3f4dbdf169d48cc42b9f8f6ab42c8a33c922939c3082b76474a87a195a7f8c53

Sharing

Copy URL Twitter E-mail

General

Target

3f4dbdf169d48cc42b9f8f6ab42c8a33c922939c3082b76474a87a195a7f8c53
Size

6.3MB
MD5

f602f81e977682ef15c655fe1b5cbcc1
SHA1

b0996276cb26db2d59d7702351a2dfb420a4b81d
SHA256

3f4dbdf169d48cc42b9f8f6ab42c8a33c922939c3082b76474a87a195a7f8c53
SHA512

3cc0ef302f86f304795761424507c64ac74281d07340acb9678f0ea9339ae0661134b94a48593db1201fd6966c3daa28e9a2735e00ef77e1233ff12716bde773
SSDEEP

98304:Fd45TVkMuslZ/oX0dIkwz8wtSFZgPZ/muVKydyted4uQy:faiMnlZK0twz5t8ZgPteerQy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f4dbdf169d48cc42b9f8f6ab42c8a33c922939c3082b76474a87a195a7f8c53

Files

3f4dbdf169d48cc42b9f8f6ab42c8a33c922939c3082b76474a87a195a7f8c53
.exe windows:4 windows x86 arch:x86

4c6f4672259f6e4853f36bebf1332cc2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVISaveOptions
AVISaveOptionsFree
AVIStreamRelease
AVIFileRelease
AVIStreamWrite
AVIFileOpenA
AVIFileCreateStreamA
AVIMakeCompressedStream
AVIStreamSetFormat
AVIFileExit
AVIFileInit

msvfw32

DrawDibOpen
DrawDibClose
ord2
DrawDibDraw

shlwapi

PathRemoveFileSpecA
SHAutoComplete

winmm

PlaySoundA
waveOutGetNumDevs
waveOutOpen
waveOutPrepareHeader
waveInGetNumDevs
waveInOpen
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveOutWrite
waveInStop
waveInReset
waveInUnprepareHeader
waveInClose
waveOutReset
waveOutUnprepareHeader
waveOutClose

kernel32

GetACP
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
IsBadWritePtr
UnhandledExceptionFilter
SetHandleCount
GetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
TerminateProcess
CompareStringW
SetEnvironmentVariableA
CreateEventA
CloseHandle
TerminateThread
WaitForSingleObject
SetEvent
ResumeThread
CreateThread
Sleep
VirtualFree
GetProfileIntA
GetProfileStringA
GetTempPathA
GetPrivateProfileSectionNamesA
EnumResourceLanguagesA
EnumResourceTypesA
EnumResourceNamesA
GetExitCodeThread
ResetEvent
CompareStringA
GetCommandLineA
VirtualAlloc
GetFileAttributesA
lstrcatA
GetModuleFileNameA
WriteFile
lstrlenA
lstrcpyA
ReadFile
GetFileSize
CreateFileA
GetTickCount
GetLastError
CreateProcessA
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLocalTime
GetProcAddress
LoadLibraryA
SetUnhandledExceptionFilter
GetWindowsDirectoryA
WideCharToMultiByte
MultiByteToWideChar
LocalFree
LocalAlloc
lstrcpynA
FindClose
FindNextFileA
FindFirstFileA
SetFilePointer
DeleteFileA
MoveFileA
CreateDirectoryA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CopyFileA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
PostQueuedCompletionStatus
GetSystemInfo
CreateIoCompletionPort
InterlockedDecrement
GetQueuedCompletionStatus
InterlockedExchange
CancelIo
OutputDebugStringA
SizeofResource
LockResource
LoadResource
FindResourceA
ExitProcess
GetSystemDirectoryA
LocalSize
lstrcmpA
lstrlenW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
GetVersion
InterlockedIncrement
FormatMessageA
DuplicateHandle
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
GetFullPathNameA
GetStringTypeExA
GetThreadLocale
GetShortPathNameA
SetLastError
MulDiv
GetCurrentThread
SetThreadPriority
GetTempFileNameA
SetFileTime
GetFileTime
GetDiskFreeSpaceA
GlobalFlags
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileAttributesA
SetErrorMode
GetCurrentDirectoryA
HeapFree
HeapAlloc
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetDriveTypeA
ExitThread
RaiseException
GetStartupInfoA

