40a308ca343ef5c74eaf1edf44e5803826b98cb04c3a6cd11240b4fe180b3b41

Sharing

Copy URL Twitter E-mail

General

Target

40a308ca343ef5c74eaf1edf44e5803826b98cb04c3a6cd11240b4fe180b3b41
Size

736KB
MD5

5c76d03b6e39077022115eed115c164e
SHA1

e0e01f3c7550ef7856c7b9576cafad0a7cf7632a
SHA256

40a308ca343ef5c74eaf1edf44e5803826b98cb04c3a6cd11240b4fe180b3b41
SHA512

b4891f2cd0060da1e365b8ee9cf734c8eb2d2ff8ebbc4a000b8853fa0d11d6eaabdab23d2c5b570f775fc54f4a250113a8a857477241c51e6356afbfb6ac5d59
SSDEEP

12288:sbgb1ze/Bu/lS3ziu4XRhSUDjpocv85h7f65z:sOGBu/lS3uu4XRvjGb65z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40a308ca343ef5c74eaf1edf44e5803826b98cb04c3a6cd11240b4fe180b3b41

Files

40a308ca343ef5c74eaf1edf44e5803826b98cb04c3a6cd11240b4fe180b3b41
.dll windows:4 windows x86 arch:x86

371855ab3bbd7671df06cc41a9c13d1f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocalTime
HeapSize
HeapReAlloc
FatalAppExitA
CompareStringA
CompareStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetACP
GetOEMCP
SetConsoleCtrlHandler
SetStdHandle
GetLocaleInfoW
SetEnvironmentVariableA
GetCurrentThreadId
GetSystemTime
GetTimeZoneInformation
RaiseException
HeapAlloc
ExitThread
CreateThread
HeapFree
TerminateProcess
ExitProcess
GetCommandLineA
RtlUnwind
SetFileAttributesW
MoveFileA
CreateFileA
GetFileInformationByHandle
GetSystemDirectoryW
GetSystemInfo
FindNextFileW
GetCurrentProcessId
AllocConsole
WriteConsoleW
FreeConsole
GetExitCodeThread
GetVersionExW
FindResourceExW
OutputDebugStringW
FormatMessageA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CloseHandle
TerminateThread
CreateEventW
WaitForMultipleObjects
SetEvent
WaitForSingleObject
GetTickCount
ResetEvent
GetProcAddress
LoadLibraryW
FreeLibrary
GetLastError
GetCurrentThread
WideCharToMultiByte
lstrlenW
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
lstrcmpW
GlobalLock
GetModuleFileNameW
ResumeThread
SetThreadPriority
SuspendThread
LoadResource
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetShortPathNameW
GetThreadLocale
GetStringTypeExW
GetVolumeInformationW
FindFirstFileW
FindClose
DeleteFileW
MoveFileW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
GetCurrentProcess
DuplicateHandle
CopyFileW
GlobalSize
GetDiskFreeSpaceW
GetFileTime
SetFileTime
GetFullPathNameW
GetTempFileNameW
GetFileAttributesW
SizeofResource
GetProcessVersion
GetCurrentDirectoryW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalFlags
lstrcmpiW
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
ReleaseMutex
CreateMutexW
ReleaseSemaphore
CreateSemaphoreW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindResourceW
FormatMessageW
LocalFree
GetProfileIntW
lstrcpynW
GlobalGetAtomNameW
MulDiv
SetLastError
InterlockedDecrement
InterlockedIncrement
GetModuleHandleA
LoadLibraryA
lstrlenA
MultiByteToWideChar
GetVersion
lstrcatW
GlobalAddAtomW
GlobalFindAtomW
lstrcpyW
GetModuleHandleW
GlobalUnlock
GlobalFree
LockResource
Sleep

