IsClipboardFormatAvailable
IsCharLowerW
SetMenu
GetMenu
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
SetCapture
GetSystemMenu
DeleteMenu
MessageBeep
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
GetSubMenu
LoadMenuW
GetNextDlgGroupItem
GetMessageW
TranslateMessage
ShowOwnedPopups
CharUpperW
DestroyMenu
GetMenuItemInfoW
CopyImage
SendDlgItemMessageA
RealChildWindowFromPoint
GetAsyncKeyState
GetScrollRange
MapDialogRect
MapVirtualKeyExW
DrawMenuBar
ReleaseCapture
ClientToScreen
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetComboBoxInfo
CreateMenu
HideCaret
InvertRect
FrameRect
DestroyCursor
GetWindowRgn
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation
CharUpperBuffW
RegisterClipboardFormatW
CopyAcceleratorTableW
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
GetUpdateRect
SetClassLongW
DestroyAcceleratorTable
ModifyMenuW
CopyIcon
RedrawWindow
EnableWindow
GetClientRect
SendMessageW
InvalidateRect
GetParent
IsWindow
PostMessageW
GetSysColor
InflateRect
GetIconInfo
DrawTextW
IntersectRect
GetWindowRect
GetSystemMetrics
KillTimer
SetTimer
LoadCursorW
SetWindowLongW
GetMessagePos
ScreenToClient
PtInRect
SetCursor
GetDC
ReleaseDC
UnregisterClassW
LoadIconW
IsIconic
DrawIcon
SetRectEmpty
OffsetRect
GetScrollInfo
UpdateWindow
CopyRect
TabbedTextOutW
DrawTextExW
GrayStringW
ExitWindowsEx
GetWindowLongW
GetCapture
GetDoubleClickTime
LockWindowUpdate
BringWindowToTop
SetRect
SetCursorPos
LoadImageW
DestroyIcon
GetCursorPos
WindowFromPoint
EmptyClipboard

gdi32

LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CopyMetaFileW
CreateDCW
CombineRgn
CreateRectRgnIndirect
SetRectRgn
DPtoLP
IntersectClipRect
Ellipse
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
Polyline
GetTextMetricsW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
CreateDIBSection
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
Rectangle
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
EnumFontFamiliesExW
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceW
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetDeviceCaps
GetClipBox
ExcludeClipRect
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
CreateBitmap
SetBkColor
DeleteObject
Escape
ExtTextOutW
RectVisible
PtVisible
TextOutW
CreatePen
PatBlt
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
GetTextExtentPoint32W
GetStockObject
SetBkMode
SetTextColor
SelectObject
GetObjectW
CreateFontIndirectW
CreateEllipticRgn
SetMapMode
CreateSolidBrush

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
CryptEnumProvidersA
CryptSignHashA
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptAcquireContextA
ReportEventA
RegisterEventSourceA
DeregisterEventSource
RegQueryValueW
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptEncrypt
RegCloseKey
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
CryptDecrypt
CryptReleaseContext
CryptDestroyHash
CryptDestroyKey

shell32

DragQueryFileW
SHAppBarMessage
SHGetFileInfoW
DragFinish
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHGetFolderPathW
SHCreateDirectoryExW
ShellExecuteW
SHGetDesktopFolder

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathStripToRootW
PathIsUNCW
PathRemoveExtensionW
PathFindExtensionW
PathIsDirectoryW
PathRemoveFileSpecW
PathFindFileNameW
PathFileExistsW
StrFormatKBSizeW

uxtheme

DrawThemeBackground
GetCurrentThemeName
DrawThemeParentBackground
DrawThemeText
GetWindowTheme
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetThemeColor
CloseThemeData
IsAppThemed
OpenThemeData

ole32

StringFromGUID2
CreateStreamOnHGlobal
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoDisconnectObject
CoInitialize
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoCreateInstance
OleCreateMenuDescriptor

oleaut32

SysFreeString
SysAllocString
VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadTypeLi
VariantChangeType
SysAllocStringLen
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayUnaccessData
SafeArrayAccessData
VariantClear
VariantInit
SysStringLen
VarBstrCat

gdiplus

GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipSetInterpolationMode
GdipGetImageWidth
GdipLoadImageFromStream
GdipReleaseDC
GdiplusStartup
GdipDrawString
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteFont
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipGetDpiY
GdipDeleteStringFormat
GdipCreateStringFormat
GdipGraphicsClear
GdipDrawPath
GdipClosePathFigure
GdipAddPathLineI
GdipAddPathArcI
GdipDeletePen
GdipCreatePen1
GdipDeletePath
GdipCreatePath
GdipFillPath
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipSetSmoothingMode
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipDrawImageRectI
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipCloneImage
GdipDisposeImage
GdipFillRectangleI
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateSolidFill
GdipCloneBrush
GdipAlloc
GdipDeleteBrush
GdipFree

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

crypt32

CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 919KB - Virtual size: 919KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb261ba67775f7abc97684254e816284

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

setupapi

version

oleacc

imm32

winmm

crypt32

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 919KB - Virtual size: 919KB

.data Size: 63KB - Virtual size: 102KB

.gfids Size: 106KB - Virtual size: 105KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 3.2MB - Virtual size: 3.2MB

.reloc Size: 189KB - Virtual size: 188KB

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 919KB - Virtual size: 919KB

.data
Size: 63KB - Virtual size: 102KB

.gfids
Size: 106KB - Virtual size: 105KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 3.2MB - Virtual size: 3.2MB

.reloc
Size: 189KB - Virtual size: 188KB