6bbae5bd95eb44107a8193da56aa9fc692eeecb0e2514998b3fb30537af22a96

Sharing

Copy URL

Twitter E-mail

General

Target

6bbae5bd95eb44107a8193da56aa9fc692eeecb0e2514998b3fb30537af22a96
Size

942KB
MD5

56935781bbbe3b5e8b8b5d7edbfbe35d
SHA1

d2b8e561ce4d6b7d4c37ffbcab951b485a5bee98
SHA256

6bbae5bd95eb44107a8193da56aa9fc692eeecb0e2514998b3fb30537af22a96
SHA512

1cf66ca4f3dec8befc0c22c92506394a86db3d0afba837cb7f3614cad19b9f869273004607f135828ab32e45c5040f0099ec1e8ee9d30ccbdefe2cde46740b10
SSDEEP

12288:2lqkFy2XSqit++2obQuQTAiPM19gQKbKCiUZKOm/c7oUZey9m5htL0VJn:Kqb8it+yQuQTk9gQKPiUZecSbL0V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6bbae5bd95eb44107a8193da56aa9fc692eeecb0e2514998b3fb30537af22a96

Files

6bbae5bd95eb44107a8193da56aa9fc692eeecb0e2514998b3fb30537af22a96
.exe windows:5 windows x86 arch:x86

4c38da978980a156c78192fe393c7a25

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringW
GlobalFlags
GetTickCount
GetFileAttributesW
GetFileSizeEx
SetErrorMode
GetStartupInfoW
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetSystemTimeAsFileTime
HeapAlloc
ExitProcess
DeleteFileA
HeapReAlloc
GetTimeFormatA
GetDateFormatA
ExitThread
CreateThread
HeapSize
SetStdHandle
GetFileType
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetProcessHeap
SetEnvironmentVariableA
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
FileTimeToLocalFileTime
lstrlenA
FileTimeToSystemTime
GetModuleHandleA
GetThreadLocale
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
SuspendThread
SetThreadPriority
GetCurrentProcessId
GlobalGetAtomNameW
GlobalAddAtomW
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
LoadLibraryExW
CompareStringA
lstrcmpW
SetLastError
LocalFree
GetVersionExW
InterlockedDecrement
GetProcAddress
GetCurrentProcess
FreeResource
MulDiv
CreateEventW
ResumeThread
SetEvent
WaitForSingleObject
ResetEvent
FormatMessageW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
ExpandEnvironmentStringsW
GetFileAttributesA
CreateDirectoryW
GetModuleHandleW
GetTempPathW
GetTempFileNameW
SearchPathW
CreateFileW
GetFileTime
SetFileTime
ReadFile
lstrcpynW
GetEnvironmentVariableW
lstrcpyW
GetFileSize
CreateFileMappingW
MapViewOfFile
lstrcmpiW
UnmapViewOfFile
QueryPerformanceFrequency
QueryPerformanceCounter
WaitForMultipleObjects
GetExitCodeProcess
CloseHandle
GetLocaleInfoW
LoadLibraryW
FreeLibrary
CreateTimerQueueTimer
InterlockedExchangeAdd
InterlockedExchange
DeleteTimerQueueTimer
GetModuleFileNameW
Sleep
GetCommandLineA
lstrlenW
FindResourceW
LoadResource
LockResource
SizeofResource
GetLastError
MultiByteToWideChar
GetStdHandle
WideCharToMultiByte

