c3464988cd075e6826587086b8197b05434d8cf0134ebfe7fa66bfcb507c3a0a

Sharing

Copy URL Twitter E-mail

General

Target

c3464988cd075e6826587086b8197b05434d8cf0134ebfe7fa66bfcb507c3a0a
Size

6.0MB
MD5

26bc08c21f212328a0e3a84d528ddaf7
SHA1

3db6c6ecbffe9d3390bf51454f162d64891df083
SHA256

c3464988cd075e6826587086b8197b05434d8cf0134ebfe7fa66bfcb507c3a0a
SHA512

836a250260d82fc3f7e99290fc17cb7c26fad78b623ab9a0aee7d7a2ba0e17b6c810b82f314f10d184440770e75ec6b167b0d6e88214357087d7400d1b4247f1
SSDEEP

98304:MhAm3rAS/vPWlInP1wFd1lKkCf9Dpd5bagLlNecE94GYPYgTGv3kdmZn:MOm3jvPW+Fk+O4bZGa9av3kdmx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c3464988cd075e6826587086b8197b05434d8cf0134ebfe7fa66bfcb507c3a0a

Files

c3464988cd075e6826587086b8197b05434d8cf0134ebfe7fa66bfcb507c3a0a
.exe windows:5 windows x86 arch:x86

eaab299601aa3a2d6c68e67dd81b59b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\motolister\Release\motolister.pdb

Imports

wininet

InternetCloseHandle
HttpSendRequestW
InternetQueryOptionW
InternetReadFile
HttpQueryInfoW
InternetOpenW
InternetConnectW
InternetSetStatusCallbackW
HttpOpenRequestW
InternetSetOptionW

shlwapi

PathFileExistsA
PathFindFileNameW
PathAppendW
UrlUnescapeW
PathFileExistsW
PathFindExtensionW
UrlEscapeW
PathFindExtensionA

kernel32

WaitForMultipleObjects
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
SetThreadPriority
CreateProcessW
GetExitCodeThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetProcAddress
LoadLibraryW
GetACP
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
GetEnvironmentVariableW
TerminateProcess
IsValidCodePage
GetCPInfo
FreeLibrary
GetSystemTimeAsFileTime
FindClose
FindFirstFileW
GetFileAttributesW
GetFileTime
GetCurrentThread
GetFileType
FindNextFileW
IsBadReadPtr
IsBadStringPtrA
GetCommandLineW
GetStdHandle
ReadConsoleOutputCharacterA
FillConsoleOutputCharacterW
GetConsoleScreenBufferInfo
SetConsoleCursorPosition
FreeConsole
WriteConsoleA
WriteConsoleW
MulDiv
SetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
HeapSize
GetProcessHeap
GlobalSize
GetStringTypeW
EncodePointer
CompareStringW
LCMapStringW
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
RtlUnwind
LoadLibraryExW
GetModuleHandleExW
ExitThread
FreeLibraryAndExitThread
FlushFileBuffers
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFilePointerEx
GetTimeZoneInformation
SetStdHandle
GetDriveTypeW
MoveFileExW
HeapAlloc
HeapReAlloc
HeapFree
GetModuleFileNameA
GetDateFormatW
GetTimeFormatW
EnumSystemLocalesW
GetOEMCP
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEndOfFile
GetCurrentDirectoryW
GetEnvironmentStringsW
FreeEnvironmentStringsW
FindFirstFileExA
FindNextFileA
GetCommandLineA
ResumeThread
CreateThread
GetExitCodeProcess
Sleep
PeekNamedPipe
SetNamedPipeHandleState
CreatePipe
DuplicateHandle
WriteFile
ReadFile
SetErrorMode
ExpandEnvironmentStringsW
MultiByteToWideChar
GetVersionExW
DeleteCriticalSection
DecodePointer
FindResourceW
LoadResource
RaiseException
LockResource
FreeResource
InitializeCriticalSectionAndSpinCount
SizeofResource
SetEvent
GetComputerNameW
CreateEventW
InterlockedIncrement
GetFullPathNameW
MoveFileW
DeleteFileW
WaitForSingleObject
CopyFileW
GetTempFileNameW
GetTempPathW
CreateDirectoryW
WideCharToMultiByte
LocalFree
FormatMessageA
SetCurrentDirectoryW
GetDiskFreeSpaceW
LocalAlloc
SetUnhandledExceptionFilter
IsDebuggerPresent
CloseHandle
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateFileW
GetModuleFileNameW
GetLastError
OutputDebugStringW
InterlockedDecrement
GetModuleHandleW
FormatMessageW
QueryPerformanceFrequency
GetLogicalDriveStringsW
TerminateThread

