839781249c6d5934aea7d5093aa584f97c3cbcf4d1beed28c5c108efe09f9e8a

Sharing

Copy URL

Twitter E-mail

General

Target

839781249c6d5934aea7d5093aa584f97c3cbcf4d1beed28c5c108efe09f9e8a
Size

2.9MB
MD5

e96192df32f90a8602d927e3fda29533
SHA1

e257becc8c8be4cd7523f3359735b32b70b54b26
SHA256

839781249c6d5934aea7d5093aa584f97c3cbcf4d1beed28c5c108efe09f9e8a
SHA512

c5755a0086194d7b7398500b0d46fda3cd5605ab6ed1e349626c6895256828d7722bc9c67960c7fb89016314e8434bbf1907a85bc6cece33405e387caac8c8f1
SSDEEP

49152:VCLMOUfG6RTcrQ+0pFLhCTDeYgDkciW5+sSVjTGEcFEvitvN:VCgO0P/+0DLhiAIo5cVjTGEtvitvN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
839781249c6d5934aea7d5093aa584f97c3cbcf4d1beed28c5c108efe09f9e8a

Files

839781249c6d5934aea7d5093aa584f97c3cbcf4d1beed28c5c108efe09f9e8a
.exe windows:4 windows x86 arch:x86

86814c66dc2a2451dc56e8ddd854e483

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
SetFileSecurityA
GetFileSecurityA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegSetValueA
RegCreateKeyA

comctl32

ImageList_Draw
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_AddMasked
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_GetIconSize
_TrackMouseEvent
ord17
ImageList_Destroy
ImageList_Create

gdi32

GetObjectA
GetTextExtentPoint32A
CreatePen
CreateFontIndirectA
GetDeviceCaps
PatBlt
RealizePalette
GetCurrentObject
GetTextMetricsA
GetStockObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
RectVisible
TextOutA
PtVisible
Escape
AbortDoc
ExtTextOutA
EndPage
StartPage
EndDoc
CreateFontA
GetBkMode
StartDocA
Ellipse
DeleteDC
GetTextExtentPoint32W
SelectObject
CreateDIBSection
DeleteObject
GetPixel
CreateHatchBrush
SetPixel
SetBkColor
CreateBitmap
SetTextColor
DescribePixelFormat
ChoosePixelFormat
SetPixelFormat
SetStretchBltMode
SwapBuffers
StretchDIBits
GetClipBox
SaveDC
SelectPalette
SetBkMode
RestoreDC
SetROP2
SetMapMode
SetPolyFillMode
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
SetWindowOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipRgn
SetWindowExtEx
IntersectClipRect
ExcludeClipRect
LineTo
SetTextAlign
MoveToEx
GetCurrentPositionEx
CreateRectRgn
GetWindowExtEx
GetViewportExtEx
CreateRectRgnIndirect
CreatePatternBrush
SetRectRgn
CombineRgn
GetMapMode
SetAbortProc
CreateDCA
DPtoLP
GetViewportOrgEx
CopyMetaFileA
GetCharWidthA
GetNearestColor
GetStretchBltMode
LPtoDP
GetTextAlign
GetROP2
GetPolyFillMode
GetWindowOrgEx
GetTextFaceA
CreateDIBitmap
GetTextExtentPointA
GetBkColor
CreateSolidBrush
CreatePalette
GetDIBits
Rectangle
GetTextColor

