6925b85844cfcd64324d36bd6e0d6e710d63530ea46c8ad4c6e8d95a59ee7a41

Sharing

Copy URL Twitter E-mail

General

Target

6925b85844cfcd64324d36bd6e0d6e710d63530ea46c8ad4c6e8d95a59ee7a41
Size

5.3MB
MD5

96ed055e4cd2d1a047a80d9214cbe02b
SHA1

984ad89c379be22320504b00bec07c025ffee255
SHA256

6925b85844cfcd64324d36bd6e0d6e710d63530ea46c8ad4c6e8d95a59ee7a41
SHA512

95a076232ab2f25ad0846e1b1a5648374427f078bcde69860eb5fd3492c88e8218d2d453b52585904f74ed1a39d486378f87fcb65fc8f3fc86311ddfb4f69629
SSDEEP

98304:tuUMHWDoCMHdbUbqwlfsvfMCwm3Y+n2HhcDIi9i61XzZp9fVdr3MTVA+L9n:IfHW0jCoEoo02HODn9i6fpVQhAQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6925b85844cfcd64324d36bd6e0d6e710d63530ea46c8ad4c6e8d95a59ee7a41

Files

6925b85844cfcd64324d36bd6e0d6e710d63530ea46c8ad4c6e8d95a59ee7a41
.exe windows:5 windows x86 arch:x86

1dc087f09d9176fdc73a6dea044c56db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libskaudio

ord1

skservice

?CreateSkServiceObj@SkService@@YAPAVIServiceInterface@1@_N@Z
?DestroySkServiceObj@SkService@@YAXPAVIServiceInterface@1@@Z

kernel32

GetTempFileNameW
CreateThread
SetThreadPriority
ResumeThread
UnmapViewOfFile
SetFilePointer
SetEndOfFile
GetFileSize
CreateFileMappingW
MapViewOfFile
GlobalAlloc
GetModuleHandleA
LoadLibraryA
GetVersionExA
GetLocalTime
FreeLibrary
LoadLibraryW
GetFullPathNameW
FreeResource
SetLastError
FindFirstFileW
FindClose
FindResourceW
GetFileSizeEx
SizeofResource
LoadResource
LockResource
MulDiv
GetFileAttributesW
HeapCreate
HeapAlloc
HeapFree
HeapDestroy
FlushInstructionCache
ResetEvent
CompareStringW
GetCurrentThreadId
WriteConsoleW
FlushFileBuffers
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCurrentDirectoryW
CopyFileW
GetFileInformationByHandle
GetTimeZoneInformation
SetStdHandle
GetConsoleMode
GetConsoleCP
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
IsProcessorFeaturePresent
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLocaleInfoW
GetStdHandle
ExitProcess
HeapSize
GetCPInfo
LCMapStringW
FindFirstFileExW
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetSystemTimeAsFileTime
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineW
RaiseException
ExitThread
RtlUnwind
GetProcessHeap
lstrcpyW
DosDateTimeToFileTime
lstrlenA
lstrcpyA
LocalFree
DecodePointer
EncodePointer
InterlockedExchange
InterlockedCompareExchange
DeleteFileW
GetTempPathW
WritePrivateProfileStructW
OutputDebugStringW
GetPrivateProfileStringW
GetPrivateProfileStructW
GetPrivateProfileIntW
GlobalUnlock
PeekNamedPipe
GlobalLock
CreateEventW
WideCharToMultiByte
ReleaseMutex
CreateMutexW
MultiByteToWideChar
WritePrivateProfileStringW
CreateDirectoryW
SetCurrentDirectoryW
GetVersionExW
GetModuleHandleW
GetProcAddress
GetCurrentProcess
GlobalMemoryStatusEx
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameW
WriteFile
ReadFile
CancelIo
CreateFileW
InterlockedDecrement
InterlockedIncrement
GetTickCount
OutputDebugStringA
Sleep
SetEvent
WaitForSingleObject
GetLastError
CloseHandle
CreateFileA
TerminateThread
SetEnvironmentVariableA