user32

DrawIconEx
GetDoubleClickTime
DestroyCursor
keybd_event
GetWindowTextLengthW
HideCaret
ChildWindowFromPoint
DestroyIcon
SetMenu
GetMenuState
CreateMenu
CreatePopupMenu
DestroyMenu
GetSubMenu
InsertMenuW
AppendMenuW
ModifyMenuW
RemoveMenu
InsertMenuItemW
SetMenuItemInfoW
DrawEdge
CheckMenuItem
GetMenuItemID
GetSysColorBrush
SetRect
CheckMenuRadioItem
EndDialog
EnumChildWindows
GetClassInfoW
CreateAcceleratorTableW
DestroyAcceleratorTable
TranslateAcceleratorW
GetWindowTextW
MessageBeep
GetClassNameW
ValidateRect
ChangeDisplaySettingsW
EnumDisplaySettingsW
GetWindowDC
BeginPaint
EndPaint
UnionRect
ValidateRgn
IsRectEmpty
AdjustWindowRectEx
ShowCursor
RegisterClipboardFormatW
GetClipboardFormatNameW
wsprintfW
IsClipboardFormatAvailable
DrawFocusRect
DrawStateW
DrawTextW
CreateDialogParamW
GetScrollInfo
SetScrollInfo
IsDialogMessageW
SetParent
PtInRect
InflateRect
FillRect
GetSysColor
ChildWindowFromPointEx
WindowFromPoint
ScreenToClient
ClientToScreen
GetCursorPos
SetCursorPos
EnableScrollBar
ScrollWindow
RedrawWindow
GetUpdateRgn
ReleaseDC
GetDC
UpdateWindow
GetMenuItemInfoW
TrackPopupMenu
GetMenuItemCount
IsWindowEnabled
DrawFrameControl
ReleaseCapture
SetCapture
GetCapture
MapVirtualKeyW
VkKeyScanW
GetAsyncKeyState
GetFocus
GetActiveWindow
SetFocus
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsWindow
CallWindowProcW
PostQuitMessage
GetMessageTime
GetMessagePos
UnregisterHotKey
RegisterHotKey
TranslateMessage
SetWindowRgn
GetWindow
InvalidateRect
SystemParametersInfoW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
FindWindowExW
GetParent
MapWindowPoints
GetClientRect
GetDlgItem
GetDesktopWindow
SetWindowLongW
GetWindowLongW
GetWindowRect
SetWindowTextW
SetForegroundWindow
EnableMenuItem
GetSystemMenu
DrawMenuBar
GetSystemMetrics
GetDialogBaseUnits
CreateDialogIndirectParamW
IsZoomed
BringWindowToTop
IsIconic
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindow
ShowWindow
GetKeyState
KillTimer
MsgWaitForMultipleObjects
DispatchMessageW
GetMessageW
LoadCursorW
SetCursor
DdeFreeStringHandle
DdeQueryStringW
DdeCreateStringHandleW
DdeGetLastError
DdeFreeDataHandle
DdeGetData
DdeCreateDataHandle
DdeClientTransaction
DdePostAdvise
DdeDisconnect
DdeConnect
DdeUninitialize
DdeInitializeW
CreateWindowExW
RegisterClassW
PostMessageW
PostThreadMessageW
DestroyWindow
DefWindowProcW
WaitForInputIdle
SendMessageW
PeekMessageW
UnregisterClassW
SetTimer
MessageBoxW
LoadImageW
LoadIconW
LoadBitmapW
GetIconInfo
CreateIconIndirect
OffsetRect
CopyRect
EnableWindow
SetRectEmpty
MessageBoxA
SetActiveWindow
DdeNameService

advapi32

RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
GetUserNameW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

shell32

SHGetFileInfoW
DragFinish
DragAcceptFiles
ExtractIconW
SHCreateDirectoryExW
ShellExecuteExW
ShellExecuteExA
Shell_NotifyIconW
ShellExecuteW
SHGetSpecialFolderPathW
SHGetMalloc
SHGetPathFromIDListW
ExtractIconExW
SHGetSpecialFolderLocation
DragQueryFileW
DragQueryPoint

