86d5e81354486f758700a49ca467024bcbed19a517482a2403397af98d4e1ba9

Sharing

Copy URL Twitter E-mail

General

Target

86d5e81354486f758700a49ca467024bcbed19a517482a2403397af98d4e1ba9
Size

3.9MB
MD5

90157ce4aaf7599d74a536170386506e
SHA1

84fc3e91fd3316b559bae9f7fbba445078e3974c
SHA256

86d5e81354486f758700a49ca467024bcbed19a517482a2403397af98d4e1ba9
SHA512

8fb36be2e709aea1c84857dba5fc50330288aa7890e67f32849f59f341c3b577502fa17b9cef934add9e327f7d9c96104435e9a36d8d889bc64cf9f895d06321
SSDEEP

49152:jCTVEmyKtciNrSQ9gaQzgJCGgYE8RG0NqUXpB3iT0/sZD:jCWPXCPrQU/E8Q0gUq4/sZD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86d5e81354486f758700a49ca467024bcbed19a517482a2403397af98d4e1ba9

Files

86d5e81354486f758700a49ca467024bcbed19a517482a2403397af98d4e1ba9
.exe windows:4 windows x86 arch:x86

f9907b1ae270d85f48f77187e0eec5e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetUserNameW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW

comctl32

CreateStatusWindowW
DefSubclassProc
DrawInsert
ImageList_AddMasked
ImageList_Destroy
ImageList_GetIcon
ImageList_GetImageCount
ImageList_LoadImageW
InitCommonControlsEx
LBItemFromPt
MakeDragList
RemoveWindowSubclass
SetWindowSubclass

comdlg32

ChooseColorW
ChooseFontW
FindTextW
GetOpenFileNameW
GetSaveFileNameW
PrintDlgW
ReplaceTextW

gdi32

AbortDoc
Arc
BitBlt
Chord
CloseEnhMetaFile
CombineRgn
CombineTransform
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateEllipticRgn
CreateEnhMetaFileW
CreateFontW
CreatePatternBrush
CreatePen
CreatePolygonRgn
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
Ellipse
EndDoc
EndPage
EnumFontFamiliesW
ExtFloodFill
FrameRgn
GetBrushOrgEx
GetCharABCWidthsFloatW
GetDIBits
GetDeviceCaps
GetEnhMetaFileHeader
GetEnhMetaFileW
GetObjectW
GetPixel
GetStockObject
GetTextAlign
GetTextCharset
GetTextExtentPoint32W
GetTextMetricsW
GetViewportOrgEx
LineTo
MoveToEx
Pie
PlayEnhMetaFile
PolyBezier
Polygon
Polyline
Rectangle
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SelectObject
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBits
SetEnhMetaFileBits
SetGraphicsMode
SetPixel
SetStretchBltMode
SetTextAlign
SetTextColor
SetWorldTransform
StartDocW
StartPage
StretchBlt
TextOutW

