7d26f6602dcda9a653c18e0350574d7d4861a1f086d79a29ffe7196f0327f896

Sharing

Copy URL Twitter E-mail

General

Target

7d26f6602dcda9a653c18e0350574d7d4861a1f086d79a29ffe7196f0327f896
Size

2.5MB
MD5

4e9f607ba8379e27c028416fe70b82e6
SHA1

6cb02e5ec5cb5e55c9fa27ca27bc919b14dc187e
SHA256

7d26f6602dcda9a653c18e0350574d7d4861a1f086d79a29ffe7196f0327f896
SHA512

12e9058843b61942d8acc99595bc8f76fbba7058a7bc161f990c925d1b7c5f85688235e4166d6c730d924152599905101c042b9fcf79993d6f78e9cc2803bf63
SSDEEP

24576:DWaYN3YwFcjaJOxpMsGpyxabBpPxrHyenFYe:aBfFcjaJsrayxQBbBYe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d26f6602dcda9a653c18e0350574d7d4861a1f086d79a29ffe7196f0327f896

Files

7d26f6602dcda9a653c18e0350574d7d4861a1f086d79a29ffe7196f0327f896
.exe windows:4 windows x86 arch:x86

ae8b0c52e91273a1883ddb92ba853022

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mumsg

??1CMsg@@QAE@XZ
??0CMsg@@QAE@XZ
?LoadWTF@CMsg@@QAEXPAD@Z
?Get@CMsg@@QAEPADH@Z

winmm

timeGetTime
sndPlaySoundA

ws2_32

inet_ntoa
WSAAsyncSelect
WSACleanup
send
htons
inet_addr
gethostbyname
connect
WSAStartup
WSAGetLastError
socket
recv
closesocket

wz_zp

BZ2_bzDecompressInit
BZ2_bzDecompress
BZ2_bzDecompressEnd

kernel32

TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
SizeofResource
SetErrorMode
GetTickCount
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
HeapFree
GetACP
TerminateProcess
HeapSize
HeapReAlloc
SetStdHandle
GetFileType
CompareStringA
CompareStringW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetExitCodeProcess
CreateProcessA
SetEnvironmentVariableA
GetProfileStringA
SetFileAttributesA
GetLastError
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
CreateEventA
GlobalAlloc
lstrcmpA
GetCurrentThread
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleFileNameA
CreateMutexA
FreeEnvironmentStringsA
GetCurrentDirectoryA
Sleep
CreateDirectoryA
RemoveDirectoryA
GetFileAttributesA
lstrcmpiA
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
lstrcpynA
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalFree
GlobalLock
GlobalUnlock
MulDiv
WaitForSingleObject
SetLastError
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetProcAddress
DeleteFileA
CopyFileA
CreateFileA
GetFileSize
WriteFile
ReadFile
CloseHandle
WritePrivateProfileStringA
GetPrivateProfileStringA
ResetEvent

user32

SetWindowContextHelpId
MapDialogRect
CharNextA
LoadStringA
PtInRect
LoadCursorA
GetSysColorBrush
DestroyMenu
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
ShowWindow
SetWindowTextA
IsDialogMessageA
CheckRadioButton
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
IsWindowEnabled
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
ClientToScreen
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetFocus
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
GetMessageA
IsWindowVisible
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
GetDesktopWindow
LoadImageA
GetWindowLongA
SetWindowLongA
IsChild
GetClassNameA
GetDC
PeekMessageA
TranslateMessage
DispatchMessageA
KillTimer
PostQuitMessage
wsprintfA
SetRect
DrawIcon
FindWindowA
SetTimer
LoadIconA
MessageBoxA
GrayStringA
DrawTextA
TabbedTextOutA
RedrawWindow
ValidateRect
GetCursorPos
SetCursor
CharUpperA
InflateRect
IsWindow
GetSysColor
GetParent
SendMessageA
InvalidateRect
EnableWindow
PostMessageA
IsIconic
GetSystemMetrics
GetClientRect
LoadBitmapA
GetDlgItem
MoveWindow
IsWindowUnicode
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
GetKeyState

gdi32

GetClipBox
SetTextColor
SetBkColor
CreateBitmap
DeleteDC
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
IntersectClipRect
SetTextAlign
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PatBlt
GetMapMode
DPtoLP
GetTextColor
GetBkColor
LPtoDP
SetDIBitsToDevice
StretchDIBits
GetDIBits
SelectObject
StretchBlt
DeleteObject
CreatePalette
RealizePalette
GetStockObject
GetCurrentObject
CreateFontIndirectA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateCompatibleBitmap
CreateCompatibleDC
CreateRectRgn
BitBlt
GetTextExtentPointA
CreateDIBitmap
GetObjectA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey

shell32

SHFileOperationA
ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

OleFlushClipboard
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleIsCurrentClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize

olepro32

ord253

oleaut32

VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
VariantTimeToSystemTime
SysStringLen
SysAllocStringLen
SysFreeString
VariantClear

wininet

FtpFindFirstFileA
InternetFindNextFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpGetFileA
InternetOpenA
InternetConnectA
InternetCloseHandle
InternetGetLastResponseInfoA
InternetSetStatusCallback
FtpOpenFileA
InternetReadFile

Sections

.text
Size: 224KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae8b0c52e91273a1883ddb92ba853022

Headers

File Characteristics

Imports

mumsg

winmm

ws2_32

wz_zp

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

Sections

.text Size: 224KB - Virtual size: 222KB

.rdata Size: 52KB - Virtual size: 48KB

.data Size: 24KB - Virtual size: 218KB

.rsrc Size: 2.2MB - Virtual size: 2.2MB

.text
Size: 224KB - Virtual size: 222KB

.rdata
Size: 52KB - Virtual size: 48KB

.data
Size: 24KB - Virtual size: 218KB

.rsrc
Size: 2.2MB - Virtual size: 2.2MB