f26854619cea964e4e157b61589d38feb0ff54581931590bcb649756d4ae3d10

Sharing

Copy URL Twitter E-mail

General

Target

f26854619cea964e4e157b61589d38feb0ff54581931590bcb649756d4ae3d10
Size

4.9MB
MD5

59ef2e09c248157e7657918b56499d88
SHA1

b0691bd94802d1c58dfd302e57eb19c3cb658381
SHA256

f26854619cea964e4e157b61589d38feb0ff54581931590bcb649756d4ae3d10
SHA512

16d634cf8be051b8cfa3a77926f0b61a8b7fa373ebece3269555920419da0af4f082488580ad289456804ffa1c630b171a85e3309ad1ba2ed3d3342b16c66cc2
SSDEEP

98304:OYzsNt4Rg7Hb3QAjsL6S0HssFBcZ3T5s0Bg8fpDeyXgWXHGlS8nHibF:9OXsLZ0M8BO3T5BBZ172lKF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f26854619cea964e4e157b61589d38feb0ff54581931590bcb649756d4ae3d10

Files

f26854619cea964e4e157b61589d38feb0ff54581931590bcb649756d4ae3d10
.exe windows:5 windows x86 arch:x86

2fcf07162d63263e7da88c5e470cb6ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM

Imports

comctl32

PropertySheetW
ImageList_ReplaceIcon
ImageList_Merge
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_EndDrag
ImageList_Duplicate
ImageList_DrawEx
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
_TrackMouseEvent
ImageList_Destroy
ImageList_Create
ImageList_BeginDrag
ImageList_AddMasked
ImageList_Add
CreateToolbarEx
CreatePropertySheetPageW

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

GetFileTime
GetFileType
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetOverlappedResult
GetPrivateProfileIntW
GetPrivateProfileSectionNamesW
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetTempPathW
GetThreadPriority
GetTimeFormatW
GetTimeZoneInformation
GetVersionExA
GetVersionExW
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalSize
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InterlockedDecrement
InterlockedIncrement
IsValidCodePage
GetFileAttributesW
LCMapStringW
LoadLibraryW
LoadResource
LocalFileTimeToFileTime
LocalFree
LockResource
lstrcpyW
lstrlenA
MapViewOfFile
MoveFileA
MoveFileExW
MoveFileW
MulDiv
MultiByteToWideChar
OpenProcess
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReleaseMutex
RemoveDirectoryA
RemoveDirectoryW
ResetEvent
ResumeThread
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetFileAttributesW
SetFileTime
SetHandleCount
SetLastError
SetStdHandle
SetThreadExecutionState
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
SleepEx
SystemTimeToFileTime
TerminateProcess
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualQuery
WaitForMultipleObjectsEx
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
GetEnvironmentVariableA
TlsGetValue
TlsAlloc
TlsSetValue
GetEnvironmentStrings
UnhandledExceptionFilter
GetCurrentProcess
GetVersion
RtlUnwind
GetFileAttributesA
GetExitCodeProcess
GetEnvironmentVariableW
GetEnvironmentStringsW
GetDriveTypeW
GetDiskFreeSpaceExW
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCPInfo
GetConsoleOutputCP
GetConsoleCP
GetComputerNameW
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FlushFileBuffers
FindResourceW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitProcess
DuplicateHandle
DosDateTimeToFileTime
DisconnectNamedPipe
DeleteFileW
DeleteFileA
DeleteCriticalSection
CreateThread
CreateProcessW
CreatePipe
CreateNamedPipeW
CreateMutexW
CreateFileW
CreateFileMappingW
CreateFileA
CreateEventW
CreateDirectoryW
CopyFileW
CopyFileA
ConnectNamedPipe
CompareStringW
CompareStringA
CloseHandle
CancelIo
GetSystemTimeAsFileTime
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
CreateEventA
GetCommandLineW
LocalAlloc
GetConsoleMode
LCMapStringA

