0133f1038991262e09baa3568877f49b05ae8a0553812df7e869a79ef58daf78

Sharing

Copy URL Twitter E-mail

General

Target

0133f1038991262e09baa3568877f49b05ae8a0553812df7e869a79ef58daf78
Size

570KB
MD5

5d8b0758b07c7acaad917229f245e628
SHA1

3dcff99205b3199bb2e189f5e00753cd0be73527
SHA256

0133f1038991262e09baa3568877f49b05ae8a0553812df7e869a79ef58daf78
SHA512

96528b5fe2aa77d11f93c2254bdd79754437aa051f8b9bd0799d228bff8d93b20d9fffda982061e86a7adc23147b426939c5d085ca77cedd76d0f0215a2d8f77
SSDEEP

12288:b5wI0huakqEbdJtba1v0sPz0b8FNS+4+M4wme:/0aBd+6Ez0b8FNxeme

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0133f1038991262e09baa3568877f49b05ae8a0553812df7e869a79ef58daf78

Files

0133f1038991262e09baa3568877f49b05ae8a0553812df7e869a79ef58daf78
.exe windows:4 windows x64 arch:x64

54680e09f577e521b96675b642971c05

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetFileAttributesW
GetFileTime
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlLookupFunctionEntry
RtlUnwindEx
RaiseException
RtlPcToFileHeader
HeapReAlloc
ExitProcess
ExitThread
HeapSize
SetStdHandle
GetFileType
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
RtlVirtualUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
FindResourceExW
SetErrorMode
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
lstrlenA
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
TlsGetValue
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
VirtualProtect
CreateEventW
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
FreeResource
GetCurrentProcessId
GetModuleHandleA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
GetPrivateProfileStringW
lstrlenW
WritePrivateProfileStringW
GetPrivateProfileIntW
FreeLibrary
SetLastError
WideCharToMultiByte
CreateFileW
DeviceIoControl
Sleep
GetTickCount
VirtualAllocEx
ReadProcessMemory
MultiByteToWideChar
LoadLibraryW
GetProcAddress
GetModuleHandleW
OpenProcess
OutputDebugStringW
CloseHandle
CreateThread
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
SizeofResource
CreateMutexW
GetLastError
HeapSetInformation
ReleaseMutex

user32

CharNextW
CopyAcceleratorTableW
IsRectEmpty
SetRect
InvalidateRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatW
PostThreadMessageW
GetMessageW
TranslateMessage
ValidateRect
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongPtrW
SetPropW
GetPropW
RemovePropW
DispatchMessageW
GetTopWindow
GetWindowLongPtrW
SetWindowLongPtrW
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
IsWindowVisible
UpdateWindow
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
CharUpperW
AdjustWindowRectEx
EqualRect
CopyRect
DefWindowProcW
CallWindowProcW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthW
GetWindowTextW
GetFocus
SetWindowPos
SetFocus
MoveWindow
SetWindowLongW
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
GetWindow
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetNextDlgTabItem
EndDialog
GetLastActivePopup
IsWindowEnabled
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
MessageBoxW
GetDoubleClickTime
GetAncestor
GetDlgItem
GetScrollRange
GetScrollPos
GetScrollInfo
SetWindowsHookExW
GetWindowThreadProcessId
GetClassNameW
GetWindowLongW
GetParent
FindWindowW
ReleaseCapture
SetCapture
DestroyMenu
GetSysColorBrush
UnregisterClassW
SetWindowContextHelpId
MapDialogRect
RegisterClassW
UnhookWindowsHookEx
RegisterWindowMessageW
RegisterHotKey
SetCursor
UnregisterHotKey
DestroyIcon
GetSystemMetrics
LoadIconW
LoadCursorW
SetActiveWindow
SetTimer
SendMessageW
DrawIcon
PtInRect
FindWindowExW
IsIconic
ShowWindow
EnableWindow
SystemParametersInfoW
SetForegroundWindow
GetWindowRect
WindowFromPoint
GetDC
GetClientRect
FillRect
keybd_event
ReleaseDC
CallNextHookEx
GetAsyncKeyState
GetCursorPos
SetCursorPos
GetForegroundWindow
PostMessageW
ScreenToClient
GetDlgCtrlID
UnregisterClassA

gdi32

ScaleWindowExtEx
GetWindowExtEx
ExtSelectClipRgn
CreateBitmap
GetStockObject
SetWindowExtEx
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
EnumFontFamiliesExW
GetViewportExtEx
GetObjectW
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateSolidBrush
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
CreateFontW
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteObject
DeleteDC

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW
RegOpenKeyW
RegEnumKeyExW
RegSetValueExW
RegDeleteValueW
RegCreateKeyW
RegCloseKey
RegQueryValueExW
RegQueryValueW

shell32

ShellExecuteW
Shell_NotifyIconW

shlwapi

PathFindFileNameW
UrlUnescapeW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
SysStringLen

wininet

InternetOpenUrlW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW
InternetQueryDataAvailable
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW

Sections

.text
Size: 350KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54680e09f577e521b96675b642971c05

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

wininet

Sections

.text Size: 350KB - Virtual size: 350KB

.rdata Size: 158KB - Virtual size: 158KB

.data Size: 15KB - Virtual size: 41KB

.pdata Size: 27KB - Virtual size: 26KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 350KB - Virtual size: 350KB

.rdata
Size: 158KB - Virtual size: 158KB

.data
Size: 15KB - Virtual size: 41KB

.pdata
Size: 27KB - Virtual size: 26KB

.rsrc
Size: 18KB - Virtual size: 18KB