daa24135f2e6225231a5d1b5bba087f38091bda9e8e23ab44f096fe5b0ca996f

Sharing

Copy URL

Twitter E-mail

General

Target

daa24135f2e6225231a5d1b5bba087f38091bda9e8e23ab44f096fe5b0ca996f
Size

8.8MB
MD5

930a2b4d1a63b51d0d448493058e58da
SHA1

f261d93a6460b87c236951a65f59dc827b645ce7
SHA256

daa24135f2e6225231a5d1b5bba087f38091bda9e8e23ab44f096fe5b0ca996f
SHA512

0b425d53b9de32b6b48648d32276c264f56edc0abab283b847693ada6e17c6ceba2f80571adfdfdf1a0250f73bf238c025ae4729b6a8e78377ef31515e5af7a4
SSDEEP

98304:EM9ehNW0y81bj2gHgPkaPI6eGm0yNQ8PcibqKgWKjVJ4KSmNxV:E80NW0y8Fj72Ky+K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
daa24135f2e6225231a5d1b5bba087f38091bda9e8e23ab44f096fe5b0ca996f

Files

daa24135f2e6225231a5d1b5bba087f38091bda9e8e23ab44f096fe5b0ca996f
.exe windows:4 windows x86 arch:x86

bb6dcb680987fa01fe842dc849d33c24

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
CompareStringA
GetOEMCP
LCMapStringA
IsBadReadPtr
GetACP
GetCPInfo
SetConsoleCtrlHandler
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
SetEndOfFile
LCMapStringW
IsBadCodePtr
WaitForSingleObject
SetUnhandledExceptionFilter
CreateProcessA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
SetHandleCount
GetProcAddress
RaiseException
GetSystemTimeAsFileTime
WriteFile
ReadFile
SetFilePointer
CreateFileW
CreateFileA
CloseHandle
GetFileType
PeekNamedPipe
GetFileInformationByHandle
DeleteFileW
DeleteFileA
MoveFileW
GetFileAttributesW
GetFileAttributesA
RemoveDirectoryW
RemoveDirectoryA
CreateDirectoryW
CreateDirectoryA
SetCurrentDirectoryW
SetEnvironmentVariableW
GetFullPathNameW
GetCurrentDirectoryW
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
GetDriveTypeW
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetVersion
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapReAlloc
HeapFree
GetCurrentProcess
TerminateProcess
GetSystemTime
GetTimeZoneInformation
RtlUnwind
GetLogicalDrives
FindFirstFileW
FindNextFileW
FindClose
GetLocalTime
GlobalAlloc
GlobalLock
GlobalSize
GlobalUnlock
GetTickCount
GetVersionExA
OutputDebugStringA
ExitProcess
GetModuleHandleW
GetModuleFileNameA
GetExitCodeProcess
CompareStringW
WideCharToMultiByte
GetFileSize
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetLocaleInfoW
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetCurrentProcessId
GetDiskFreeSpaceA
FatalAppExitA
lstrlenA
LocalAlloc
GlobalFree
GetModuleHandleA
ReleaseSemaphore
CreateSemaphoreA
GetProcessTimes
SystemTimeToFileTime
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
FreeLibrary
Sleep
FormatMessageA
FindNextFileA
LocalFree
FindFirstFileA
GetLastError
MultiByteToWideChar
GetFullPathNameA

shell32

ShellExecuteA

user32

GetMessageA
DefWindowProcW
DefWindowProcA
SetWindowLongA
SetParent
GetMessageW
GetWindowLongA
GetDesktopWindow
CreateWindowExA
SetWindowPos
GetWindowRect
GetClientRect
MoveWindow
GetSystemMetrics
ScreenToClient
ClientToScreen
IsWindowVisible
SetCaretPos
HideCaret
CreateCaret
SetWindowTextA
SetWindowTextW
ChangeClipboardChain
SendMessageA
CreateIconIndirect
DestroyIcon
CallNextHookEx
SetCapture
SetWindowsHookExA
SetCursor
UnhookWindowsHookEx
ReleaseCapture
SetActiveWindow
InvalidateRect
ValidateRgn
UpdateWindow
ShowWindow
SetFocus
IsIconic
ScrollWindow
PeekMessageW
TranslateMessage
SetWindowRgn
DrawFocusRect
SetTimer
GetSysColor
SystemParametersInfoA
SystemParametersInfoW
KillTimer
RegisterClassA
LoadIconA
RegisterClassW
LoadIconW
UnregisterClassA
UnregisterClassW
ChildWindowFromPoint
WindowFromPoint
MessageBeep
RegisterWindowMessageA
DispatchMessageA
DispatchMessageW
PeekMessageA
DestroyWindow
GetDC
GetDoubleClickTime
ReleaseDC
GetWindowDC
wsprintfA
wvsprintfA
GetFocus
GetCursorPos
GetKeyState
TrackPopupMenuEx
IsZoomed
EnableMenuItem
GetSystemMenu
EndPaint
BeginPaint
SetCaretBlinkTime
GetCaretBlinkTime
SetDoubleClickTime
MessageBoxA
DestroyCursor
SetCursorPos
LoadCursorA
LoadCursorW
CreateCursor
SetRect
RegisterClipboardFormatA
GetClipboardData
EnumClipboardFormats
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
SendMessageW
SetClipboardViewer