user32

ModifyMenuW
MoveWindow
MsgWaitForMultipleObjects
OpenClipboard
PeekMessageW
PostMessageW
PostQuitMessage
RegisterClassW
RegisterClipboardFormatW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropW
ScreenToClient
ScrollWindowEx
SendDlgItemMessageW
SendMessageW
SetActiveWindow
SetCapture
SetClipboardData
SetCursor
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetMenuItemBitmaps
SetMenuItemInfoW
SetPropW
SetScrollInfo
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowsHookExW
SetWindowTextW
ShowWindow
SystemParametersInfoW
TrackPopupMenu
TranslateMessage
UnhookWindowsHookEx
UpdateWindow
WaitForInputIdle
WindowFromDC
WindowFromPoint
wsprintfW
MessageBoxW
IsWindowEnabled
IsIconic
IsDlgButtonChecked
IsDialogMessageW
IsClipboardFormatAvailable
IsCharAlphaW
InvalidateRect
InsertMenuW
InsertMenuItemW
InflateRect
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
LoadStringW
GetWindowLongW
GetWindowDC
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollInfo
GetPropW
GetParent
GetMessageW
GetMessagePos
GetKeyState
GetKeyNameTextW
GetKeyboardState
GetIconInfo
GetForegroundWindow
GetFocus
GetDlgItemTextW
GetDlgCtrlID
BeginPaint
CallNextHookEx
CallWindowProcW
CharLowerW
CheckDlgButton
CheckMenuRadioItem
ClientToScreen
CloseClipboard
CreateDialogIndirectParamW
CreateDialogParamW
CreatePopupMenu
CreateWindowExW
MapWindowPoints
MapVirtualKeyW
IsWindowVisible
MapDialogRect
GetDesktopWindow
GetDC
GetClipboardData
GetClientRect
GetClassNameW
GetClassNameA
GetCapture
GetAsyncKeyState
FindWindowW
FindWindowExW
FillRect
ExitWindowsEx
EndPaint
EndDialog
EnableWindow
EnableMenuItem
EmptyClipboard
DrawTextW
DrawStateW
DrawIconEx
DrawFocusRect
DrawEdge
DispatchMessageW
DialogBoxParamW
DialogBoxIndirectParamW
DestroyWindow
DestroyMenu
DestroyIcon
DeleteMenu
DefWindowProcW
LoadImageW
LoadIconW
LoadCursorW
KillTimer
keybd_event
GetWindowPlacement
IsZoomed
FrameRect

gdi32

SetWindowExtEx
StretchBlt
TextOutW
SetViewportExtEx
SetTextColor
SetBrushOrgEx
SetBkMode
SetBkColor
SelectObject
PatBlt
MoveToEx
GetWindowExtEx
GetViewportExtEx
GetTextMetricsW
GetTextExtentPoint32W
GetStockObject
GetObjectW
GetDIBits
GetDeviceCaps
GetCurrentObject
DeleteObject
DeleteDC
CreateSolidBrush
CreatePen
CreatePatternBrush
CreateFontW
CreateFontIndirectW
CreateDIBSection
CreateDIBitmap
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
LineTo
BitBlt

winspool.drv

EnumPrintersA
EnumPrintersW
OpenPrinterA
OpenPrinterW
GetPrinterA
StartDocPrinterA
StartPagePrinter
DeviceCapabilitiesW
DeviceCapabilitiesA
ClosePrinter
DocumentPropertiesW
DocumentPropertiesA
EndDocPrinter
EndPagePrinter
WritePrinter

advapi32

InitializeSecurityDescriptor
AllocateAndInitializeSid
AddAccessAllowedAce
AdjustTokenPrivileges
DuplicateTokenEx
FreeSid
GetAce
GetLengthSid
GetSidLengthRequired
GetSidSubAuthority
GetUserNameW
InitializeAcl
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumKeyW
RegEnumValueW
SetFileSecurityW
RegSetValueExW
RegSetKeySecurity
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyW
RegOpenKeyExW
SetSecurityDescriptorDacl

shell32

DragQueryPoint
DragQueryFileW
DragFinish
DragAcceptFiles
CommandLineToArgvW
DuplicateIcon

ole32

StringFromGUID2
RevokeDragDrop
ReleaseStgMedium
RegisterDragDrop
OleInitialize
DoDragDrop
CreateStreamOnHGlobal
CoUninitialize
CoTaskMemFree
CoInitialize
CoCreateInstance

shlwapi

PathRelativePathToW
SHDeleteKeyW
SHDeleteEmptyKeyW

Sections

.text
Size: 760KB - Virtual size: 758KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_ahead_7
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_libc_7
Size: 799KB - Virtual size: 800KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2fcf07162d63263e7da88c5e470cb6ca

Headers

File Characteristics

Imports

comctl32

version

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 760KB - Virtual size: 758KB

_ahead_7 Size: 16KB - Virtual size: 12KB

.data Size: 12KB - Virtual size: 20KB

.rsrc Size: 3.3MB - Virtual size: 3.3MB

_libc_7 Size: 799KB - Virtual size: 800KB

.text
Size: 760KB - Virtual size: 758KB

_ahead_7
Size: 16KB - Virtual size: 12KB

.data
Size: 12KB - Virtual size: 20KB

.rsrc
Size: 3.3MB - Virtual size: 3.3MB

_libc_7
Size: 799KB - Virtual size: 800KB