a8b77fc404c6e5b84aa5b5b458faf17bd0db4b42883e0b2388f187d0e827e08f

Sharing

Copy URL

Twitter E-mail

General

Target

a8b77fc404c6e5b84aa5b5b458faf17bd0db4b42883e0b2388f187d0e827e08f
Size

8.2MB
MD5

ee26e0881b35eb847c3d8a766ac66f66
SHA1

59c32de940831a81a55086944ccbe57cd898e36f
SHA256

a8b77fc404c6e5b84aa5b5b458faf17bd0db4b42883e0b2388f187d0e827e08f
SHA512

2b3dc9025efa0587abce90783a3840fa41d5efe1ca4ddd3514639735f002ab278763e76fe4b59a65d8918678f558bdbba1cafafda3861e8a7528e15c3a9dc2bf
SSDEEP

196608:FQRVct2K34kDqa9SrRYMlNM4X7QSem3UYU:9lXqadWMEQyM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8b77fc404c6e5b84aa5b5b458faf17bd0db4b42883e0b2388f187d0e827e08f

Files

a8b77fc404c6e5b84aa5b5b458faf17bd0db4b42883e0b2388f187d0e827e08f
.exe windows:5 windows x86 arch:x86

c556b585e2589fbba755d3c2f58874d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DuplicateHandle
GetCurrentProcess
lstrcmpiW
FileTimeToSystemTime
SystemTimeToFileTime
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
GetFileTime
SetFileAttributesW
GetCommandLineW
RtlUnwind
ExitProcess
GetModuleHandleExW
AreFileApisANSI
ExitThread
HeapQueryInformation
IsDebuggerPresent
IsProcessorFeaturePresent
GetStdHandle
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
GetTickCount
IsValidCodePage
GetOEMCP
GetCPInfo
SetConsoleCtrlHandler
GetTimeZoneInformation
OutputDebugStringW
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetStringTypeW
SetStdHandle
WriteConsoleW
ReadConsoleW
SetEnvironmentVariableA
GetFullPathNameW
CreateFileA
OpenFile
SystemTimeToTzSpecificLocalTime
GetLogicalDriveStringsW
CreateDirectoryW
GetDriveTypeA
OpenProcess
GetFileAttributesA
WriteFile
RemoveDirectoryW
QueryDosDeviceW
FindNextFileW
GetLocalTime
DeviceIoControl
FindResourceA
MoveFileExW
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
GetSystemDefaultLangID
GetTempFileNameW
MapViewOfFile
UnmapViewOfFile
GetDriveTypeW
GetLogicalDrives
GetSystemPowerStatus
GetSystemDirectoryA
GetTempPathW
CreateFileMappingW
GetSystemInfo
GetTempPathA
FindVolumeClose
SetVolumeMountPointW
GetVolumeInformationA
DeleteVolumeMountPointW
FindNextVolumeW
GetVolumePathNamesForVolumeNameW
DefineDosDeviceW
SetVolumeLabelW
GetDiskFreeSpaceExA
GetDiskFreeSpaceExW
FindFirstVolumeW
GetVolumeNameForVolumeMountPointW
lstrlenW
PeekNamedPipe
CreateProcessW
GetExitCodeProcess
CreatePipe
TryEnterCriticalSection
InterlockedCompareExchange
InterlockedExchange
InterlockedDecrement
WaitForMultipleObjects
GetExitCodeThread
GetLogicalDriveStringsA
lstrlenA
GetFullPathNameA
GetFileInformationByHandle
FindFirstFileExW
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
FindFirstFileA
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
DeleteFileW
GetCurrentDirectoryW
GlobalFlags
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CreateEventW
SetEvent
lstrcmpA
GetCurrentThread
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
EncodePointer
FreeResource
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
FindResourceW
LoadLibraryA
SizeofResource
LockResource
LoadResource
GetVersionExW
LoadLibraryW
GetProcAddress
GetModuleHandleA
GetModuleFileNameW
SetLastError
OutputDebugStringA
GetACP
WideCharToMultiByte
MultiByteToWideChar
GlobalMemoryStatusEx
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
CopyFileExW
CreateMutexW
HeapCompact
FlushViewOfFile
WaitForSingleObjectEx
UnlockFileEx
FormatMessageA
HeapCreate
HeapValidate
LockFileEx
GetDiskFreeSpaceW
CreateFileMappingA
GetDiskFreeSpaceA
GetVersionExA
GetSystemTime
DeleteFileA
GetThreadTimes
InitializeSListHead
SleepEx
ExpandEnvironmentStringsA
GlobalMemoryStatus
FlushConsoleInputBuffer
ReadConsoleInputA
GetModuleHandleW
DeleteCriticalSection
DecodePointer
HeapSize
GetLastError
RaiseException
HeapDestroy
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
GetCurrentProcessId
CreateThread
CloseHandle
GetSystemDefaultLCID
WaitForSingleObject
SetConsoleMode

