aaa757fb0561b2d86c4e797cdb9e5b2db7365915370c23869b1c81994ba4854c

Sharing

Copy URL Twitter E-mail

General

Target

aaa757fb0561b2d86c4e797cdb9e5b2db7365915370c23869b1c81994ba4854c
Size

14.1MB
MD5

1c87c09e25f6cf6b0f955516594e5cb5
SHA1

26ec883057620dd1aada71fc210dfc4ef60640ca
SHA256

aaa757fb0561b2d86c4e797cdb9e5b2db7365915370c23869b1c81994ba4854c
SHA512

f222c8f62445f660f1a51ef98e3dfed37755c6c404a884d8df6e80c0972757d39d93e8a96bb37a0d5d8a95d8d81ab2afe1403ed45dffd071f601bee39d66b552
SSDEEP

393216:/v6bHglwZNNV7NcC6g6v66666ES66666E6kD66666E66gD66666E664D666U66yZ:X6bHiwZNNrcC6g6v66666ES66666E6kq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aaa757fb0561b2d86c4e797cdb9e5b2db7365915370c23869b1c81994ba4854c

Files

aaa757fb0561b2d86c4e797cdb9e5b2db7365915370c23869b1c81994ba4854c
.exe windows:6 windows x86 arch:x86

b81d4a9bc898a85be756dc60f1268904

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
VirtualQuery
FindNextFileW
GetCommandLineA
GetFullPathNameW
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
RtlUnwind
GetStringTypeW
LCMapStringEx
OutputDebugStringW
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
GetDriveTypeW
ReadConsoleW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
CreateFileW
GetCurrentDirectoryW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
CreateEventW
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetUserDefaultLCID
GetTempFileNameA
GetProfileIntA
SearchPathA
FindResourceExW
GetWindowsDirectoryA
GetTempPathA
GetCPInfo
FindFirstFileExW
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
GetACP
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CopyFileA
FormatMessageA
InitializeCriticalSectionAndSpinCount
SetThreadPriority
VerifyVersionInfoA
VerSetConditionMask
GetCurrentThread
lstrcmpA
FileTimeToLocalFileTime
GetVersionExA
MulDiv
GetCurrentProcessId
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
FindResourceA
GetThreadLocale
lstrcmpiA
LoadLibraryW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetCurrentProcess
SetLastError
DuplicateHandle
GetVolumeInformationA
UnlockFile
SetEndOfFile
LockFile
GetFullPathNameA
FlushFileBuffers
DeleteFileA
GetProcessHeap
DecodePointer
HeapAlloc
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
HeapFree
ExitProcess
DeleteCriticalSection
GetTickCount
GetLocalTime
GetQueuedCompletionStatus
GetSystemInfo
CreateIoCompletionPort
PostQueuedCompletionStatus
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetModuleFileNameA
OutputDebugStringA
LocalSize
LocalReAlloc
MultiByteToWideChar
GlobalSize
GlobalFree
VirtualProtect
GlobalUnlock
GlobalLock
GlobalAlloc
FindNextFileA
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
SetFilePointer
FindClose
FindFirstFileA
GetCurrentDirectoryA
GetLastError
CreateDirectoryA
GetFileAttributesA
CreateEventA
lstrcpyA
lstrlenA
LoadLibraryA
GetProcAddress
lstrcatA
GetSystemDirectoryA
MoveFileW
LocalFree
WriteFile
LocalAlloc
ReadFile
GetFileSize
CreateFileA
CancelIo
VirtualAlloc
VirtualFree
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
RaiseException
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
WaitForMultipleObjects
WaitForSingleObject
ResumeThread
CreateThread
CloseHandle
SetEvent
Sleep
GetCommandLineW
WriteConsoleW

user32

DestroyMenu
GetMenuStringA
SetRectEmpty
ClientToScreen
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
GetWindowThreadProcessId
DrawStateA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExA
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
PtInRect
EqualRect
GetSysColor
MapWindowPoints
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
GetForegroundWindow
TrackPopupMenu
GetMenuItemID
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
PeekMessageA
RegisterWindowMessageA
IsDialogMessageA
GetMenuItemInfoA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
GetFocus
SetFocus
GetDlgCtrlID
SendDlgItemMessageA
CheckDlgButton
SetDlgItemTextA
SetWindowPos
ReleaseCapture
ShowWindow
SetActiveWindow
IsWindowEnabled
GetActiveWindow
DeleteMenu
NotifyWinEvent
CreatePopupMenu
GetMessageA
SetWindowRgn
DispatchMessageA
IsWindow
DestroyWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamA
CharUpperA
UnhookWindowsHookEx
UnregisterClassA
SetForegroundWindow
GetDesktopWindow
CopyRect
DrawIcon
IsIconic
SetLayeredWindowAttributes
MessageBeep
OffsetRect
InflateRect
GetSysColorBrush
SetCapture
DrawFocusRect
IsRectEmpty
EnumDisplayMonitors
ShowOwnedPopups
SetTimer
KillTimer
WindowFromPoint
InsertMenuA
RemoveMenu
RealChildWindowFromPoint
CopyImage
GetAsyncKeyState
TrackMouseEvent
IsZoomed
SetParent
UpdateWindow
InvalidateRect
SystemParametersInfoA
GetKeyNameTextA
MapVirtualKeyA
PostQuitMessage
SetWindowContextHelpId
MapDialogRect
DrawEdge
GetWindow
DrawFrameControl
SetRect
EnableWindow
SendMessageA
LoadCursorA
SetClassLongA
GetSystemMenu
AppendMenuA
GetDC
InvalidateRgn
ReleaseDC
BeginPaint
GetClientRect
FillRect
EndPaint
CheckMenuItem
GetMenuState
GetKeyState
LoadIconA
CharNextA
MessageBoxA
IsWindowVisible
GetParent
LoadMenuW
GetSubMenu
GetCursorPos
GetMenuItemCount
EnableMenuItem
wsprintfA
PostMessageA
OpenClipboard
GetKeyboardState
EmptyClipboard
SetClipboardData
CloseClipboard
DestroyCursor
CheckMenuRadioItem
GetIconInfo
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
GetWindowRect
IntersectRect
DrawIconEx
ShowScrollBar
LoadCursorW
UnionRect
DrawTextA
MonitorFromPoint
DestroyIcon
LoadImageW
BringWindowToTop
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
GetSystemMetrics
GetClipboardData
LoadIconW
SetCursor
LoadImageA
GetWindowLongA
SetWindowLongA
ScreenToClient
GetScrollBarInfo
ClipCursor
SendMessageTimeoutA
TranslateMessage
UnpackDDElParam
ReuseDDElParam
WaitMessage
CopyAcceleratorTableA
GetNextDlgGroupItem
SetCursorPos
LockWindowUpdate
GetDoubleClickTime
CopyIcon
ModifyMenuA
DestroyAcceleratorTable
GetUpdateRect
GetKeyboardLayout
GetWindowRgn
CreateMenu
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
MapVirtualKeyExA
IsCharLowerA
IsClipboardFormatAvailable
SubtractRect
InvertRect
HideCaret
PostThreadMessageA
FrameRect
CharUpperBuffA
RegisterClipboardFormatA
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
MoveWindow

