677fabdabf6dd1ac67a62108ff77ebc2acb6975790110f48eb71dd32780bf065

Sharing

Copy URL Twitter E-mail

General

Target

677fabdabf6dd1ac67a62108ff77ebc2acb6975790110f48eb71dd32780bf065
Size

1.5MB
MD5

0de8f96fc515f258a5f94ab4939f39cd
SHA1

ab60f95ae7af1efe2da2448f7db623d6d3b1f9ff
SHA256

677fabdabf6dd1ac67a62108ff77ebc2acb6975790110f48eb71dd32780bf065
SHA512

63d24b95a87f5b40fe5316d44a6161e8c0d40d062b4a65eb5f0c899129dbe24d73bd6580ff112fd854537d85ac0a13466d93b32ce1e6dbb0785937be5407ef08
SSDEEP

24576:jCrxidr851Xx4QmWTDgRjdZXS+ROeuzbxN97u6WMe20Dz7S8dGDIWP5vQFlC8wuw:JapRzpu6QDzmGTce/ApfVBV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
677fabdabf6dd1ac67a62108ff77ebc2acb6975790110f48eb71dd32780bf065

Files

677fabdabf6dd1ac67a62108ff77ebc2acb6975790110f48eb71dd32780bf065
.exe windows:4 windows x86 arch:x86

1e76047e0cf678cc34f109bbb7b02c50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

activeds

ord9
ord3

kernel32

QueryPerformanceCounter
InterlockedIncrement
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
RaiseException
GetLastError
InitializeCriticalSection
DeleteCriticalSection
GetVersion
lstrcmpiA
lstrlenW
lstrlenA
GetCurrentThread
CompareStringA
CompareStringW
InterlockedDecrement
HeapFree
CloseHandle
HeapAlloc
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceA
lstrcpyA
DeleteFileA
lstrcatA
FreeLibrary
GetProcAddress
LoadLibraryA
CreateDirectoryA
LocalFree
SetEnvironmentVariableA
IsBadCodePtr
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
HeapSize
SetStdHandle
SetConsoleCtrlHandler
GetCommandLineA
GetDriveTypeA
ExitProcess
HeapReAlloc
GetDateFormatA
GetTimeFormatA
RtlUnwind
VirtualAlloc
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
SetErrorMode
WritePrivateProfileStringA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcmpA
SetThreadPriority
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
VirtualProtect
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
FreeResource
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FlushConsoleInputBuffer
FormatMessageA
GetStdHandle
GetFileType
OutputDebugStringA
GetSystemTimeAsFileTime
GetSystemInfo
VirtualQuery
FileTimeToDosDateTime
IsBadReadPtr
GetCurrentProcess
MoveFileA
CreatePipe
GetStartupInfoA
CreateThread
TerminateProcess
ExitThread
SetHandleInformation
GetCurrentProcessId
CopyFileA
WinExec
GetTickCount
SetFilePointer
SetEndOfFile
GetTempPathA
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
GetCurrentThreadId
TerminateThread
lstrcpynA
WriteFile
GetFileSize
SystemTimeToTzSpecificLocalTime
GlobalMemoryStatus
ReadFile
CreateFileA
GetTimeZoneInformation
SystemTimeToFileTime
SetFileTime
GetSystemTime
GetLocalTime
GetFileTime
CreateEventA
SuspendThread
SetEvent
ResumeThread
RemoveDirectoryA
GetModuleHandleA
Beep
WaitForSingleObject
ReleaseMutex
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
WaitForMultipleObjects
GetExitCodeProcess
OpenMutexA
SetCurrentDirectoryA
CreateMutexA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
EnterCriticalSection
LeaveCriticalSection
GetCurrentDirectoryA
GetFileAttributesA
GetComputerNameA
LocalAlloc
Sleep
GetModuleFileNameA
CreateProcessA

user32

IsRectEmpty
CharNextA
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
SetRect
DrawTextExA
DrawTextA
TabbedTextOutA
SetWindowContextHelpId
PostQuitMessage
CopyAcceleratorTableA
InvalidateRect
GrayStringA
InvalidateRgn
GetMessageA
ValidateRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
IsDialogMessageA
WinHelpA
GetCapture
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
GetNextDlgGroupItem
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
IsWindowVisible
UpdateWindow
GetMenu
AdjustWindowRectEx
EqualRect
GetDlgCtrlID
CallWindowProcA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
ReleaseDC
GetDC
CopyRect
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
IsWindowEnabled
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
MessageBeep
GetDesktopWindow
GetUserObjectInformationW
wvsprintfA
GetProcessWindowStation
GetThreadDesktop
GetUserObjectSecurity
SetUserObjectSecurity
DestroyCursor
RedrawWindow
TrackPopupMenu
DestroyMenu
ReleaseCapture
SetCapture
LoadCursorA
SetCursor
RegisterClipboardFormatA
PostThreadMessageA
LoadBitmapA
GetWindowRect
PtInRect
MapDialogRect
MoveWindow
DestroyIcon
DialogBoxParamA
EndDialog
SetWindowTextA
IsDlgButtonChecked
SetDlgItemTextA
GetDlgItem
ShowWindow
SendDlgItemMessageA
GetDlgItemTextA
GetClassInfoA
GetWindowLongA
SetWindowLongA
GetCursorPos
LoadIconA
GetSystemMetrics
LoadImageA
SetForegroundWindow
IsIconic
GetSystemMenu
InsertMenuA
AppendMenuA
CreatePopupMenu
DrawIcon
RegisterClassA
CreateWindowExA
PeekMessageA
DispatchMessageA
TranslateMessage
DestroyWindow
WaitForInputIdle
DefWindowProcA
wsprintfA
MessageBoxA
GetParent
GetTopWindow
GetSysColor
SendMessageTimeoutA
ExitWindowsEx
KillTimer
SetTimer
IsWindow
GetFocus
GetClientRect
GetNextDlgTabItem
GetWindow
PostMessageA
RegisterWindowMessageA
EnableWindow
SendMessageA
UnregisterClassA
CharUpperA
SetWindowsHookExA

