f87ff6ef800e99ea9a157c36f0dce855c379e18e01383929a46874d5c87d9ae4

Sharing

Copy URL Twitter E-mail

General

Target

f87ff6ef800e99ea9a157c36f0dce855c379e18e01383929a46874d5c87d9ae4
Size

989KB
MD5

832e09de46012a316581686a8e531ace
SHA1

ac72e3dc0c6f3519f4596a657c28ac0b264763ac
SHA256

f87ff6ef800e99ea9a157c36f0dce855c379e18e01383929a46874d5c87d9ae4
SHA512

10f03213bb220b05f9f869799e7c1c8d2e66a53e61896f806f873a803c2bb0bafce2e66f2599aa6fbd8adf29d1b7eb8a32b881f397b70040c400cff6fd1fe915
SSDEEP

12288:aBFFZSWf1I0vFT19L/h1UVMp6l5pt3z9q8YIQ+AnnBYHbRAwZpeY+7Gcxhj19mMc:mNp6XeIVm6bUY+7Gc7j2MXYrdGc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f87ff6ef800e99ea9a157c36f0dce855c379e18e01383929a46874d5c87d9ae4

Files

f87ff6ef800e99ea9a157c36f0dce855c379e18e01383929a46874d5c87d9ae4
.exe windows:5 windows x86 arch:x86

f7bb021c4f36466fa20bac4b7df02280

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileW
GetFullPathNameW
WritePrivateProfileStringW
GlobalFlags
GetTickCount
GetFileAttributesW
GetFileSizeEx
SetErrorMode
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
SetEnvironmentVariableA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetDriveTypeA
CreateProcessA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
FindClose
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetCurrentDirectoryA
IsValidCodePage
GetOEMCP
GetACP
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
GetCPInfo
LCMapStringW
LCMapStringA
VirtualQuery
VirtualAlloc
VirtualProtect
GetFileType
SetStdHandle
CreateThread
ExitThread
GetDateFormatA
GetTimeFormatA
DeleteFileA
ExitProcess
MoveFileA
GetDriveTypeW
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetStartupInfoW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
FileTimeToLocalFileTime
lstrlenA
FileTimeToSystemTime
GetThreadLocale
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
SuspendThread
SetThreadPriority
GetCurrentProcessId
GlobalGetAtomNameW
GlobalAddAtomW
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
CompareStringA
lstrcmpW
SetLastError
LocalFree
FreeResource
MulDiv
CreateEventW
ResumeThread
SetEvent
ResetEvent
FormatMessageW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
InterlockedDecrement
GetModuleHandleA
GetModuleFileNameA
DeleteFileW
IsDebuggerPresent
GetCurrentProcess
GetVersionExW
GetProcAddress
GetSystemInfo
ExpandEnvironmentStringsW
GetFileAttributesA
CreateDirectoryW
GetModuleHandleW
GetTempPathW
GetTempFileNameW
SearchPathW
CreateFileW
GetFileTime
SetFileTime
ReadFile
lstrcpynW
GetEnvironmentVariableW
lstrcpyW
GetFileSize
CreateFileMappingW
MapViewOfFile
lstrcmpiW
UnmapViewOfFile
WaitForMultipleObjects
GetExitCodeProcess
WaitForSingleObject
CloseHandle
QueryPerformanceCounter
QueryPerformanceFrequency
GetLocaleInfoW
LoadLibraryW
FreeLibrary
CreateTimerQueueTimer
InterlockedExchangeAdd
InterlockedExchange
DeleteTimerQueueTimer
GetModuleFileNameW
GetComputerNameW
Sleep
GetCommandLineA
lstrlenW
GetVolumeInformationW
GetLastError
OutputDebugStringW
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
WideCharToMultiByte
GetLocaleInfoA