gdi32

GetPixel
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
CreateRectRgnIndirect
PatBlt
CreateFontA
GetCharWidthA
CombineRgn
GetMapMode
CreateRectRgn
DPtoLP
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
GetObjectType
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CopyMetaFileA
CreateDCA
CreateRoundRectRgn
GetRgnBox
RealizePalette
SetPixel
SetDIBColorTable
Rectangle
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
EnumFontFamiliesExA
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceA
CreatePatternBrush
CreatePen
CreateHatchBrush
GetStockObject
CreateBitmap
GetObjectA
TextOutA
SetBkMode
StretchBlt
SetStretchBltMode
ExtTextOutA
SetTextColor
SetBkColor
StretchDIBits
CreateDIBSection
GetDeviceCaps
GetClipBox
ExcludeClipRect
Polyline
Escape
BitBlt
CreateSolidBrush
DeleteObject
DeleteDC
SetDIBits
SelectObject
CreateCompatibleBitmap
SetRectRgn
GetViewportExtEx
CreateCompatibleDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegEnumKeyExA
RegCloseKey
RegQueryValueA

shell32

ShellExecuteA
DragFinish
SHGetDesktopFolder
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
Shell_NotifyIconA
SHAppBarMessage
DragQueryFileA
ord71
SHGetFileInfoA
DragQueryFileW
ExtractIconA

comctl32

InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_AddMasked

shlwapi

PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA
PathFindFileNameA
StrFormatKBSizeA

uxtheme

GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
DrawThemeText
GetWindowTheme
GetThemeSysColor
OpenThemeData
IsAppThemed
DrawThemeBackground
CloseThemeData

ole32

OleInitialize
OleGetClipboard
ReleaseStgMedium
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRevokeClassObject
CoRegisterMessageFilter
OleUninitialize
OleDestroyMenuDescriptor
CoFreeUnusedLibraries
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
OleDuplicateData
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoInitializeEx
CoUninitialize
CoInitialize
CoTaskMemFree
CoCreateInstance
CoLockObjectExternal

oleaut32

SysFreeString
SafeArrayDestroy
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
LoadTypeLi
SysAllocStringByteLen
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime

oledlg

ord8

gdiplus

GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageWidth
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdiplusShutdown

winmm

PlaySoundA
waveOutPrepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutWrite
waveInStart
waveInAddBuffer
waveInPrepareHeader
waveInOpen
waveOutClose
waveOutUnprepareHeader
waveOutReset
timeEndPeriod
timeBeginPeriod
waveInClose
waveInUnprepareHeader
waveInReset
waveInStop

avrt

AvSetMmThreadCharacteristicsA
AvRevertMmThreadCharacteristics

avifil32

AVIFileInit
AVIFileExit
AVIFileOpenA
AVIFileCreateStreamA
AVIStreamSetFormat
AVIStreamWrite
AVIStreamRelease
AVIFileRelease

msvfw32

ICOpen
ICSeqCompressFrameStart
ICDecompress
ICSeqCompressFrameEnd
DrawDibOpen
DrawDibDraw
ICClose
ICCompressorFree
ICSendMessage

ws2_32

gethostbyname
htons
connect
select
WSACleanup
WSASocketA
WSACreateEvent
WSAEventSelect
ioctlsocket
listen
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
socket
accept
WSAStartup
WSAGetLastError
setsockopt
WSAIoctl
WSARecv
WSASend
closesocket
inet_ntoa
bind
getpeername
gethostname
WSACloseEvent

pdh

PdhOpenQueryA
PdhCloseQuery
PdhAddCounterA
PdhCollectQueryData
PdhGetFormattedCounterValue

imm32

ImmAssociateContext
ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 452KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10.1MB - Virtual size: 10.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b81d4a9bc898a85be756dc60f1268904

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

winmm

avrt

avifil32

msvfw32

ws2_32

pdh

imm32

oleacc

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 452KB - Virtual size: 451KB

.data Size: 10.1MB - Virtual size: 10.1MB

.rsrc Size: 1.7MB - Virtual size: 1.7MB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 452KB - Virtual size: 451KB

.data
Size: 10.1MB - Virtual size: 10.1MB

.rsrc
Size: 1.7MB - Virtual size: 1.7MB