glu32

gluProject
gluLookAt

kernel32

CompareStringW
GetLocaleInfoW
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
SetEnvironmentVariableA
GetDriveTypeA
DeviceIoControl
GetVolumeInformationA
CloseHandle
SetThreadPriority
ResumeThread
lstrcmpiA
GetStringTypeA
lstrlenW
GetEnvironmentStringsW
GetCPInfo
GetProcAddress
CreateFileA
GetModuleFileNameA
GetTickCount
MulDiv
GlobalSize
GlobalLock
GlobalUnlock
GlobalReAlloc
GetVersionExA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
DeleteFileA
GetTempPathA
FindResourceA
LoadResource
LockResource
SizeofResource
GlobalFree
InterlockedDecrement
GetLocaleInfoA
FreeEnvironmentStringsA
GetProfileStringA
GetFileInformationByHandle
PeekNamedPipe
GetEnvironmentStrings
FreeEnvironmentStringsW
IsValidCodePage
GetUserDefaultLCID
EnumSystemLocalesA
GetStdHandle
IsValidLocale
SetUnhandledExceptionFilter
IsBadWritePtr
SetHandleCount
UnhandledExceptionFilter
HeapCreate
VirtualAlloc
VirtualFree
LCMapStringW
HeapDestroy
GetEnvironmentVariableA
HeapSize
LCMapStringA
GetACP
GetFileType
SetStdHandle
Sleep
GetCommandLineA
GetStartupInfoA
GetTimeZoneInformation
GetLocalTime
GetSystemTime
TerminateProcess
HeapReAlloc
RaiseException
ExitThread
ExitProcess
GetSystemTimeAsFileTime
HeapFree
CreateThread
HeapAlloc
SetErrorMode
RtlUnwind
GetCurrentDirectoryA
GetProcessVersion
CopyFileA
GetOEMCP
TlsSetValue
TlsGetValue
LocalReAlloc
TlsFree
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
GlobalHandle
DeleteCriticalSection
GlobalFlags
InitializeCriticalSection
LocalAlloc
SystemTimeToFileTime
FindNextFileA
WritePrivateProfileStringA
LocalFileTimeToFileTime
GetFileSize
GetDiskFreeSpaceA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetProfileIntA
MoveFileA
GetShortPathNameA
GetStringTypeExA
LockFile
SetEndOfFile
UnlockFile
WriteFile
FlushFileBuffers
SetFilePointer
DuplicateHandle
ReadFile
GetCurrentProcess
GlobalAlloc
GetLastError
GetThreadLocale
FormatMessageA
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcmpA
LocalFree
SetLastError
InterlockedIncrement
MultiByteToWideChar
WideCharToMultiByte
GlobalGetAtomNameA
lstrcatA
GetCurrentThreadId
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
FindClose
GetFullPathNameA
FindFirstFileA
GetCurrentThread
lstrcpyA
lstrcpynA
lstrlenA
GetVersion
GetModuleHandleA

msimg32

GradientFill

msvfw32

DrawDibClose
DrawDibDraw
DrawDibOpen

odbc32

ord4
ord72
ord49
ord20
ord48
ord59
ord8
ord17
ord19
ord46
ord44
ord68
ord43
ord12
ord2
ord1
ord41
ord50
ord45
ord23
ord15
ord9
ord51
ord3
ord11
ord14
ord13
ord61
ord18
ord5
ord10
ord16

oleaut32

SysStringLen
VariantTimeToSystemTime
SysAllocStringLen
VarBstrFromDate
VarDateFromStr
VarBstrFromCy
VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
SafeArrayCreate
VariantInit
SafeArrayPutElement
VariantClear
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SysFreeString
SafeArrayDestroy

olepro32

ord253

opengl32

glPopMatrix
glDepthFunc
glEnable
glOrtho
glLoadIdentity
glClear
glClearColor
glViewport
glPopAttrib
glLineWidth
glDisable
glEnd
glVertex3f
glBegin
glColor3ub
glPolygonOffset
glPolygonMode
glPushAttrib
glGetDoublev
glTranslatef
glPushMatrix
glMatrixMode
wglCreateContext
wglDeleteContext
glVertex3i
glGetIntegerv
wglMakeCurrent

shell32

DragFinish
ExtractIconA
DragQueryFileA
ShellExecuteA
SHGetFileInfoA
DragAcceptFiles
ShellExecuteExA
Shell_NotifyIconA

