ca4ef7ebeded3bc8dcb6eed8e8b726dfe2e8a3e0dd23b5a7463e626fbf012ed8

Sharing

Copy URL

Twitter E-mail

General

Target

ca4ef7ebeded3bc8dcb6eed8e8b726dfe2e8a3e0dd23b5a7463e626fbf012ed8
Size

14.4MB
MD5

bde3183e19f223bbe13f479c4813cad9
SHA1

1b010d7ef62926a0eefe41fdefce4973918d4fe0
SHA256

ca4ef7ebeded3bc8dcb6eed8e8b726dfe2e8a3e0dd23b5a7463e626fbf012ed8
SHA512

671b6604073feed44aec8ddb167ec19170929db430ef5ce3a8b82f96688d8bf1463f97c2742c9fb7df006450f2e939bee532be9bcca97f57e6f20209e1e12a89
SSDEEP

393216:LB8HvUilCyrxwPCgYcbcLzy6K5zhgZj5ry0:4DzrcbqyZizy0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca4ef7ebeded3bc8dcb6eed8e8b726dfe2e8a3e0dd23b5a7463e626fbf012ed8

Files

ca4ef7ebeded3bc8dcb6eed8e8b726dfe2e8a3e0dd23b5a7463e626fbf012ed8
.exe windows:5 windows x86 arch:x86

6c7d9faf4070a90695edaf72353ace02

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx
ImageList_GetIconSize
_TrackMouseEvent
ord17

gdi32

SetPixelV
GetTextFaceW
EnumFontFamiliesExW
GetSystemPaletteEntries
GetNearestPaletteIndex
SetPaletteEntries
ExtFloodFill
LPtoDP
GetViewportOrgEx
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetWindowOrgEx
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreatePolygonRgn
CreateEllipticRgn
DPtoLP
GetMapMode
SetRectRgn
GetBkColor
SetPixel
RealizePalette
SetDIBColorTable
GetTextColor
GetTextCharsetInfo
CreateDIBitmap
GetRgnBox
OffsetRgn
CreateHatchBrush
GetObjectType
SelectPalette
CreatePatternBrush
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SetTextAlign
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
PatBlt
CopyMetaFileW
CreateBitmap
GetDCOrgEx
EnumFontFamiliesW
GetCharABCWidthsW
GetTextExtentPoint32W
TextOutW
SetBkMode
SetTextColor
RoundRect
CreatePenIndirect
MoveToEx
LineTo
CreateSolidBrush
SetBkColor
ExtTextOutW
SetStretchBltMode
CreateDIBSection
StretchBlt
CombineRgn
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
SelectClipRgn
GetDeviceCaps
GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
SaveDC
BitBlt
RestoreDC
Rectangle
SetWindowOrgEx
DeleteDC
CreatePen
GetStockObject
GetObjectW
CreateFontIndirectW
SelectObject
GetTextMetricsW
CreateRoundRectRgn
DeleteObject
GetDIBits