user32

SetRect
OffsetRect
ShowWindow
KillTimer
SetTimer
SetForegroundWindow
RedrawWindow
ValidateRect
GetForegroundWindow
UpdateWindow
SetMenu
GetMenu
GetCapture
GetKeyState
GetDlgCtrlID
IsWindowVisible
SetWindowPos
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
GetDesktopWindow
GetWindowLongW
SetActiveWindow
GetActiveWindow
GetNextDlgTabItem
SetWindowLongW
GetClassLongW
GetClassNameW
GetTopWindow
GetLastActivePopup
GetWindow
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
WinHelpW
MonitorFromWindow
GetMonitorInfoW
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
SetPropW
SendMessageW
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation
EnableWindow
PostMessageW
UnregisterClassW
GetClassInfoW
LoadIconW
MessageBoxW
GetPropW
RemovePropW
GetWindowTextW
GetClientRect
GetWindowRect
AdjustWindowRectEx
UnionRect
GetWindowRgn
RegisterClassExW
GetCaretPos
SetWindowRgn
IsZoomed
UpdateLayeredWindow
CloseWindow
SetCaretPos
HideCaret
CreateCaret
DestroyCaret
CloseClipboard
ExitWindowsEx
GetAsyncKeyState
GetClipboardData
OpenClipboard
GetDlgItem
EndDialog
CreateDialogIndirectParamW
ScreenToClient
MapWindowPoints
GetSysColor
CopyRect
EqualRect
MoveWindow
SetWindowTextW
IsDialogMessageW
PostQuitMessage
GetMessageW
TranslateMessage
GetCursorPos
SetCursor
GetWindowThreadProcessId
GetSystemMetrics
GetDC
ReleaseDC
GetSysColorBrush
LoadCursorW
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
BeginPaint
EndPaint
ClientToScreen
RealChildWindowFromPoint
DestroyMenu
PtInRect
wsprintfW
CreateDesktopW
CloseDesktop
EnumWindows
SendMessageA
SystemParametersInfoW
SetCapture
ReleaseCapture
SendDlgItemMessageA
GetParent
IsWindow
SetFocus
GetFocus
IsWindowEnabled
WindowFromPoint
InvalidateRect
IsIconic
DestroyIcon
CharUpperW
IntersectRect
GetSubMenu
GetMenuItemID
GetMenuItemCount
DestroyWindow

shell32

ShellExecuteExW
SHGetPathFromIDListW
SHBrowseForFolderW
DragAcceptFiles
ord165
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
ShellExecuteW
DragQueryFileW
SHGetFileInfoW

shlwapi

PathIsRootW
PathIsDirectoryW
PathFileExistsA
PathCanonicalizeW
PathIsRootA
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
PathFileExistsW

ws2_32

getaddrinfo
socket
closesocket
gethostbyname
__WSAFDIsSet
freeaddrinfo
WSASetLastError
shutdown
getpeername
WSAGetLastError
select
inet_addr
WSAStartup
connect
ioctlsocket
setsockopt
WSACleanup
bind
accept
listen
recvfrom
sendto
gethostname
getsockname
getsockopt
htons
ntohs
send
recv

oleacc

CreateStdAccessibleObject
LresultFromObject

imagehlp

MakeSureDirectoryPathExists

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

wininet

InternetCrackUrlA
InternetCanonicalizeUrlA

winmm

timeKillEvent
timeSetEvent
timeGetDevCaps

gdi32

SetMapMode
SetBkMode
EnumFontFamiliesExW
SelectObject
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetTextExtentPoint32W
CreateCompatibleBitmap
CreateFontW
GetDIBits
CreateDIBSection
CreatePolygonRgn
FillRgn
CreateRoundRectRgn
GetBitmapBits
SetBitmapBits
SetPixel
PtInRegion
SetWindowExtEx
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
GetStockObject
GetClipBox
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePen
CreateCompatibleDC
BitBlt
CreateBitmap
GetObjectW
SetTextColor
SetBkColor
GetDeviceCaps
MoveToEx