user32

GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetNextDlgTabItem
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetMenuStringA
CreateMenu
InsertMenuA
FillRect
IntersectRect
GetIconInfo
CreatePopupMenu
GetActiveWindow
SetWindowTextW
LockWindowUpdate
GetFocus
GetDesktopWindow
SetMenu
DestroyIcon
MessageBeep
InflateRect
SystemParametersInfoA
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetScrollBarInfo
ShowScrollBar
DrawIconEx
GetKeyState
GetWindowLongA
SetWindowLongA
GetMenuState
GetSystemMenu
AppendMenuA
CheckMenuRadioItem
SetClassLongA
ClipCursor
DestroyCursor
wvsprintfA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
PostQuitMessage
ShowOwnedPopups
ValidateRect
SetWindowContextHelpId
MapDialogRect
SetRectEmpty
WinHelpA
IsChild
DeleteMenu
CharNextA
EnableMenuItem
GetMenuItemCount
CheckMenuItem
GetDlgCtrlID
SetWindowPos
SendMessageTimeoutA
GetParent
ClientToScreen
GetWindow
GrayStringA
DrawTextA
TabbedTextOutA
RedrawWindow
GetTopWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
SetScrollInfo
GetScrollInfo
ScrollWindow
EndDeferWindowPos
BeginDeferWindowPos
LoadImageA
SetParent
ReleaseDC
IsIconic
GetSystemMetrics
DrawIcon
KillTimer
GetCapture
ReleaseCapture
SetCapture
CopyRect
OffsetRect
LoadBitmapA
DeferWindowPos
AdjustWindowRectEx
SetFocus
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
RegisterWindowMessageA
LoadIconA
EnableWindow
SendMessageA
InvalidateRect
SetRect
UnregisterClassA
DrawMenuBar
TranslateMDISysAccel
DefFrameProcA
ExcludeUpdateRgn
DefDlgProcA
GetClipboardFormatNameA
GetAsyncKeyState
IsWindowUnicode
GetWindowLongW
SetWindowLongW
DrawEdge
GetDoubleClickTime
SetCursorPos
UnionRect
GetWindowRgn
HideCaret
ShowCaret
IsMenu
MapWindowPoints
SendDlgItemMessageA
GetDlgItemTextA
SetDlgItemTextA
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
SetMenuItemBitmaps
ModifyMenuA
GetMenuCheckMarkDimensions
PostThreadMessageA
InvertRect
RegisterClipboardFormatA
IsClipboardFormatAvailable
GetTabbedTextExtentA
GetDCEx
GetNextDlgGroupItem
CopyAcceleratorTableA
GetSysColorBrush
GetDialogBaseUnits
GetClassNameA
IsRectEmpty
FindWindowA
IsZoomed
LoadStringA
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
DestroyMenu
TranslateAcceleratorA
LoadAcceleratorsA
GetMenuDefaultItem
SetWindowRgn
GetCursor
GetMenuStringW
LookupIconIdFromDirectoryEx
GetKeyboardLayoutList
GetKeyboardState
ToAsciiEx
GetKeyboardLayout
MapVirtualKeyExA
GetKeyNameTextA
IsCharLowerA
GetMenuItemInfoA
CreateIconIndirect
CreateIconFromResourceEx
DrawFrameControl
DrawAnimatedRects
EnumChildWindows
SetMenuDefaultItem
WaitMessage
MapVirtualKeyA
DrawFocusRect
DrawStateA
MessageBoxA
wsprintfA
PostMessageA
PtInRect
GetWindowRect
GetCursorPos
GetSubMenu
LoadMenuA
GetSysColor
SetTimer
LoadCursorA
EqualRect
IsWindow
CopyIcon
UpdateWindow
SetCursor
WindowFromPoint
ScreenToClient
IsWindowVisible
GetClientRect
GetDC