ole32

CoInitializeEx
CoCreateGuid
CoCreateInstance
OleRun
CLSIDFromProgID
OleIsCurrentClipboard
OleFlushClipboard
ReleaseStgMedium
RegisterDragDrop
CoLockObjectExternal
CoTaskMemAlloc
RevokeDragDrop
OleUninitialize
OleInitialize
OleSetClipboard
OleSetContainedObject
OleLockRunning
OleGetClipboard

oleaut32

VariantClear
CreateErrorInfo
GetErrorInfo
SafeArrayCreateVector
SysReAllocString
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayGetVartype
VarBstrFromCy
SafeArrayLock
SafeArrayUnlock
SafeArrayCreate
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
VariantCopy
VariantChangeType
SysAllocString
VariantInit
SysStringLen

wsock32

socket
WSACleanup
shutdown
WSAStartup
closesocket
WSAGetLastError
getservbyname
gethostbyname
gethostbyaddr
ntohs
__WSAFDIsSet
accept
bind
connect
getsockname
ntohl
listen
recv
recvfrom
select
send
sendto
setsockopt
getsockopt
htonl
htons
ioctlsocket

winmm

PlaySoundW

comctl32

ImageList_GetImageInfo
ord17
ImageList_GetImageCount
ImageList_Draw
ImageList_GetIconSize
ImageList_Create
ImageList_SetDragCursorImage
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ord16
ord345
ImageList_Remove
ImageList_AddMasked
ImageList_Replace
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_Destroy

rpcrt4

RpcStringFreeW
UuidToStringW

dbghelp

MiniDumpWriteDump

edsdk

ord25
ord23
ord29
ord21
ord16
ord51
ord15
ord52
ord50
ord18
ord10
ord14
ord6
ord12
ord1
ord4

gdi32

SetLayout
GetTextExtentPoint32W
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SelectPalette
GetTextMetricsW
SetBrushOrgEx
GdiFlush
CreateFontIndirectW
DeleteObject
GetDeviceCaps
GetOutlineTextMetricsW
SetBkColor
SetBkMode
SetTextColor
CreatePen
CreateSolidBrush
OffsetRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
GetObjectW
EndDoc
Ellipse
ExtFloodFill
GetBkColor
GetClipBox
GetObjectType
GetPixel
GetStockObject
MaskBlt
CreateICW
PolyPolygon
Rectangle
RoundRect
SelectClipRgn
StartDocW
CreateDCW
SetAbortProc
GetSystemPaletteEntries
GetDIBColorTable
CreateDIBSection
GetDIBits
CreateDIBitmap
GetTextExtentExPointW
GetCharABCWidthsW
CreateRectRgnIndirect
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
RectInRegion
PtInRegion
GetRgnBox
EqualRgn
CombineRgn
MoveToEx
LineTo
CreatePatternBrush
ExtSelectClipRgn
SetMapMode
SetPixel
SetPolyFillMode
StretchBlt
StretchDIBits
SetROP2
PlayEnhMetaFile
PolyBezier
GetEnhMetaFileHeader
GetEnhMetaFileW
DeleteEnhMetaFile
CreateEnhMetaFileW
CloseEnhMetaFile
EnumFontFamiliesExW
EndPage
Pie
StartPage
Polyline
Polygon
ExtTextOutW
SetStretchBltMode
CreateHatchBrush
ExtCreatePen
CreateRectRgn
ExcludeClipRect
RealizePalette
Arc
SelectObject
GetRegionData
BitBlt
ExtCreateRegion
SetViewportExtEx

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

comdlg32

GetSaveFileNameW
CommDlgExtendedError
ChooseFontW
PrintDlgW
GetOpenFileNameW
PageSetupDlgW

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 902KB - Virtual size: 902KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 295KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eaab299601aa3a2d6c68e67dd81b59b1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wininet

shlwapi

kernel32

user32

advapi32

shell32

ole32

oleaut32

wsock32

winmm

comctl32

rpcrt4

dbghelp

edsdk

gdi32

winspool.drv

comdlg32

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 67KB - Virtual size: 262KB

.tls Size: 512B - Virtual size: 13B

.gfids Size: 2KB - Virtual size: 1KB

.rsrc Size: 902KB - Virtual size: 902KB

.reloc Size: 295KB - Virtual size: 295KB

.text
Size: 3.7MB - Virtual size: 3.7MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 67KB - Virtual size: 262KB

.tls
Size: 512B - Virtual size: 13B

.gfids
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 902KB - Virtual size: 902KB

.reloc
Size: 295KB - Virtual size: 295KB