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

OpenSCManagerW
LsaRetrievePrivateData
RegQueryInfoKeyW
LookupAccountNameW
GetSidSubAuthorityCount
GetUserNameW
GetSidSubAuthority
GetSidIdentifierAuthority
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
ControlService
UnlockServiceDatabase
ChangeServiceConfigW
QueryServiceStatus
ReportEventA
RegisterEventSourceA
DeregisterEventSource
StartServiceW
LockServiceDatabase
OpenServiceW
LsaFreeMemory
CloseServiceHandle
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
LsaNtStatusToWinError
ImpersonateLoggedOnUser
RevertToSelf
RegQueryValueExA
RegOpenKeyExA
LsaOpenPolicy
LsaClose

ole32

CoInitialize
CoCreateGuid
CoTaskMemFree
CoCreateInstance
CoInitializeEx
CoUninitialize
CreateStreamOnHGlobal
OleSetContainedObject
CoSetProxyBlanket
CoInitializeSecurity

oleaut32

VarDateFromStr
SafeArrayPutElement
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayDestroy
SafeArrayCreate
VariantTimeToSystemTime
SysAllocString
VariantChangeType
VariantClear
VariantInit
SysFreeString

msimg32

AlphaBlend

comctl32

_TrackMouseEvent

setupapi

SetupDiGetDeviceRegistryPropertyW
CM_Get_Device_IDA
CM_Get_Parent
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW

gdiplus

GdipDeleteFontFamily
GdipCreateFont
GdipDeleteFont
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetTextRenderingHint
GdipDrawString
GdipCreateFontFamilyFromName
GdipCreateBitmapFromFile
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipFree
GdiplusShutdown
GdiplusStartup
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageSelectActiveFrame
GdipImageGetFrameDimensionsCount
GdipDrawImageRectRect
GdipGetImageHeight
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateHBITMAPFromBitmap
GdipLoadImageFromStream
GdipDrawLineI
GdipSetPenDashStyle
GdipSetSmoothingMode
GdipCreateSolidFill
GdipDeleteBrush
GdipResetPath
GdipDeletePath
GdipDrawPath
GdipDeletePen
GdipCreatePen1
GdipFillPath
GdipDrawImageRectRectI
GdipAddPathEllipseI
GdipAddPathRectangleI
GdipSetClipPath
GdipResetClip
GdipClosePathFigure
GdipAddPathLineI
GdipAddPathArcI
GdipCreatePath
GdipGetImageWidth

imm32

ImmDestroyContext
ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext
ImmAssociateContext

iphlpapi

GetAdaptersInfo

wlanapi

WlanFreeMemory
WlanEnumInterfaces
WlanOpenHandle
WlanGetProfile
WlanGetProfileList
WlanCloseHandle

rpcrt4

UuidFromStringW
UuidToStringW
RpcStringFreeW

crypt32

CryptUnprotectData
CryptStringToBinaryW

Sections

.text
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 833KB - Virtual size: 833KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 509KB - Virtual size: 508KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 31.5MB - Virtual size: 31.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c556b585e2589fbba755d3c2f58874d2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

ws2_32

oleacc

imagehlp

version

wininet

winmm

gdi32

winspool.drv

advapi32

ole32

oleaut32

msimg32

comctl32

setupapi

gdiplus

imm32

iphlpapi

wlanapi

rpcrt4

crypt32

Sections

.text Size: 4.2MB - Virtual size: 4.2MB

.rdata Size: 833KB - Virtual size: 833KB

.data Size: 232KB - Virtual size: 284KB

.vmp0 Size: 509KB - Virtual size: 508KB

.reloc Size: 271KB - Virtual size: 271KB

.rsrc Size: 31.5MB - Virtual size: 31.5MB

.text
Size: 4.2MB - Virtual size: 4.2MB

.rdata
Size: 833KB - Virtual size: 833KB

.data
Size: 232KB - Virtual size: 284KB

.vmp0
Size: 509KB - Virtual size: 508KB

.reloc
Size: 271KB - Virtual size: 271KB

.rsrc
Size: 31.5MB - Virtual size: 31.5MB