92be5c4a15c67918974d85f3aa76cdd755e08578cbadc45021354b85d3973d1f

Sharing

Copy URL Twitter E-mail

General

Target

92be5c4a15c67918974d85f3aa76cdd755e08578cbadc45021354b85d3973d1f
Size

2.2MB
MD5

15637a79a1466576f268742ce0b4a911
SHA1

f4dc3fbe6256c458eefd9812e9f593a8e28ea19d
SHA256

92be5c4a15c67918974d85f3aa76cdd755e08578cbadc45021354b85d3973d1f
SHA512

734d4bf1307faa0ef64e29b6b7a94aa6267d8fb50f17c70b8704048b06ae2b36dbeec827a44a64022f9c54cb8fbcecdac2f9ea7f7b900b97783d9bd995952cb0
SSDEEP

49152:f4x/ad3E8iyR0Sb0EMe/3kR1PzgmQRvOOt402OhXy2WCnEc661oZyXCSmWLKAXVl:K/aHi80EMe/g1P0tOOt402OhXy2dnETC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
92be5c4a15c67918974d85f3aa76cdd755e08578cbadc45021354b85d3973d1f

Files

92be5c4a15c67918974d85f3aa76cdd755e08578cbadc45021354b85d3973d1f
.exe windows:5 windows x86 arch:x86

7e6ea9d25484c7b2c9445ca530e735f5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW
LocalFree
FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
WideCharToMultiByte
GlobalFree
SetLastError
FreeLibrary
GetProcAddress
GetModuleHandleW
lstrcmpA
InterlockedExchange
DeactivateActCtx
LoadLibraryA
ActivateActCtx
CompareStringA
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GlobalDeleteAtom
SetThreadPriority
ResumeThread
GetModuleHandleA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalAddAtomA
FreeResource
FindResourceA
lstrcmpW
LoadLibraryW
GetVersionExA
GlobalFindAtomA
GlobalGetAtomNameA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
lstrcpyA
GetThreadLocale
lstrcmpiA
LockFile
UnlockFile
DuplicateHandle
FindClose
FindFirstFileA
GetVolumeInformationA
LoadResource
GetACP
GetCPInfo
GetOEMCP
SetErrorMode
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileSizeEx
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
GetNumberFormatA
GetProfileIntA
SearchPathA
VirtualProtect
FindResourceExW
RtlUnwind
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
VirtualAlloc
ExitProcess
ExitThread
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
IsValidCodePage
SetHandleCount
GetStdHandle
GetTimeZoneInformation
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
GetStringTypeW
CompareStringW
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
MultiByteToWideChar
MulDiv
lstrlenA
LockResource
SizeofResource
GetFullPathNameA
lstrlenW
SetEndOfFile
WaitForSingleObject
CreateEventA
SetEvent
SetUnhandledExceptionFilter
RaiseException
GetSystemInfo
VirtualQuery
IsBadReadPtr
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
CreateDirectoryA
FlushFileBuffers
GetFileSize
SetFilePointer
DeleteFileA
CloseHandle
WriteFile
ReadFile
GetFileTime
FileTimeToSystemTime
SetFileAttributesA
GetFileAttributesA
GlobalMemoryStatusEx
GetCurrentDirectoryA
CreateThread
Sleep
GetComputerNameA
GetLocalTime
GetModuleFileNameA
CreateFileA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetTickCount
InitializeCriticalSectionAndSpinCount
GetLastError
LeaveCriticalSection
EnterCriticalSection
CopyFileA
DeleteCriticalSection

user32

DestroyIcon
CharUpperA
CharNextA
OffsetRect
CopyAcceleratorTableA
IsRectEmpty
SetRect
IntersectRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
InflateRect
GetMenuItemInfoA
DestroyMenu
UnregisterClassA
IsZoomed
SetWindowRgn
RedrawWindow
SetParent
DestroyAcceleratorTable
CreatePopupMenu
NotifyWinEvent
GetAsyncKeyState
SetClassLongA
LoadMenuW
GetSystemMenu
DrawStateA
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
ToAsciiEx
MapVirtualKeyA
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
BringWindowToTop
LockWindowUpdate
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadImageA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
CopyImage
RegisterClipboardFormatA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UnionRect
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageA
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
CopyIcon
CharUpperBuffA
GetDoubleClickTime
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
SubtractRect
DestroyCursor
SystemParametersInfoA
GetWindowRgn
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
GetWindowTextLengthA
GetWindowTextA
SetFocus
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
WaitMessage
CheckDlgButton
GetWindow
SetWindowContextHelpId
MapDialogRect
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
MessageBoxA
wsprintfA
DrawIcon
SendMessageA
FillRect
IsIconic
GetWindowRect
GetClientRect
EnableWindow
LoadIconW
GetSystemMetrics
PostMessageA
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
SetWindowPos
SetRectEmpty
KillTimer
SetTimer
InvalidateRect
RealChildWindowFromPoint
DeleteMenu
LoadCursorA
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetWindowPlacement
RegisterWindowMessageA
LoadIconA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ReleaseCapture
WindowFromPoint
SetCapture
LoadCursorW
SetLayeredWindowAttributes
SendDlgItemMessageA
EnumDisplayMonitors
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
GetWindowLongA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHAppBarMessage
ShellExecuteA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHGetFileInfoA

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoRegisterMessageFilter
CoRevokeClassObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CoCreateInstance
CoUninitialize
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree

comdlg32

GetFileTitleA

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW

oledlg

ord8

ws2_32

WSAStartup
WSACleanup
WSAEnumNetworkEvents
send
WSAGetLastError
WSAWaitForMultipleEvents
closesocket
shutdown
WSACloseEvent
WSAEventSelect
WSACreateEvent
socket
listen
bind
inet_addr
htons
connect
setsockopt
ioctlsocket
recv
accept
gethostbyname
inet_ntoa
htonl

dbghelp

MiniDumpWriteDump

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipFree
GdipGetImageGraphicsContext

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

gdi32

DeleteObject
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
ScaleWindowExtEx
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetLayout
SetPixelV
GetLayout
SetWindowExtEx
GetTextFaceA
SetBkMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
CreateBitmap
CreateDCA
CopyMetaFileA
SetViewportOrgEx
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
EnumFontFamiliesExA
Rectangle
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreateEllipticRgn
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
DPtoLP
PatBlt
GetMapMode
CombineRgn
SetRectRgn
GetRgnBox
GetTextColor
GetBkColor
GetTextExtentPoint32A
GetTextCharsetInfo
EnumFontFamiliesA
GetTextMetricsA
CreateRectRgnIndirect
CreateCompatibleBitmap
CreateFontIndirectA
CreateDIBitmap
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
ExtSelectClipRgn
DeleteDC
GetDeviceCaps

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringByteLen
SysStringLen
VarBstrFromDate
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
SysAllocString

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 318KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dinfo
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e6ea9d25484c7b2c9445ca530e735f5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

ole32

comdlg32

msimg32

comctl32

shlwapi

oledlg

ws2_32

dbghelp

oleacc

gdiplus

imm32

winmm

gdi32

winspool.drv

oleaut32

advapi32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 318KB - Virtual size: 317KB

.data Size: 35KB - Virtual size: 4.3MB

.dinfo Size: 512B - Virtual size: 144B

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 207KB - Virtual size: 206KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 318KB - Virtual size: 317KB

.data
Size: 35KB - Virtual size: 4.3MB

.dinfo
Size: 512B - Virtual size: 144B

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 207KB - Virtual size: 206KB