a432d7f7a2fa612b6b0e134d3ab3af5b02767fd704bb70d496082f14d03c7ab9

Sharing

Copy URL Twitter E-mail

General

Target

a432d7f7a2fa612b6b0e134d3ab3af5b02767fd704bb70d496082f14d03c7ab9
Size

975KB
MD5

706621b294df023349dae65d7a05adcf
SHA1

707506a9d49ea80c65ebf3c8ec239af08c542047
SHA256

a432d7f7a2fa612b6b0e134d3ab3af5b02767fd704bb70d496082f14d03c7ab9
SHA512

e2b40baf742c4082bd12eefa57d831c0830c6108cc979755d3b3c5e091857c9a9b96d93fdbaf8215a85fddf9ae74b07e3f6da34ccbac0d520bf10051defe1148
SSDEEP

12288:fWTHRTT6ZVasKj5d0P9IwLBHxCzlTwITCEeM+BRdFj5PXQWpfM5m+9FAjS:OTHZmnpK8P+TwITCLM+BRdzPgWpZN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a432d7f7a2fa612b6b0e134d3ab3af5b02767fd704bb70d496082f14d03c7ab9

Files

a432d7f7a2fa612b6b0e134d3ab3af5b02767fd704bb70d496082f14d03c7ab9
.exe windows:4 windows x86 arch:x86

c3d5721358ef6e2b568436df19562c03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamClose

ws2_32

WSAGetLastError

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmDisableIME
ImmGetContext

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

OpenProcess
GlobalFree
GetTempFileNameW
LockResource
SizeofResource
LoadResource
FindResourceW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetWindowsDirectoryW
GetVersionExW
HeapFree
HeapAlloc
GetProcessHeap
LocalFree
TerminateThread
GetExitCodeThread
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateFileA
SetLastError
CancelWaitableTimer
SetWaitableTimer
CreateWaitableTimerW
GetDiskFreeSpaceExW
SetEndOfFile
SetFilePointer
WriteFile
TlsFree
TlsAlloc
GetFileAttributesW
GetSystemDefaultLangID
GetUserDefaultLangID
EnumResourceLanguagesW
GetVersion
lstrcatW
FreeResource
GlobalAlloc
LocalAlloc
ExitProcess
SetUnhandledExceptionFilter
SetProcessWorkingSetSize
TerminateProcess
GlobalDeleteAtom
GlobalAddAtomW
CreateSemaphoreW
ReleaseSemaphore
FlushInstructionCache
LoadLibraryW
GetCurrentThreadId
GetModuleHandleW
VirtualQuery
TlsGetValue
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCommandLineW
SetErrorMode
LoadLibraryExW
GetProcAddress
FreeLibrary
lstrcmpW
VirtualProtect
GetCurrentProcess
ReadProcessMemory
WriteProcessMemory
GetModuleHandleA
GetCurrentProcessId
GetLongPathNameW
TlsSetValue
GetFileSize
ReadFile
CreateDirectoryW
lstrlenW
FindClose
FindNextFileW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetShortPathNameW
FindFirstFileW
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
lstrlenA
GetTickCount
MultiByteToWideChar
WideCharToMultiByte
DeleteFileW
GetTempPathW
GetLocaleInfoW
CloseHandle
WaitForSingleObject
CopyFileW
RemoveDirectoryW
CreateMutexW
ReleaseMutex
GetSystemDirectoryW
IsBadWritePtr
IsBadReadPtr
MoveFileExW
CreateFileW
GlobalUnlock
GetStartupInfoA
GlobalLock
SetFileAttributesW
GetPrivateProfileIntW
lstrcmpiW
ResetEvent
SetEvent
CreateEventW
FindFirstChangeNotificationW
FindCloseChangeNotification
FindNextChangeNotification
WaitForMultipleObjects
GetLastError
SystemTimeToFileTime
GetSystemTime
GetFileTime