user32

SetMenuContextHelpId
IsMenu
DestroyMenu
TrackPopupMenu
SetMenuInfo
CreateWindowExW
RegisterClassExW
RegisterDeviceNotificationW
UnregisterDeviceNotification
DispatchMessageW
TranslateMessage
PeekMessageW
SystemParametersInfoW
SetForegroundWindow
PostQuitMessage
PostMessageW
IsWindowVisible
IsIconic
DefWindowProcW
BeginPaint
EndPaint
IsWindow
DestroyWindow
CreatePopupMenu
AppendMenuW
MonitorFromRect
GetDesktopWindow
OffsetRect
FindWindowW
SetTimer
KillTimer
CopyRect
IsRectEmpty
PtInRect
SetRect
CreateIconIndirect
OemToCharBuffW
DrawIconEx
EqualRect
InflateRect
IntersectRect
UnionRect
SetCursor
GetParent
GetDlgItem
CallWindowProcW
SetWindowPos
SetWindowLongW
GetWindowLongW
UnregisterClassW
MapWindowPoints
GetClientRect
GetMonitorInfoW
MonitorFromWindow
GetWindowRect
GetActiveWindow
GetWindow
LoadCursorW
DestroyIcon
InvalidateRect
ScreenToClient
GetDC
ReleaseDC
SetCapture
SetFocus
SetWindowTextW
ReleaseCapture
GetCapture
UpdateWindow
SendMessageW
ShowWindow
MoveWindow
RegisterHotKey
UnregisterHotKey
GetCursorPos
GetMenuInfo
GetMenuItemCount
GetMenuItemInfoW
UpdateLayeredWindow
MapVirtualKeyA
CharLowerBuffW
EnableWindow
SetActiveWindow
DrawTextW
SystemParametersInfoA
GetSystemMetrics
EnableMenuItem
GetSysColor
CreateIconFromResource
LoadImageW
LoadBitmapW
CharNextW
GetIconInfo
IsWindowEnabled
GetForegroundWindow
GetMessageW
MsgWaitForMultipleObjects
ClientToScreen
DestroyCursor
LoadIconW
MessageBoxW
GetKeyState
GetFocus
SetLayeredWindowAttributes
GetClassNameW
TrackMouseEvent
AnimateWindow
IsZoomed
SetCaretPos
GetCaretBlinkTime
CreateCaret
HideCaret

gdi32

EnumFontFamiliesExW
SetViewportOrgEx
StretchBlt
EnumFontsW
CreateSolidBrush
Rectangle
SetBkMode
GetStockObject
GetObjectW
CreateFontIndirectW
GetDeviceCaps
SetGraphicsMode
CreateBitmap
CreateCompatibleDC
SelectObject
DeleteDC
CreateRoundRectRgn
DeleteObject
BitBlt
AddFontMemResourceEx
GetCharABCWidthsW
CreateDIBSection
GetRegionData
SelectClipRgn
ExtCreateRegion
IntersectClipRect
CreateDIBitmap
StretchDIBits
CreateDCW
GetViewportOrgEx
GetCurrentObject
GetGlyphOutlineW
GetFontData
GetTextMetricsW
GetOutlineTextMetricsW
RemoveFontMemResourceEx
GetGlyphIndicesW
GdiFlush
ExtTextOutW
SetWorldTransform
SetTextColor
SetTextAlign
GetTextFaceW
GetFontUnicodeRanges
GetTextExtentPointI

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegQueryValueExA
RegSetValueExW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

Shell_NotifyIconW
SHGetSpecialFolderLocation
ShellExecuteW
SHGetPathFromIDListW

ole32

CreateBindCtx
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CoCreateInstance
CoCreateGuid
CreateStreamOnHGlobal
OleLockRunning
IIDFromString

oleaut32

SysAllocString
SysFreeString

hid

HidD_GetHidGuid
HidP_GetCaps
HidD_GetPreparsedData
HidD_GetAttributes
HidD_FreePreparsedData

shlwapi

PathIsDirectoryW
StrCmpW
PathFileExistsW
StrToIntExW

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList

imm32

ImmGetContext
ImmAssociateContext
ImmReleaseContext

gdiplus

GdipCreateBitmapFromFile
GdipFree
GdipAlloc
GdipCloneImage
GdipDrawImageRectI
GdipGraphicsClear
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToFile
GdipDrawArcI
GdipSetPenDashStyle
GdipDrawRectangleI
GdipDrawLines
GdipFillPolygon
GdipDrawLineI
GdipCreateSolidFill
GdipDrawEllipseI
GdipDeletePen
GdipCreatePen1
GdipFillRectangleI
GdipSetPathGradientCenterPoint
GdipGetPathGradientPointCount
GdipSetPathGradientSurroundColorsWithCount
GdipSetPathGradientCenterColor
GdipCloneBrush
GdipDeleteBrush
GdipCreatePathGradientFromPath
GdipAddPathEllipseI
GdipDeletePath
GdipCreatePath
GdipSetSmoothingMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipDisposeImage
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipCreateBitmapFromStream

libcurl

curl_easy_init
curl_easy_setopt
curl_easy_perform
curl_easy_getinfo
curl_easy_cleanup
curl_slist_free_all
curl_slist_append

msacm32

acmStreamConvert
acmStreamClose
acmStreamUnprepareHeader
acmStreamPrepareHeader
acmStreamSize
acmStreamOpen

usp10

ScriptItemize
ScriptShape
ScriptFreeCache

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 606KB - Virtual size: 605KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1dc087f09d9176fdc73a6dea044c56db

Headers

DLL Characteristics

File Characteristics

Imports

libskaudio

skservice

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

hid

shlwapi

setupapi

imm32

gdiplus

libcurl

msacm32

usp10

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 606KB - Virtual size: 605KB

.data Size: 68KB - Virtual size: 164KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 2.5MB - Virtual size: 2.5MB

.reloc Size: 189KB - Virtual size: 189KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 606KB - Virtual size: 605KB

.data
Size: 68KB - Virtual size: 164KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

.reloc
Size: 189KB - Virtual size: 189KB