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

LoadLibraryExW
GetSystemTimeAsFileTime
FormatMessageA
FormatMessageW
GetVersionExW
GetFileAttributesW
GetTempPathW
Process32FirstW
RemoveDirectoryW
CreateProcessW
GetSystemInfo
Process32NextW
CreateToolhelp32Snapshot
lstrlenW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
GetTempFileNameW
SetEnvironmentVariableA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
GetDateFormatA
GetTimeFormatA
GetTimeZoneInformation
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
GetCPInfo
QueryPerformanceCounter
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetStdHandle
VirtualQuery
VirtualAlloc
HeapSize
CreateThread
ExitThread
HeapAlloc
HeapReAlloc
HeapFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RaiseException
RtlUnwind
GetStartupInfoW
FindResourceExW
VirtualProtect
GetProfileIntW
SearchPathW
GetFileTime
GetCurrentThreadId
GetCurrentProcessId
FileTimeToSystemTime
FileTimeToLocalFileTime
GetQueuedCompletionStatus
CreateIoCompletionPort
lstrcpyW
ResetEvent
SetThreadPriority
ResumeThread
CreateMutexW
GlobalUnlock
GlobalAlloc
GlobalLock
GetLocalTime
GetFileSizeEx
SetErrorMode
lstrlenA
GlobalGetAtomNameW
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetModuleHandleA
InterlockedDecrement
GetVolumeInformationW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GlobalSize
LocalFree
GetThreadLocale
GlobalFree
WritePrivateProfileStringW
GetPrivateProfileIntW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
InterlockedIncrement
SetFileTime
LoadLibraryA
SetLastError
FreeLibrary
lstrcmpW
GetVersionExA
GetLastError
ExitProcess
LockResource
SizeofResource
FreeResource
LoadResource
FindResourceW
Sleep
FindClose
FindNextFileW
DeleteFileW
CopyFileW
MoveFileW
SetFileAttributesW
FindFirstFileW
CloseHandle
WriteFile
CreateFileW
SetCurrentDirectoryW
GetDiskFreeSpaceExW
GetDriveTypeW
GetLogicalDriveStringsW
WaitForSingleObject
TerminateProcess
OpenProcess
GetModuleFileNameW
GetCurrentDirectoryW
GetProcAddress
LoadLibraryW
GetModuleHandleW
GetTickCount
MultiByteToWideChar
ReadFile
GetFileSize
GetACP
MulDiv
WideCharToMultiByte
SetFilePointer
CreateDirectoryW
DosDateTimeToFileTime
SystemTimeToFileTime
GetCurrentProcess
SuspendThread
SetEvent
GetFullPathNameW
GetFileType
DuplicateHandle
CreateEventW

user32

ClientToScreen
GetSysColor
IntersectRect
FillRect
DrawTextW
CharPrevW
SetRect
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
InvalidateRgn
MoveWindow
CreateAcceleratorTableW
LoadImageW
GetSystemMetrics
CallWindowProcW
GetPropW
SetPropW
AdjustWindowRectEx
GetMenu
RegisterClassExW
GetClassInfoExW
SetClipboardData
OpenClipboard
GetParent
SystemParametersInfoW
SetWindowPos
GetWindow
ShowWindow
EmptyClipboard
EnableWindow
IsWindow
SetCaretPos
GetMessageW
DestroyCursor
GetWindowRgn
CreateMenu
GetDoubleClickTime
GetIconInfo
SubtractRect
CopyIcon
CharUpperBuffW
FrameRect
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
MapVirtualKeyExW
IsCharLowerW
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
SetCursorPos
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
GetNextDlgGroupItem
UnregisterClassW
DestroyIcon
CopyImage
ShowCaret
HideCaret
CreateCaret
wvsprintfW
PostMessageW
GetWindowRect
DrawStateW
RegisterClipboardFormatW
EnumChildWindows
LockWindowUpdate
BringWindowToTop
IsMenu
GetSystemMenu
SetClassLongW
SetParent
NotifyWinEvent
SetFocus
TranslateMessage
DispatchMessageW
PostQuitMessage
DefWindowProcW
LoadCursorW
DrawIcon
RegisterClassW
SetWindowRgn
IsIconic
IsZoomed
GetClientRect
ScreenToClient
GetMonitorInfoW
MonitorFromWindow
SetWindowLongW
GetWindowLongW
SetTimer
KillTimer
GetKeyState
GetDC
InvalidateRect
SetCapture
ReleaseCapture
PtInRect
ReleaseDC
DestroyWindow
GetFocus
CreateWindowExW
MapWindowPoints
SendMessageW
IsRectEmpty
EndPaint
BeginPaint
GetUpdateRect
GetCursorPos
CharNextW
OffsetRect
InflateRect
UnionRect
TrackPopupMenu
CreatePopupMenu
DestroyMenu
CopyRect
PeekMessageW
CloseClipboard
IsClipboardFormatAvailable
GetWindowPlacement
SystemParametersInfoA
GetDlgCtrlID
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
GetClassInfoW
MessageBoxW
GetMenuItemCount
GetMenuItemID
GetSubMenu
UpdateWindow
IsWindowVisible
ShowScrollBar
SetForegroundWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
ScrollWindow
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
SetActiveWindow
GetLastActivePopup
GetForegroundWindow
RemovePropW
GetClassNameW
GetClassLongW
CallNextHookEx
SetWindowsHookExW
GetCapture
IsChild
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
LoadIconW
RegisterWindowMessageW
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckDlgButton
IsDialogMessageW
IsWindowEnabled
RedrawWindow
MessageBeep
ValidateRect
GetActiveWindow
ShowOwnedPopups
GetWindowThreadProcessId
MapDialogRect
SetWindowContextHelpId
RemoveMenu
InsertMenuW
AppendMenuW
GetMenuStringW
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
GetDesktopWindow
CharUpperW
LoadMenuW
GetKeyNameTextW
MapVirtualKeyW
TabbedTextOutW
DrawTextExW
GrayStringW
GetWindowDC
GetMenuItemInfoW
GetSysColorBrush
DeleteMenu
WindowFromPoint
WaitMessage
SetRectEmpty
PostThreadMessageW
CopyAcceleratorTableW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
GetAsyncKeyState
DestroyAcceleratorTable
LoadAcceleratorsW
SetCursor