user32

CopyIcon
CopyImage
GetForegroundWindow
CloseClipboard
DialogBoxParamW
LoadImageW
SetWindowPos
GetWindowRect
ShowWindow
SetWindowLongW
GetDlgItem
SendMessageW
LoadStringW
SetWindowTextW
GetWindowTextW
PostMessageW
EndDialog
SetFocus
MessageBoxW
IsWindowVisible
SetPropW
ScreenToClient
RemovePropW
GetPropW
EnableWindow
SetClipboardData
CreateWindowExW
IsWindow
InflateRect
CopyRect
EmptyClipboard
OpenClipboard
SetWindowsHookExW
UnhookWindowsHookEx
InsertMenuW
IsWindowEnabled
LoadAcceleratorsW
TranslateAcceleratorW
DestroyAcceleratorTable
CreateAcceleratorTableW
CopyAcceleratorTableW
GetSystemMetrics
GetKeyNameTextW
GetClientRect
EndPaint
GetSysColor
IsDlgButtonChecked
DrawEdge
DrawTextW
FillRect
BeginPaint
DestroyWindow
SetForegroundWindow
GetParent
DefWindowProcW
ReleaseDC
GetDC
OffsetRect
PtInRect
GetCursorPos
GetKeyState
GetAsyncKeyState
SetCursor
LoadCursorW
CharNextW
DrawIcon
LoadIconW
MapWindowPoints
GetDesktopWindow
SetDlgItemTextW
CharLowerW
PostThreadMessageW
GetMessageW
DdeNameService
DdeCreateStringHandleW
SetParent
RegisterClassExW
MoveWindow
IsIconic
SetCursorPos
EnumChildWindows
InvalidateRect
IsChild
SubtractRect
GetClipboardData
IsClipboardFormatAvailable
GetMonitorInfoW
MonitorFromWindow
SetRect
RegisterHotKey
UnregisterHotKey
SystemParametersInfoW
WindowFromPoint
DestroyIcon
SetRectEmpty
InsertMenuItemW
DestroyMenu
GetWindowDC
CallNextHookEx
MenuItemFromPoint
GetMenuState
UpdateWindow
EndMenu
EqualRect
CheckMenuRadioItem
DrawIconEx
GetSystemMenu
TrackMouseEvent
CheckDlgButton
CheckMenuItem
TrackPopupMenuEx
MapVirtualKeyW
keybd_event
GetMenuItemID
GetMenuStringW
IsMenu
GetFocus
PostQuitMessage
GetMenuInfo
GetMenuItemCount
GetMenuItemInfoW
IsZoomed
SetWindowRgn
SetMenuInfo
FindWindowExW
GetSysColorBrush
FindWindowW
GetWindowPlacement
SetWindowPlacement
RegisterWindowMessageW
GetClassNameW
GetWindowThreadProcessId
GetWindowModuleFileNameW
GetWindowLongW
SetMenuItemInfoW
GetMenu
SendMessageTimeoutW
CreatePopupMenu
GetMessagePos
SetCapture
ReleaseCapture
ShowCursor
KillTimer
ClientToScreen
SetTimer
RedrawWindow
CallWindowProcW
DeleteMenu
GetAncestor
LoadMenuW
GetSubMenu
EnableMenuItem
TrackPopupMenu
GetDlgItemTextW
LoadBitmapW
PeekMessageW
TranslateMessage
DispatchMessageW
CharUpperW
DdeGetData
DdeFreeDataHandle
DdeQueryStringW
DdeFreeStringHandle
DdeUninitialize
DdeInitializeW

gdi32

CreateRectRgnIndirect
FillRgn
GetDIBits
CreateDIBSection
MoveToEx
LineTo
CreateRoundRectRgn
CombineRgn
CreateRectRgn
CreateFontIndirectW
SelectClipRgn
GetObjectW
DeleteObject
CreateSolidBrush
SelectObject
SetBkMode
SetTextColor
GetStockObject
EnumFontsW
Rectangle
CreatePatternBrush
DeleteDC
BitBlt
CreateCompatibleBitmap
CreatePen
SetBkColor
CreateCompatibleDC

comdlg32

GetSaveFileNameW
ChooseColorW
GetOpenFileNameW

advapi32

RegOpenKeyExW
AddAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
RegGetKeySecurity
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
RegDeleteKeyW
RegCreateKeyW
RegSetValueExW
RegOpenKeyW
RegQueryValueExW
RegCloseKey
GetLengthSid
AllocateAndInitializeSid
RegEnumKeyW
RegQueryInfoKeyW
RegSetKeySecurity
CopySid
GetTokenInformation
RegCreateKeyExW
OpenProcessToken
InitializeAcl

shell32

SHGetSpecialFolderLocation
ShellExecuteExW
Shell_NotifyIconW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
ExtractIconExW
DoEnvironmentSubstW
SHGetSpecialFolderPathW
SHChangeNotify
SHFreeNameMappings
SHAppBarMessage
DragQueryFileW
SHGetDesktopFolder
SHGetMalloc
SHBrowseForFolderW

ole32

OleCreate
OleDraw
CoCreateGuid
CoGetInterfaceAndReleaseStream
CLSIDFromString
DoDragDrop
StringFromCLSID
CoTaskMemFree
OleInitialize
OleUninitialize
CoRegisterClassObject
CoRevokeClassObject
CoInitialize
CoUninitialize
ReleaseStgMedium
CoCreateInstance
RegisterDragDrop
CoGetMalloc
RevokeDragDrop
OleDuplicateData
CreateStreamOnHGlobal
CoTaskMemAlloc
CoMarshalInterThreadInterfaceInStream
OleSetContainedObject