shlwapi

PathIsRelativeA
PathFileExistsA
PathRelativePathToA
PathCombineA

user32

DestroyCursor
DeleteMenu
IsMenu
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
GetWindowLongA
RemoveMenu
GetMenuItemID
ModifyMenuA
GetMenuItemCount
InsertMenuA
AppendMenuA
GetDesktopWindow
DrawIconEx
DestroyIcon
GetMenuItemInfoA
CreateWindowExA
GetMenuState
RegisterClassExA
LoadMenuA
GetSubMenu
TrackPopupMenu
LoadImageA
LoadBitmapA
UpdateWindow
WindowFromPoint
GetActiveWindow
GetNextDlgTabItem
GetDoubleClickTime
ClipCursor
SetTimer
InvertRect
IsClipboardFormatAvailable
GrayStringA
IsChild
MessageBoxA
SetScrollPos
TabbedTextOutA
GetCursorPos
CreateIcon
IsWindowVisible
wsprintfA
DefWindowProcA
ReleaseDC
FillRect
FrameRect
DrawTextA
CopyIcon
GetKeyState
TranslateMessage
DispatchMessageA
ClientToScreen
ScreenToClient
PostMessageA
SetCursor
LoadCursorA
ReleaseCapture
GetMessagePos
IsRectEmpty
PtInRect
SetCapture
CreateIconIndirect
GetIconInfo
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
CharUpperA
IsWindowEnabled
GetDlgItem
SystemParametersInfoA
SetRect
RedrawWindow
CopyRect
GetSystemMetrics
DrawFrameControl
DrawEdge
InflateRect
OffsetRect
DrawFocusRect
GetWindowRect
GetSysColor
SetParent
GetTopWindow
GetParent
GetFocus
SetFocus
GetClientRect
keybd_event
MessageBeep
IsWindow
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
EndDialog
GetWindowPlacement
IsIconic
RegisterWindowMessageA
SetWindowPos
SetWindowLongA
GetWindow
SetForegroundWindow
GetForegroundWindow
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
GetDlgCtrlID
GetWindowTextA
GetWindowTextLengthA
GetMenu
RegisterClassA
GetDC
InvalidateRect
EnableWindow
SendMessageA
DrawStateA
GetCapture
WinHelpA
GetClassInfoA
GetScrollPos
GetNextDlgGroupItem
SetScrollRange
GetScrollRange
ShowScrollBar
SetScrollInfo
GetScrollInfo
ScrollWindow
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
EqualRect
AdjustWindowRectEx
PeekMessageA
MapWindowPoints
SendDlgItemMessageA
LoadIconA
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetDlgItemTextA
IsDialogMessageA
SetWindowTextA
MoveWindow
LockWindowUpdate
GetDCEx
GetTabbedTextExtentA
FindWindowA
PostThreadMessageA
GetClassNameA
SetCursorPos
GetSystemMenu
IsZoomed
TranslateMDISysAccel
DefMDIChildProcA
DrawMenuBar
UnpackDDElParam
DefFrameProcA
BringWindowToTop
TranslateAcceleratorA
ReuseDDElParam
SetMenu
PostQuitMessage
LoadAcceleratorsA
ShowOwnedPopups
GetMessageA
SetRectEmpty
DestroyMenu
RegisterClipboardFormatA
ValidateRect
LoadStringA
SetWindowContextHelpId
CharNextA
MapDialogRect
GetWindowDC
EndPaint
BeginPaint
KillTimer
wvsprintfA
IntersectRect
ShowWindow
CopyAcceleratorTableA
HideCaret
IsWindowUnicode
DefDlgProcA
UnregisterClassA
ExcludeUpdateRgn
ShowCaret

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

winmm

PlaySoundA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

PrintDlgA
CommDlgExtendedError
GetOpenFileNameA
GetFileTitleA
ChooseColorA
GetSaveFileNameA

ole32

CoTaskMemAlloc
RevokeDragDrop
CoLockObjectExternal
OleRun
OleDuplicateData
OleFlushClipboard
OleSetClipboard
ReleaseStgMedium
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoCreateGuid
CoTaskMemFree
OleIsCurrentClipboard
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
CoRevokeClassObject
CreateStreamOnHGlobal
CoFreeUnusedLibraries
OleUninitialize
RegisterDragDrop
DoDragDrop
OleGetClipboard

oledlg

ord8

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 292KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 76KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 789KB - Virtual size: 792KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

86814c66dc2a2451dc56e8ddd854e483

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

glu32

kernel32

msimg32

msvfw32

odbc32

oleaut32

olepro32

opengl32

shell32

shlwapi

user32

version

winmm

winspool.drv

comdlg32

ole32

oledlg

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.data Size: 292KB - Virtual size: 296KB

Size: 76KB - Virtual size: 128KB

.rsrc Size: 789KB - Virtual size: 792KB

.idata Size: 50KB - Virtual size: 50KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.data
Size: 292KB - Virtual size: 296KB

.rsrc
Size: 789KB - Virtual size: 792KB

.idata
Size: 50KB - Virtual size: 50KB