advapi32

RegCloseKey
RegOpenKeyW
RegQueryValueW
RegCreateKeyExW
RegSetValueExW
CloseServiceHandle
OpenProcessToken
OpenSCManagerW
OpenServiceW
GetTokenInformation
RegQueryValueExW
StartServiceW
QueryServiceStatus
RegOpenKeyExW
ControlService
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegEnumKeyExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegEnumKeyW

shell32

SHGetDesktopFolder
ShellExecuteW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetFileInfoW
ShellExecuteExW
SHGetPathFromIDListW
SHAppBarMessage
SHBrowseForFolderW
DragFinish
DragQueryFileW

ole32

OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleGetClipboard
CoUninitialize
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CreateILockBytesOnHGlobal
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CreateStreamOnHGlobal
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
OleCreateMenuDescriptor
CoInitializeEx
CoCreateGuid
OleLockRunning
CLSIDFromString
CLSIDFromProgID
CoInitialize
CoCreateInstance
CoTaskMemFree

oleaut32

VarDateFromStr
VariantChangeType
VarUdateFromDate
SystemTimeToVariantTime
SafeArrayDestroy
VariantTimeToSystemTime
SysFreeString
VariantClear
VariantInit
SysAllocString
SysAllocStringLen
VariantCopy
SysStringLen
OleCreateFontIndirect

msimg32

TransparentBlt
AlphaBlend

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW

oledlg

OleUIBusyW

gdiplus

GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteBrush
GdipFree
GdipAlloc
GdipCreateStringFormat
GdipDeleteStringFormat
GdipDeleteGraphics
GdipDeleteFont
GdiplusStartup
GdipCreateLineBrushI
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipCreateFromHDC
GdipSetTextRenderingHint
GdipDisposeImage
GdipDrawString
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCloneBrush
GdiplusShutdown

winmm

PlaySoundW

ws2_32

htons
ntohs
getsockname
setsockopt
recv
bind
socket
WSAGetLastError
closesocket
gethostbyname
send
WSARecv
getsockopt
listen
accept
select
inet_addr
recvfrom
inet_ntoa
WSAIoctl
connect
gethostbyaddr
WSACleanup
WSAStartup
WSAGetOverlappedResult
WSASend
__WSAFDIsSet

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

comdlg32

GetFileTitleW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 516KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 215.6MB - Virtual size: 215.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 737KB - Virtual size: 737KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c7d9faf4070a90695edaf72353ace02

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

gdi32

version

kernel32

user32

advapi32

shell32

ole32

oleaut32

msimg32

shlwapi

oledlg

gdiplus

winmm

ws2_32

oleacc

imm32

winspool.drv

comdlg32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 516KB - Virtual size: 516KB

.data Size: 39KB - Virtual size: 171KB

.rsrc Size: 215.6MB - Virtual size: 215.6MB

.reloc Size: 737KB - Virtual size: 737KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 516KB - Virtual size: 516KB

.data
Size: 39KB - Virtual size: 171KB

.rsrc
Size: 215.6MB - Virtual size: 215.6MB

.reloc
Size: 737KB - Virtual size: 737KB