kernel32

AllocConsole
Beep
CloseHandle
CreateDirectoryW
CreateEventW
CreateFileA
CreateFileW
CreateMutexW
CreatePipe
CreateProcessW
CreateSemaphoreW
DeleteCriticalSection
DeleteFileW
EnterCriticalSection
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationW
FindFirstFileW
FindNextChangeNotification
FindNextFileW
FindResourceA
FindResourceW
FlushFileBuffers
FreeConsole
FreeLibrary
FreeResource
GetBinaryTypeW
GetCommandLineW
GetComputerNameW
GetConsoleCP
GetConsoleMode
GetConsoleScreenBufferInfo
GetConsoleTitleW
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesExW
GetFileAttributesW
GetFileSize
GetFileTime
GetFileType
GetLargestConsoleWindowSize
GetLastError
GetLocalTime
GetLocaleInfoW
GetLogicalDrives
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetNamedPipeHandleStateW
GetNativeSystemInfo
GetNumberOfConsoleInputEvents
GetNumberOfConsoleMouseButtons
GetProcAddress
GetProcessHandleCount
GetProcessHeap
GetProcessTimes
GetProfileStringW
GetStartupInfoA
GetStdHandle
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetSystemWow64DirectoryW
GetTempFileNameW
GetTempPathW
GetTickCount
GetTimeZoneInformation
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalMemoryStatusEx
GlobalSize
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
IsBadReadPtr
IsBadWritePtr
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LocalLock
LocalUnlock
LockFile
LockFileEx
LockResource
MoveFileW
MulDiv
MultiByteToWideChar
OpenProcess
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
ReadConsoleInputW
ReadConsoleOutputW
ReadFile
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryW
SetComputerNameW
SetConsoleCP
SetConsoleCtrlHandler
SetConsoleCursorInfo
SetConsoleCursorPosition
SetConsoleMode
SetConsoleOutputCP
SetConsoleScreenBufferSize
SetConsoleTitleW
SetConsoleWindowInfo
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetErrorMode
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
SetNamedPipeHandleState
SetUnhandledExceptionFilter
SizeofResource
Sleep
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
UnlockFileEx
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleOutputW
WriteFile
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW

msimg32

AlphaBlend
GradientFill
TransparentBlt

msvcrt

__dllonexit
__doserrno
__getmainargs
__initenv
__lconv_init
__mb_cur_max
__pioinfo
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_beginthreadex
_cexit
_endthreadex
_errno
_exit
_filelengthi64
_fileno
_fmode
_initterm
_iob
_itow
_lock
_lseeki64
_onexit
_setjmp
_snwprintf
_unlock
_wfopen
_wfsopen
_write
abort
atof
atoi
calloc
clock
exit
fclose
fflush
fgetc
fgetpos
fopen
fprintf
fputc
fputs
fread
free
frexp
fseek
fsetpos
ftell
fwprintf
fwrite
getenv
iswctype
localeconv
longjmp
malloc
memchr
memcmp
memmove
memset
memcpy
printf
raise
rand
setlocale
signal
srand
strchr
strcmp
strerror
strlen
strncmp
strrchr
tan
time
vfprintf
vfwprintf
wcscmp
wcscpy
wcslen
wcstok

msvfw32

MCIWndCreateW

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoInitialize
CoInitializeEx
CoTaskMemFree
CreateStreamOnHGlobal
OleInitialize
OleUninitialize

oleaut32

GetActiveObject
OleLoadPicture
SafeArrayAccessData
SafeArrayCreate
SafeArrayCreateVector
SafeArrayDestroy
SafeArrayGetDim
SafeArrayGetElement
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPutElement
SafeArrayUnaccessData
SysAllocStringLen
SysFreeString
SysStringLen
VarCyFromR8
VarDecFromR8
VarR8FromCy
VarR8FromDec
VariantClear
VariantCopy
VariantInit

shell32

SHBrowseForFolderW
SHGetDesktopFolder
SHGetFileInfoW
SHGetFolderLocation
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellAboutW
ShellExecuteW
Shell_NotifyIconW

