fa0a56f270dc58a97f3278c4041eba33a15131cf874f39d147a9fb3a0275f6e6

Sharing

Copy URL Twitter E-mail

General

Target

fa0a56f270dc58a97f3278c4041eba33a15131cf874f39d147a9fb3a0275f6e6
Size

696KB
MD5

8dc5537b918347ad193afb26304493c2
SHA1

7a3948ddd5f27d424271d269f4239567a883885b
SHA256

fa0a56f270dc58a97f3278c4041eba33a15131cf874f39d147a9fb3a0275f6e6
SHA512

e276005a44c4cd50208ec3d9ad99b238b8398af2c44340eea4ab5d6575afdb75c3a394523474fd8799c14562e99547090bc576004a758d8a9e3e366327e500c6
SSDEEP

12288:MZ5/4LSqGRTZqkztj+jQ48I9Nvc7pZ2mljUG+7RtaWMJALuFdWIpECnn0RTnMFL:MZ5/kG5sgtj67RUWGWy0aFL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa0a56f270dc58a97f3278c4041eba33a15131cf874f39d147a9fb3a0275f6e6

Files

fa0a56f270dc58a97f3278c4041eba33a15131cf874f39d147a9fb3a0275f6e6
.dll windows:4 windows x86 arch:x86

077388d20fe847e8454049cb5a5831e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
LockResource
LoadResource
FindResourceA
GetProcessVersion
GlobalSize
GetCPInfo
GetOEMCP
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapAlloc
HeapFree
GetACP
RaiseException
ExitProcess
ExitThread
HeapSize
HeapReAlloc
FatalAppExitA
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
GetStringTypeA
GetStringTypeW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
GetCurrentDirectoryA
GetUserDefaultLCID
SetConsoleCtrlHandler
SetStdHandle
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
MoveFileExA
RemoveDirectoryW
CopyFileW
CreateDirectoryW
DeleteFileW
GetFileAttributesW
SetFileAttributesW
GetEnvironmentVariableW
GetTempPathW
GetTempPathA
GetCurrentDirectoryW
GetSystemDirectoryW
MoveFileW
CreateFileW
VirtualQueryEx
GetModuleFileNameW
CreateProcessW
InterlockedExchangeAdd
InterlockedExchange
InterlockedCompareExchange
CreateProcessA
ReadProcessMemory
GetThreadPriority
FormatMessageW
FindResourceExA
OutputDebugStringW
GetExitCodeThread
WaitForMultipleObjects
TerminateThread
ResetEvent
LoadLibraryW
GetLogicalDrives
QueryDosDeviceW
SetVolumeLabelA
DefineDosDeviceA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalFlags
MulDiv
SetLastError
GetVersion
lstrcatA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
lstrlenW
GlobalUnlock
SuspendThread
SetThreadPriority
ResumeThread
GlobalLock
GlobalAlloc
GlobalDeleteAtom
GetCurrentThread
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetShortPathNameA
lstrcmpiA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
lstrcpynA
lstrcpyA
SleepEx
CreateSemaphoreA
ReleaseSemaphore
CreateMutexA
ReleaseMutex
PulseEvent
SetEndOfFile
UnlockFile
LockFile
MoveFileExW
FlushFileBuffers
SetFilePointer
WriteFile
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageA
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetLogicalDriveStringsA
GetVolumeInformationA
GetDiskFreeSpaceExA
CreateEventA
SetEvent
WaitForSingleObject
TerminateProcess
SetPriorityClass
GetPriorityClass
GetDriveTypeA
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
OutputDebugStringA
MoveFileA
CopyFileA
lstrcmpA
RemoveDirectoryA
GetSystemInfo
FindFirstFileW
FindNextFileW
FindFirstFileA
FindNextFileA
FindClose
LoadLibraryA
LocalFree
OpenProcess
GetCurrentProcess
CreateThread
GetFileInformationByHandle
GetCurrentProcessId
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
GetFileSize
ReadFile
LoadLibraryExA
FreeLibrary
GetFileAttributesA
SetFileAttributesA
DeleteFileA
CreateDirectoryA
QueryDosDeviceA
GetDriveTypeW
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetCommandLineA
DeviceIoControl
GetTickCount
CreateFileA
GetSystemDirectoryA
Sleep
OpenMutexA
GetLastError
EnumSystemLocalesA
CloseHandle