gdi32

GetRgnBox
GetTextColor
GetBkColor
GetMapMode
GetStockObject
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
DeleteObject
CreateSolidBrush
DeleteDC
GetObjectA
SelectObject
GetDeviceCaps
CreateRectRgnIndirect
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
ExtTextOutA
SaveDC
RestoreDC
SetMapMode
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
SetViewportOrgEx
Escape

comdlg32

GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

ImpersonateLoggedOnUser
GetFileSecurityA
InitializeSecurityDescriptor
RevertToSelf
OpenThreadToken
MapGenericMask
AccessCheck
GetSecurityDescriptorDacl
GetFileSecurityW
FreeSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
GetLengthSid
EqualSid
LookupAccountSidA
LookupAccountNameA
AllocateAndInitializeSid
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
LsaClose
LsaAddAccountRights
LsaNtStatusToWinError
LsaOpenPolicy
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegQueryValueA
RegDeleteKeyA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
GetUserNameA
CreateProcessAsUserA
GetAclInformation
AddAce
GetTokenInformation
IsValidSid
CopySid
LogonUserA
QueryServiceConfigA
StartServiceA
QueryServiceStatus
ChangeServiceConfigA
ControlService
DeleteService
OpenServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegOpenKeyExA
RegEnumKeyA
GetAce

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
Shell_NotifyIconA
ShellExecuteExA
ShellExecuteA
ord195

comctl32

PropertySheetA
CreatePropertySheetPageA
ImageList_Destroy
ImageList_Add
ImageList_Create
ord17

shlwapi

SHDeleteKeyA
PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecA
PathFindFileNameA

oledlg

ord8

ole32

OleUninitialize
CoFreeUnusedLibraries
CoTaskMemAlloc
CreateILockBytesOnHGlobal
CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize
CoRegisterMessageFilter
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleFlushClipboard

oleaut32

SafeArrayDestroy
OleCreateFontIndirect
SysFreeString
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
SysStringByteLen
VariantInit
SafeArrayGetElement
VariantClear
SystemTimeToVariantTime
SysAllocString
VarUdateFromDate
VariantTimeToSystemTime
VarBstrCat
VariantChangeType
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SafeArrayGetUBound
SafeArrayGetLBound
VariantCopy
VarBstrCmp

ws2_32

getpeername
send
WSACancelBlockingCall
shutdown
closesocket
connect
socket
WSAAsyncSelect
ntohs
getsockname
inet_ntoa
accept
select
listen
bind
htons
gethostbyname
htonl
setsockopt
WSAGetLastError
inet_addr
sendto
recvfrom
ioctlsocket
getsockopt
recv
WSAStartup
WSACleanup
gethostname

crypt32

CertFindCertificateInStore
CertEnumSystemStore
CertOpenSystemStoreA
CertGetIntendedKeyUsage
CertGetPublicKeyLength
CertVerifyTimeValidity
CertFreeCertificateContext
CertDuplicateCertificateContext
CertFreeCertificateChain
CertGetCertificateChain
CertVerifyCertificateChainPolicy
CertFindChainInStore
CertCloseStore
PFXImportCertStore
CertAddCertificateContextToStore
CertDeleteCertificateFromStore
CertOpenStore
CertEnumCertificatesInStore
CertGetNameStringA
CryptFindOIDInfo

secur32

GetUserNameExA

Sections

.text
Size: 988KB - Virtual size: 985KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e76047e0cf678cc34f109bbb7b02c50

Headers

File Characteristics

Imports

version

activeds

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

crypt32

secur32

Sections

.text Size: 988KB - Virtual size: 985KB

.rdata Size: 232KB - Virtual size: 231KB

.data Size: 144KB - Virtual size: 180KB

.rsrc Size: 132KB - Virtual size: 128KB

.text
Size: 988KB - Virtual size: 985KB

.rdata
Size: 232KB - Virtual size: 231KB

.data
Size: 144KB - Virtual size: 180KB

.rsrc
Size: 132KB - Virtual size: 128KB