user32

ActivateKeyboardLayout
AnimateWindow
AppendMenuW
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcW
CharLowerW
CharUpperW
CheckDlgButton
CheckMenuItem
ChildWindowFromPoint
ClientToScreen
CloseClipboard
CreateCaret
CreateMenu
CreatePopupMenu
CreateWindowExA
CreateWindowExW
DefWindowProcW
DestroyCaret
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageW
DrawEdge
DrawMenuBar
DrawTextW
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndDialog
EndMenu
EndPaint
EnumChildWindows
EnumWindows
FillRect
FindWindowExW
FindWindowW
FlashWindowEx
GetActiveWindow
GetAsyncKeyState
GetCaretBlinkTime
GetCaretPos
GetClassLongW
GetClassNameW
GetClientRect
GetClipboardData
GetCursor
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetDlgItemInt
GetDlgItemTextW
GetFocus
GetForegroundWindow
GetGuiResources
GetKeyNameTextW
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardLayoutNameW
GetKeyboardState
GetLastActivePopup
GetMenu
GetMenuInfo
GetMenuItemCount
GetMenuItemID
GetMenuItemRect
GetMenuState
GetMessageW
GetNextDlgTabItem
GetParent
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetWindow
GetWindowDC
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
HideCaret
InvalidateRect
IsCharAlphaNumericW
IsCharAlphaW
IsCharLowerW
IsCharUpperW
IsClipboardFormatAvailable
IsDialogMessageW
IsDlgButtonChecked
IsIconic
IsMenu
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadCursorFromFileW
LoadCursorW
LoadIconW
LoadImageW
LoadKeyboardLayoutW
MapVirtualKeyW
MapWindowPoints
MenuItemFromPoint
MessageBeep
MessageBoxIndirectW
MessageBoxW
MoveWindow
MsgWaitForMultipleObjects
OpenClipboard
PeekMessageW
PostMessageW
PostQuitMessage
PtInRect
RealChildWindowFromPoint
RealGetWindowClassW
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
RegisterHotKey
RegisterWindowMessageW
ReleaseDC
ScreenToClient
SendDlgItemMessageW
SendMessageA
SendMessageW
SetActiveWindow
SetCaretBlinkTime
SetCaretPos
SetClassLongW
SetClipboardData
SetCursor
SetCursorPos
SetDlgItemInt
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetKeyboardState
SetLayeredWindowAttributes
SetMenu
SetMenuInfo
SetMenuItemBitmaps
SetParent
SetRect
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetSysColors
SetTimer
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowCaret
ShowCursor
ShowScrollBar
ShowWindow
SystemParametersInfoW
TrackPopupMenu
TranslateMessage
UnhookWindowsHookEx
UnloadKeyboardLayout
UnregisterClassW
UnregisterHotKey
UpdateWindow
WinHelpW
WindowFromPoint
keybd_event
wsprintfW
wvsprintfW

winmm

PlaySoundW

winspool.drv

ClosePrinter
DocumentPropertiesW
EnumPrintersW
GetJobW
GetPrinterW
OpenPrinterW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 858KB - Virtual size: 858KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 306KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/67
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/80
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/91
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9907b1ae270d85f48f77187e0eec5e0

Headers

File Characteristics

Imports

advapi32

comctl32

comdlg32

gdi32

kernel32

msimg32

msvcrt

msvfw32

ole32

oleaut32

shell32

user32

winmm

winspool.drv

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.data Size: 64KB - Virtual size: 64KB

.rdata Size: 858KB - Virtual size: 858KB

/4 Size: 306KB - Virtual size: 305KB

.bss Size: - Virtual size: 14KB

.idata Size: 17KB - Virtual size: 16KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 161KB - Virtual size: 160KB

/14 Size: 512B - Virtual size: 216B

/29 Size: 9KB - Virtual size: 9KB

/41 Size: 1KB - Virtual size: 1KB

/55 Size: 1KB - Virtual size: 1KB

/67 Size: 512B - Virtual size: 56B

/80 Size: 5KB - Virtual size: 4KB

/91 Size: 512B - Virtual size: 176B

.text
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 64KB - Virtual size: 64KB

.rdata
Size: 858KB - Virtual size: 858KB

/4
Size: 306KB - Virtual size: 305KB

.bss
Size: - Virtual size: 14KB

.idata
Size: 17KB - Virtual size: 16KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 161KB - Virtual size: 160KB

/14
Size: 512B - Virtual size: 216B

/29
Size: 9KB - Virtual size: 9KB

/41
Size: 1KB - Virtual size: 1KB

/55
Size: 1KB - Virtual size: 1KB

/67
Size: 512B - Virtual size: 56B

/80
Size: 5KB - Virtual size: 4KB

/91
Size: 512B - Virtual size: 176B