user32

InvertRect
GetDCEx
LockWindowUpdate
CharUpperW
InsertMenuW
GetClassNameW
UnregisterClassW
wvsprintfW
WindowFromPoint
GetSystemMenu
DeleteMenu
AppendMenuW
SetParent
DestroyCursor
SetCursorPos
IsZoomed
SetRect
IsRectEmpty
SetCapture
MsgWaitForMultipleObjects
LoadStringW
PtInRect
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
DestroyMenu
GetDesktopWindow
ReleaseCapture
TranslateAcceleratorW
LoadAcceleratorsW
SetRectEmpty
GrayStringW
DrawTextW
TabbedTextOutW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
LoadIconW
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
FindWindowW
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
wsprintfW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
CreateWindowExW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetMessagePos
GetWindow
RegisterWindowMessageW
OffsetRect
IntersectRect
SystemParametersInfoW
IsIconic
GetWindowPlacement
EndDialog
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamW
DestroyWindow
SetFocus
PostThreadMessageW
PostMessageW
IsWindow
SetClassLongW
SetWindowTextW
SetForegroundWindow
MoveWindow
SetWindowLongW
GetDlgCtrlID
GetWindowTextLengthW
GetWindowTextW
IsDialogMessageW
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDlgItemTextW
IsClipboardFormatAvailable
GetDialogBaseUnits
GetSysColorBrush
GetScrollRange
GetMenuStringW
GetDlgItemInt
GetDlgItem
CheckRadioButton
CheckDlgButton
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
SetWindowPos
ShowWindow
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
UpdateWindow
EnableWindow
GetWindowRect
KillTimer
SetTimer
InflateRect
FillRect
GetSysColor
GetClientRect
InvalidateRect
LoadBitmapW
SendMessageW
GetDC
RemoveMenu
GetSubMenu
LoadMenuW
ClientToScreen
RedrawWindow
SetCursor
LoadCursorW
GetFocus
GetNextDlgTabItem
GetMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
SetWindowsHookExW
GetParent
GetLastActivePopup
GetWindowLongW
ShowOwnedPopups
PostQuitMessage
ScreenToClient
OpenDesktopW
OpenInputDesktop
GetUserObjectInformationW
SetThreadDesktop
CloseDesktop
GetThreadDesktop
IsWindowEnabled
MessageBoxW
PeekMessageW
TranslateMessage
DispatchMessageW
GetCursorPos
WinHelpW

gdi32

OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
DeleteObject
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
SetViewportOrgEx
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
IntersectClipRect
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
PatBlt
GetTextMetricsW
StretchDIBits
GetCharWidthW
CreateFontW
GetMapMode
SetRectRgn
CombineRgn
CreateFontIndirectW
DPtoLP
CopyMetaFileW
CreateDCW
LPtoDP
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
GetStockObject
SelectObject
RestoreDC
SaveDC
StartDocW
DeleteDC
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
CreateDIBPatternBrushPt
OffsetViewportOrgEx
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateRectRgnIndirect
BitBlt
GetTextExtentPoint32W
GetWindowExtEx

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryInfoKeyW
RegEnumKeyW
RegSetValueExA
RegConnectRegistryW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
QueryServiceStatus
RegOpenKeyA
RegQueryValueExA
RegCreateKeyW
RegOpenKeyW
RegSetValueW
GetFileSecurityW
SetFileSecurityW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegEnumValueW

shell32

DragQueryFileW
DragFinish
DragAcceptFiles
SHGetFileInfoW

comctl32

ImageList_Read
ImageList_Merge
ImageList_LoadImageW
ImageList_Create
ImageList_Destroy
ord14
ord13
ord17
ImageList_Write

ole32

WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
CoTaskMemAlloc
OleDuplicateData
OleRegGetUserType
CoDisconnectObject
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoTaskMemFree
ReleaseStgMedium
CoCreateInstance
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateStreamOnHGlobal
OleGetClipboard

oleaut32

SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantClear
SafeArrayRedim
VariantCopy
SysAllocString
VariantChangeType
SysStringByteLen
SysAllocStringByteLen
VarCyFromStr
VarBstrFromCy
VarDateFromStr
VarBstrFromDate
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysAllocStringLen
SysReAllocStringLen

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

Exports

Exports

CloseIEWnd
Finalize
Initialize
IsIEWndClose
SetFolderIconIndex
SetIEWndDesktopName
SetIEWndIcon
SetMainFrameType
ShowIEWnd

Sections

.text
Size: 536KB - Virtual size: 533KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

371855ab3bbd7671df06cc41a9c13d1f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

version

Exports

Exports

Sections

.text Size: 536KB - Virtual size: 533KB

.rdata Size: 80KB - Virtual size: 77KB

.data Size: 36KB - Virtual size: 56KB

.rsrc Size: 36KB - Virtual size: 33KB

.reloc Size: 44KB - Virtual size: 40KB

.text
Size: 536KB - Virtual size: 533KB

.rdata
Size: 80KB - Virtual size: 77KB

.data
Size: 36KB - Virtual size: 56KB

.rsrc
Size: 36KB - Virtual size: 33KB

.reloc
Size: 44KB - Virtual size: 40KB