gdi32

Polygon
GetTextAlign
CreateDIBitmap
SetPixel
GetCurrentObject
GetDIBits
EnumFontFamiliesExA
GetBitmapBits
ExtCreateRegion
GetRgnBox
CreatePolygonRgn
RoundRect
PtInRegion
Polyline
GetViewportOrgEx
ExtFloodFill
Ellipse
SetBrushOrgEx
StrokePath
FillPath
CloseFigure
GetTextExtentPoint32W
ExtTextOutW
GetTextExtentPointA
GetWindowOrgEx
GetTextColor
CopyMetaFileA
GetTextMetricsA
GetCharWidthA
CreateFontIndirectA
CombineRgn
SetRectRgn
CreateRectRgnIndirect
PatBlt
CreatePatternBrush
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
ExtSelectClipRgn
CreateRectRgn
GetClipRgn
PolyBezierTo
GetCurrentPositionEx
SetTextAlign
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetPolyFillMode
GetStockObject
RestoreDC
SaveDC
GetClipBox
CreatePen
SetBkMode
SetBkColor
SetTextColor
SetStretchBltMode
StretchBlt
StretchDIBits
CreateDIBSection
SelectObject
DeleteDC
DeleteObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
LPtoDP
GetMapMode
DPtoLP
GetBkColor
BeginPath
EndPath
StrokeAndFillPath
GetTextExtentPoint32A
GetPixel
SetPixelV
PolyBezier
GetObjectA
CreateFontA
CreateBitmap
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreateSolidBrush

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA
ChooseColorA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegCreateKeyA
RegSetValueA
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegSetValueExA
RegQueryValueA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegEnumKeyA

shell32

DragFinish
ShellExecuteA
Shell_NotifyIconA
SHGetSpecialFolderLocation
SHGetMalloc
DragQueryFileA
SHGetFileInfoA
DragAcceptFiles
SHAppBarMessage
ExtractIconA
SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

ImageList_Remove
ImageList_Draw
ImageList_GetImageInfo
ImageList_Add
ImageList_DrawEx
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetIcon
_TrackMouseEvent
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_SetBkColor
ord17
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA

oledlg

ord1
ord8

ole32

ReleaseStgMedium
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoInitialize
CoCreateInstance
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemFree
OleDuplicateData
CoUninitialize
CLSIDFromProgID
CLSIDFromString
OleInitialize
CoDisconnectObject
CoTaskMemAlloc
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard

olepro32

ord253

oleaut32

OleLoadPicturePath
VariantChangeTypeEx
LoadTypeLi
SysStringLen
VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
VarBstrFromDate
VarDateFromStr
SysStringByteLen
VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
VariantClear
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData

urlmon

URLDownloadToFileA

ws2_32

inet_ntoa
getpeername
closesocket
WSACleanup
select
connect
htons
gethostbyname
ioctlsocket
socket
WSAStartup
listen
bind
WSAEventSelect
WSASocketA
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
WSAGetLastError
WSARecv
WSASend
setsockopt
WSACloseEvent
WSAIoctl
gethostname
ntohs
getsockname
shutdown
WSACreateEvent
accept

skinh

SkinH_Detach
SkinH_AttachEx

wininet

HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetGetLastResponseInfoA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA

imm32

ImmAssociateContext

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rotext
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 404KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 784KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c6f4672259f6e4853f36bebf1332cc2

Headers

File Characteristics

Imports

avifil32

msvfw32

shlwapi

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

ws2_32

skinh

wininet

imm32

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rodata Size: 12KB - Virtual size: 11KB

.rotext Size: 112KB - Virtual size: 108KB

.rdata Size: 404KB - Virtual size: 401KB

.data Size: 784KB - Virtual size: 1.2MB

.rsrc Size: 3.0MB - Virtual size: 3.0MB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rodata
Size: 12KB - Virtual size: 11KB

.rotext
Size: 112KB - Virtual size: 108KB

.rdata
Size: 404KB - Virtual size: 401KB

.data
Size: 784KB - Virtual size: 1.2MB

.rsrc
Size: 3.0MB - Virtual size: 3.0MB