gdi32

GetStockObject
CreatePen
CreateHatchBrush
MaskBlt
DeleteObject
BitBlt
SetBkColor
SetTextColor
SelectObject
CreateSolidBrush
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
GetObjectA
GetObjectW
CreateBitmap
SelectClipRgn
GetDeviceCaps
OffsetRgn
CombineRgn
CreateRectRgn
GetTextMetricsA
GetTextMetricsW
CreatePatternBrush
GetWindowExtEx
SetWindowOrgEx
SetStretchBltMode
SetTextAlign
SetROP2
SetBkMode
RealizePalette
SelectPalette
GdiFlush
SetBrushOrgEx
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
Polyline
Polygon
SetPixelV
MoveToEx
LineTo
Rectangle
PatBlt
RoundRect
Ellipse
Arc
Pie
Chord
SetPolyFillMode
PolyBezier
StretchBlt
TextOutW
GetDIBits
SetDIBitsToDevice
GetTextFaceA
GetTextFaceW
CreateFontIndirectA
CreateFontIndirectW
GetCharABCWidthsFloatW
GetCharABCWidthsA
GetCharABCWidthsW
GetTextExtentPoint32W
CreatePalette
UpdateColors
GetNearestPaletteIndex
CreateEllipticRgn
CreatePolygonRgn
ExtCreateRegion
PtInRegion
RectInRegion
GetRgnBox
GetRegionData
EqualRgn
ChoosePixelFormat
DescribePixelFormat
SetPixelFormat
SwapBuffers

comdlg32

GetOpenFileNameW
GetOpenFileNameA
GetSaveFileNameW
GetSaveFileNameA

advapi32

RegQueryValueExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA

ole32

CoCreateGuid
StgCreateDocfile
StgIsStorageFile
StgOpenStorage
OleRegGetUserType
CreateStreamOnHGlobal
CreateBindCtx
CoCreateInstance
CoGetMalloc
RegisterDragDrop
ReleaseStgMedium
OleUninitialize
OleInitialize
CoLockObjectExternal
StringFromCLSID
CoFileTimeNow
RevokeDragDrop
DoDragDrop

imm32

ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow
ImmSetCompositionFontW
ImmSetCompositionFontA

wsock32

WSAAsyncSelect
select
recv
ntohs
inet_ntoa
__WSAFDIsSet
getsockopt
WSAGetLastError
getsockname
bind
listen
closesocket
gethostbyname
htons
socket
connect
send
gethostname
WSAStartup
WSACleanup

glu32

gluScaleImage

opengl32

glVertex3fv
glLoadMatrixf
glAlphaFunc
wglShareLists
glMaterialfv
glDepthRange
glReadPixels
glShadeModel
glClearColor
glClearDepth
glClear
glDepthMask
glRotatef
glFlush
glViewport
glRasterPos3i
glVertex3iv
glRasterPos3d
glLightModelf
glLightfv
glPushAttrib
glListBase
wglCreateContext
glCallLists
glPointSize
glColor4bv
glNormal3fv
glTexCoord2fv
glReadBuffer
glBlendFunc
glMatrixMode
glScaled
glIsEnabled
glColor3fv
glLineWidth
glColor4ubv
glPushMatrix
glTranslated
glMultMatrixf
glTranslatef
glBegin
glEnd
glPopMatrix
glScalef
glEnable
wglDeleteContext
glDisable
glBindTexture
glTexImage2D
glClearIndex
glColor3ub
glIndexi
glDrawBuffer
wglMakeCurrent
glTexGenfv
glTexGeni
glTexEnvf
glTexParameterf
glPixelStorei
glPopAttrib

Sections

.text
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

FPXBasel
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

OLECore
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

SystemTo
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BufferDe
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PHierarc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

FPXImage
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PageIVUE
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Geometri
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

FlashPix
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

OLEStora
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

OLEPrope
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PTile
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PRIImage
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