user32

EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
CharNextW
InvalidateRgn
CopyAcceleratorTableW
MessageBeep
GetNextDlgTabItem
GetNextDlgGroupItem
SetWindowContextHelpId
MapDialogRect
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
SendDlgItemMessageA
IsChild
GetClassLongW
GetPropW
RemovePropW
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
InflateRect
CallWindowProcW
PtInRect
SystemParametersInfoA
GetWindowPlacement
ShowOwnedPopups
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
CheckMenuItem
UnpackDDElParam
ReuseDDElParam
LoadMenuW
DestroyMenu
WinHelpW
SetWindowPos
GetWindowThreadProcessId
IsWindowEnabled
EqualRect
GetDlgItem
GetDlgCtrlID
GetKeyState
SetCursor
PeekMessageW
DrawIcon
DeleteMenu
SendMessageW
GetSystemMenu
GetCapture
LoadAcceleratorsW
SetActiveWindow
IsWindowVisible
InsertMenuItemW
CreatePopupMenu
GetClassInfoW
IntersectRect
OffsetRect
SetRectEmpty
GetMenu
GetLastActivePopup
BringWindowToTop
SetMenu
GetDesktopWindow
GetWindow
GetWindowLongW
IsWindow
TranslateAcceleratorW
PostQuitMessage
GetMenuState
PostThreadMessageW
UnregisterClassW
RegisterClipboardFormatW
GetMenuItemInfoW
GetSysColorBrush
CharUpperW
CreateDialogIndirectParamW
SystemParametersInfoW
IsIconic
GetWindowRect
GetClientRect
GetActiveWindow
EnableWindow
EnableMenuItem
GetSystemMetrics
GetClassNameW
EnumChildWindows
GetSysColor
MessageBoxW
CreateIconFromResourceEx
LookupIconIdFromDirectoryEx
CreateIconIndirect
LoadImageW
DestroyIcon
PostMessageW
UpdateWindow
AppendMenuW
MoveWindow
SetWindowLongW
EndDialog
SetFocus
SetForegroundWindow
ShowWindow
LoadIconW
ReleaseCapture
CopyRect
IsRectEmpty
InvalidateRect
SetCapture
GetParent
FillRect
ReleaseDC
GetDC
SetRect
DefWindowProcW
CreateWindowExW
RegisterClassExW
LoadCursorW
RegisterWindowMessageW
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetPropW

gdi32

CreatePatternBrush
GetMapMode
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetTextExtentPoint32W
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetTextColor
GetBkColor
GetRgnBox
CreateRectRgnIndirect
SetTextColor
GetClipBox
ExtTextOutW
CreateFontIndirectW
CreatePen
GetStockObject
GetObjectW
GetDeviceCaps
CreateCompatibleBitmap
DeleteDC
CreateHatchBrush
DeleteObject
CreateBitmap
CreateCompatibleDC
SelectObject
GetPixel
SetBkColor
BitBlt
CreateSolidBrush

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegCreateKeyW
RegSetValueExW
RegQueryInfoKeyW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
CryptAcquireContextW
CryptCreateHash
CryptReleaseContext
CryptHashData
CryptDestroyHash
CryptGetHashParam

shell32

SHGetFolderPathW
ShellExecuteW
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
Shell_NotifyIconW
DragFinish
DragQueryFileW
ShellExecuteExW

shlwapi

UrlUnescapeW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoUninitialize
CoRegisterMessageFilter
CoInitialize
CreateStreamOnHGlobal
CoSetProxyBlanket
CoCreateInstance
CoInitializeSecurity
CoInitializeEx
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard

oleaut32

VariantCopy
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
OleLoadPicture
SysStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
OleCreateFontIndirect
SysAllocString
SysFreeString
VariantChangeType
VariantClear
VariantInit

urlmon

URLDownloadToFileW

oleacc

LresultFromObject
CreateStdAccessibleObject

wininet

InternetOpenUrlW
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW
HttpOpenRequestW
HttpAddRequestHeadersW
InternetSetOptionW
HttpSendRequestW
HttpQueryInfoW
HttpQueryInfoA
InternetReadFile
InternetQueryDataAvailable
InternetCloseHandle
InternetOpenW
InternetConnectW

Sections

.text
Size: 510KB - Virtual size: 510KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 214KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c38da978980a156c78192fe393c7a25

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

urlmon

oleacc

wininet

Sections

.text Size: 510KB - Virtual size: 510KB

.rdata Size: 144KB - Virtual size: 143KB

.data Size: 15KB - Virtual size: 32KB

.rsrc Size: 214KB - Virtual size: 214KB

.reloc Size: 57KB - Virtual size: 56KB

.text
Size: 510KB - Virtual size: 510KB

.rdata
Size: 144KB - Virtual size: 143KB

.data
Size: 15KB - Virtual size: 32KB

.rsrc
Size: 214KB - Virtual size: 214KB

.reloc
Size: 57KB - Virtual size: 56KB