user32

SetWindowPlacement
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetFocus
ShowWindow
SetWindowPos
MoveWindow
SetWindowLongA
IsDialogMessageA
ScrollWindowEx
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
TrackPopupMenu
GetDlgItemInt
GetDlgItem
CheckRadioButton
CheckDlgButton
GrayStringA
DrawTextA
TabbedTextOutA
GetMenu
DestroyMenu
GetWindowDC
ReleaseDC
GetDC
ScreenToClient
GetMenuStringA
DeleteMenu
InsertMenuA
GetMenuItemCount
GetDesktopWindow
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
LoadStringA
UnregisterClassA
UnhookWindowsHookEx
GetWindowTextLengthA
GetMenuItemID
GetDlgItemTextA
GetSubMenu
GetMenuCheckMarkDimensions
LoadBitmapA
RegisterClassA
GetClassInfoA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
WinHelpA
GetCapture
IsChild
GetTopWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetScrollInfo
GetScrollInfo
ScrollWindow
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
GetClientRect
DeferWindowPos
EqualRect
AdjustWindowRectEx
IsWindow
SetActiveWindow
GetSysColor
MapWindowPoints
UpdateWindow
LoadIconA
LoadCursorA
GetSysColorBrush
AppendMenuA
RemoveMenu
EndPaint
wvsprintfA
PeekMessageA
GetCursorPos
BeginPaint
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
EnableWindow
SetCursor
ShowOwnedPopups
SendMessageA
PostMessageA
PostQuitMessage
GetSystemMetrics
CharUpperA
wsprintfA
OemToCharA
CharToOemA
GetWindowTextW
GetWindowTextA
EnumWindows
IsWindowVisible
GetParent
GetWindowLongA
GetWindowThreadProcessId
EnumDesktopWindows
MessageBoxW
MessageBoxA
OpenWindowStationA
SetProcessWindowStation
CloseWindowStation
GetProcessWindowStation
GetUserObjectInformationA
OpenInputDesktop
OpenDesktopA
GetThreadDesktop
SetThreadDesktop
CloseDesktop
FindWindowA
IsDlgButtonChecked
MsgWaitForMultipleObjects

gdi32

CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
ExtCreatePen
SetColorAdjustment
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetDCOrgEx
GetObjectA
CopyMetaFileA
GetClipRgn
PolylineTo
PolyDraw
SetArcDirection
ArcTo
GetCurrentPositionEx
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
CreateDCA
PolyBezierTo
SetMapMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
SelectPalette
GetStockObject
SelectObject
RestoreDC
SaveDC
StartDocA
DeleteDC
CreateSolidBrush
DeleteObject
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegConnectRegistryA
RegSetValueExW
RegEnumKeyA
LookupAccountNameW
SetSecurityDescriptorDacl
GetAce
AddAccessAllowedAce
InitializeAcl
GetLengthSid
InitializeSecurityDescriptor
LookupAccountSidW
SetFileSecurityA
RegSetKeySecurity
RegCreateKeyW
RegCreateKeyExW
RegSetValueA
RegCreateKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegOpenKeyA
GetUserNameA
GetTokenInformation
LookupAccountSidA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyA
RegQueryValueExA
RegCloseKey
OpenSCManagerA
OpenServiceA
QueryServiceConfigA
ChangeServiceConfigA
CloseServiceHandle
RegQueryValueExW

shell32

SHGetFileInfoA
DragAcceptFiles

comctl32

ord17

ole32

OleRegGetUserType
ReadFmtUserTypeStg
WriteFmtUserTypeStg
ReadClassStg
CoTaskMemFree
CreateBindCtx
CoTaskMemAlloc
OleDuplicateData
CoCreateInstance
StringFromCLSID
CoTreatAsClass
ReleaseStgMedium
CoDisconnectObject
SetConvertStg
WriteClassStg

oleaut32

SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromDate
VarDateFromStr
VarBstrFromCy
VarCyFromStr
SysStringByteLen
VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
SafeArrayRedim
VariantClear
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringLen
SysReAllocStringLen
SysStringLen

wsock32

ioctlsocket

mpr

WNetGetConnectionA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

Control
Start
Stop
Valid

Sections

.text
Size: 560KB - Virtual size: 557KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

077388d20fe847e8454049cb5a5831e3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

wsock32

mpr

version

Exports

Exports

Sections

.text Size: 560KB - Virtual size: 557KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 32KB - Virtual size: 86KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 36KB - Virtual size: 35KB

.text
Size: 560KB - Virtual size: 557KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 32KB - Virtual size: 86KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 36KB - Virtual size: 35KB