OLEFiles
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

FlashPix
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PResolut
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PResolut
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PlutonCo
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PImageFi
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

OLEPrope
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

OLECusto
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

OLEStrea
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

OLEHeade
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

OLEEnumS
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CombinMa
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PTileFla
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Graphiqu
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 532KB - Virtual size: 531KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 388KB - Virtual size: 385KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb6dcb680987fa01fe842dc849d33c24

Headers

File Characteristics

Imports

kernel32

shell32

user32

gdi32

comdlg32

advapi32

ole32

imm32

wsock32

glu32

opengl32

Sections

.text Size: 5.7MB - Virtual size: 5.7MB

FPXBasel Size: 24KB - Virtual size: 22KB

OLECore Size: 12KB - Virtual size: 11KB

SystemTo Size: 12KB - Virtual size: 8KB

BufferDe Size: 16KB - Virtual size: 15KB

PHierarc Size: 16KB - Virtual size: 14KB

FPXImage Size: 28KB - Virtual size: 24KB

PageIVUE Size: 8KB - Virtual size: 7KB

Geometri Size: 16KB - Virtual size: 12KB

FlashPix Size: 12KB - Virtual size: 9KB

OLEStora Size: 16KB - Virtual size: 13KB

OLEPrope Size: 12KB - Virtual size: 10KB

PTile Size: 16KB - Virtual size: 15KB

PRIImage Size: 8KB - Virtual size: 5KB

OLEFiles Size: 8KB - Virtual size: 6KB

FlashPix Size: 8KB - Virtual size: 4KB

PResolut Size: 24KB - Virtual size: 21KB

PResolut Size: 12KB - Virtual size: 11KB

PlutonCo Size: 8KB - Virtual size: 6KB

PImageFi Size: 8KB - Virtual size: 4KB

OLEPrope Size: 8KB - Virtual size: 7KB

OLECusto Size: 8KB - Virtual size: 7KB

OLEStrea Size: 20KB - Virtual size: 19KB

OLEHeade Size: 8KB - Virtual size: 4KB

OLEEnumS Size: 8KB - Virtual size: 4KB

CombinMa Size: 8KB - Virtual size: 5KB

PTileFla Size: 20KB - Virtual size: 16KB

Graphiqu Size: 8KB - Virtual size: 5KB

.rdata Size: 532KB - Virtual size: 531KB

.data Size: 1.8MB - Virtual size: 3.0MB

.idata Size: 16KB - Virtual size: 12KB

.rsrc Size: 12KB - Virtual size: 9KB

.reloc Size: 388KB - Virtual size: 385KB

.text
Size: 5.7MB - Virtual size: 5.7MB

FPXBasel
Size: 24KB - Virtual size: 22KB

OLECore
Size: 12KB - Virtual size: 11KB

SystemTo
Size: 12KB - Virtual size: 8KB

BufferDe
Size: 16KB - Virtual size: 15KB

PHierarc
Size: 16KB - Virtual size: 14KB

FPXImage
Size: 28KB - Virtual size: 24KB

PageIVUE
Size: 8KB - Virtual size: 7KB

Geometri
Size: 16KB - Virtual size: 12KB

FlashPix
Size: 12KB - Virtual size: 9KB

OLEStora
Size: 16KB - Virtual size: 13KB

OLEPrope
Size: 12KB - Virtual size: 10KB

PTile
Size: 16KB - Virtual size: 15KB

PRIImage
Size: 8KB - Virtual size: 5KB

OLEFiles
Size: 8KB - Virtual size: 6KB

FlashPix
Size: 8KB - Virtual size: 4KB

PResolut
Size: 24KB - Virtual size: 21KB

PResolut
Size: 12KB - Virtual size: 11KB

PlutonCo
Size: 8KB - Virtual size: 6KB

PImageFi
Size: 8KB - Virtual size: 4KB

OLEPrope
Size: 8KB - Virtual size: 7KB

OLECusto
Size: 8KB - Virtual size: 7KB

OLEStrea
Size: 20KB - Virtual size: 19KB

OLEHeade
Size: 8KB - Virtual size: 4KB

OLEEnumS
Size: 8KB - Virtual size: 4KB

CombinMa
Size: 8KB - Virtual size: 5KB

PTileFla
Size: 20KB - Virtual size: 16KB

Graphiqu
Size: 8KB - Virtual size: 5KB

.rdata
Size: 532KB - Virtual size: 531KB

.data
Size: 1.8MB - Virtual size: 3.0MB

.idata
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 12KB - Virtual size: 9KB

.reloc
Size: 388KB - Virtual size: 385KB