oleaut32

SafeArrayDestroy
SysStringLen
SysAllocStringLen
SysAllocStringByteLen
VariantClear
SysAllocString
SysFreeString
SafeArrayCreateVector

wininet

HttpOpenRequestW
HttpSendRequestExW
InternetOpenW
InternetConnectW
InternetSetStatusCallbackW
InternetCloseHandle
InternetReadFileExA
InternetReadFile
HttpEndRequestW
FtpOpenFileW
InternetGetLastResponseInfoW
FtpCommandW
InternetQueryOptionW
FtpGetFileSize
FindFirstUrlCacheEntryW
DeleteUrlCacheEntryW
UnlockUrlCacheEntryFileW
FindNextUrlCacheEntryW
DeleteUrlCacheEntryA
UnlockUrlCacheEntryFileA
FindCloseUrlCache
InternetSetOptionA
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
GetUrlCacheEntryInfoW
CreateUrlCacheEntryW
CommitUrlCacheEntryW
InternetCrackUrlW
HttpQueryInfoW
InternetGetConnectedState
InternetSetOptionW

msvcp60

??0logic_error@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??_7out_of_range@std@@6B@
??0logic_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??0out_of_range@std@@QAE@ABV01@@Z

shlwapi

PathMatchSpecW
UrlIsOpaqueW
PathFindFileNameW
PathCombineW
StrStrIW
PathFindExtensionW
PathGetDriveNumberW
PathIsDirectoryW
PathIsURLW
PathIsRootW
SHAutoComplete
UrlGetPartW
SHSetValueW
SHDeleteKeyW
SHGetValueW
SHDeleteValueW
StrStrIA
PathMatchSpecA
UrlCanonicalizeW
SHEnumKeyExW
SHEnumValueW
PathFileExistsW
PathIsUNCW
UrlIsW
SHQueryInfoKeyW
StrRetToBufW
StrCpyNW

msvcrt

fseek
ftell
fread
_wtol
_ltow
_itow
malloc
free
_wfopen
fwprintf
fclose
iswdigit
swprintf
vswprintf
wcschr
_ftol
_wtoi
_except_handler3
memmove
wcscmp
_wcsicmp
wcsstr
??2@YAPAXI@Z
wcsrchr
wcsncpy
wcscpy
_snwprintf
wcslen
wcspbrk
__CxxFrameHandler
wcscat
time
localtime
_beginthreadex
swscanf
_ui64tow
gmtime
wcsncmp
wcsftime
_wtoi64
_i64tow
_snprintf
fwrite
_wcsnicmp
wcsncat
fputs
strrchr
strncpy
strchr
mktime
wcstod
iswspace
realloc
strpbrk
strstr
iswlower
atoi
fopen
_wstrtime
??0exception@@QAE@ABV0@@Z
_CxxThrowException
_CIpow
fputws
exit
scanf
printf
sprintf
isalnum
toupper
_ui64toa
towlower
towupper
_ismbslead
fprintf
_strnicmp
fgets
rewind
__dllonexit
_onexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_stricmp
_controlfp
sscanf
__set_app_type

urlmon

RegisterBindStatusCallback
RevokeBindStatusCallback
CoInternetCombineUrl
ObtainUserAgentString

gdiplus

GdiplusStartup
GdipSaveImageToFile
GdipLoadImageFromStream
GdipAlloc
GdipDeleteGraphics
GdipDisposeImageAttributes
GdipDrawImageRectRectI
GdipSetImageAttributesColorMatrix
GdipCreateImageAttributes
GdipCreateFromHDC
GdipFree
GdipDisposeImage
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImageEncoders
GdipGetImageEncodersSize

comctl32

ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Remove
ImageList_Duplicate
ImageList_GetImageCount
ImageList_AddMasked
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_BeginDrag
ImageList_GetIconSize
InitCommonControlsEx
ImageList_SetBkColor
ImageList_DrawEx
ImageList_GetImageInfo
ImageList_DragShowNolock
ImageList_DragMove
ImageList_EndDrag
ImageList_Add
ImageList_Draw
ord16

Sections

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 601KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 315KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3d5721358ef6e2b568436df19562c03

Headers

File Characteristics

Imports

winmm

ws2_32

imm32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

wininet

msvcp60

shlwapi

msvcrt

urlmon

gdiplus

comctl32

Sections

.rdata Size: 58KB - Virtual size: 58KB

.data Size: 601KB - Virtual size: 2.1MB

.rsrc Size: 315KB - Virtual size: 316KB

.rdata
Size: 58KB - Virtual size: 58KB

.data
Size: 601KB - Virtual size: 2.1MB

.rsrc
Size: 315KB - Virtual size: 316KB