user32

CopyRect
ReleaseCapture
LoadIconW
ShowWindow
SetForegroundWindow
SetFocus
EndDialog
SetWindowLongW
MoveWindow
AppendMenuW
EnumChildWindows
GetClassNameW
GetSystemMetrics
EnableMenuItem
EnableWindow
GetActiveWindow
GetClientRect
GetWindowRect
UpdateWindow
GetSystemMenu
SendMessageW
DeleteMenu
DrawIcon
SetWindowContextHelpId
GetNextDlgGroupItem
GetNextDlgTabItem
MessageBeep
CopyAcceleratorTableW
InvalidateRgn
CharNextW
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
InflateRect
GetMenuItemInfoW
SystemParametersInfoW
CreateDialogIndirectParamW
CharUpperW
GetSysColorBrush
PostThreadMessageW
UnregisterClassW
PostMessageW
DestroyIcon
LoadImageW
CreateIconIndirect
LookupIconIdFromDirectoryEx
CreateIconFromResourceEx
PeekMessageW
GetMessageW
IsIconic
TranslateMessage
MapDialogRect
SetWindowTextW
IsDialogMessageW
DispatchMessageW
SendDlgItemMessageW
SendDlgItemMessageA
IsChild
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
CallWindowProcW
PtInRect
SystemParametersInfoA
GetWindowPlacement
ShowOwnedPopups
SetWindowsHookExW
CallNextHookEx
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
CheckMenuItem
UnpackDDElParam
ReuseDDElParam
LoadMenuW
DestroyMenu
WinHelpW
SetWindowPos
GetWindowThreadProcessId
IsWindowEnabled
EqualRect
GetDlgItem
GetDlgCtrlID
GetKeyState
SetCursor
GetCapture
LoadAcceleratorsW
SetActiveWindow
IsWindowVisible
InsertMenuItemW
CreatePopupMenu
GetClassInfoW
IntersectRect
OffsetRect
SetRectEmpty
GetMenu
GetLastActivePopup
BringWindowToTop
SetMenu
GetDesktopWindow
GetWindow
GetWindowLongW
IsWindow
TranslateAcceleratorW
IsRectEmpty
InvalidateRect
SetCapture
GetParent
FillRect
ReleaseDC
GetDC
SetRect
PostQuitMessage
MessageBoxW
RegisterClipboardFormatW
GetSysColor
DefWindowProcW
CreateWindowExW
RegisterClassExW
LoadCursorW
RegisterWindowMessageW
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState

advapi32

RegCloseKey
CryptDestroyHash
CryptHashData
CryptReleaseContext
CryptCreateHash
CryptAcquireContextW
RegQueryValueExW
RegOpenKeyExW
GetUserNameA
RegEnumKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyW
RegEnumKeyW
RegOpenKeyW
RegQueryValueW
RegCreateKeyExW
CryptGetHashParam

ole32

CoInitializeEx
CoCreateInstance
CoGetClassObject
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoSetProxyBlanket
CreateStreamOnHGlobal
CoInitializeSecurity
CoUninitialize

shell32

DragQueryFileW
SHGetMalloc
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHCreateDirectoryExW
SHGetFolderPathW
ShellExecuteW
SHChangeNotify
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteExW
DragFinish
Shell_NotifyIconW

oleaut32

OleCreateFontIndirect
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
OleLoadPicture
SysAllocStringLen
VariantCopy
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysFreeString
VariantChangeType
VariantClear
VariantInit

shlwapi

StrStrIW
StrStrIA
PathFindFileNameW
PathFindExtensionW
UrlUnescapeW
PathStripToRootW
PathIsUNCW

gdi32

SetBkColor
GetPixel
SelectObject
CreateCompatibleDC
CreateBitmap
DeleteObject
CreateHatchBrush
DeleteDC
CreateCompatibleBitmap
GetDeviceCaps
GetObjectW
GetStockObject
CreatePen
CreateFontIndirectW
ExtTextOutW
GetClipBox
SetTextColor
CreateRectRgnIndirect
GetRgnBox
GetBkColor
GetTextColor
SaveDC
RestoreDC
SetBkMode
SetMapMode
BitBlt
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetMapMode
GetTextExtentPoint32W
CreateSolidBrush

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

oledlg

OleUIBusyW

urlmon

URLDownloadToFileW

rpcrt4

UuidCreate
UuidToStringA

oleacc

LresultFromObject
CreateStdAccessibleObject

wininet

InternetQueryOptionW
InternetGetLastResponseInfoW
InternetSetStatusCallbackW
InternetSetFilePointer
InternetWriteFile
InternetOpenUrlW
InternetCrackUrlW
HttpOpenRequestW
HttpAddRequestHeadersW
InternetSetOptionW
HttpSendRequestW
HttpQueryInfoW
HttpQueryInfoA
InternetReadFile
InternetQueryDataAvailable
InternetCloseHandle
InternetOpenW
InternetConnectW
InternetCanonicalizeUrlW

Sections

.text
Size: 541KB - Virtual size: 541KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7bb021c4f36466fa20bac4b7df02280

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shell32

oleaut32

shlwapi

gdi32

comdlg32

winspool.drv

oledlg

urlmon

rpcrt4

oleacc

wininet

Sections

.text Size: 541KB - Virtual size: 541KB

.rdata Size: 155KB - Virtual size: 155KB

.data Size: 15KB - Virtual size: 32KB

.rsrc Size: 216KB - Virtual size: 216KB

.reloc Size: 59KB - Virtual size: 59KB

.text
Size: 541KB - Virtual size: 541KB

.rdata
Size: 155KB - Virtual size: 155KB

.data
Size: 15KB - Virtual size: 32KB

.rsrc
Size: 216KB - Virtual size: 216KB

.reloc
Size: 59KB - Virtual size: 59KB