95e8630bd380b845d7d6570ca13516075233d4e059f87b6f4e8ceb9e71a9165d

Sharing

Copy URL Twitter E-mail

General

Target

95e8630bd380b845d7d6570ca13516075233d4e059f87b6f4e8ceb9e71a9165d
Size

2.2MB
MD5

9868eab45dd47bc998848fef1d584870
SHA1

a603cb4f00e46ab51014c15240592c0b572114cc
SHA256

95e8630bd380b845d7d6570ca13516075233d4e059f87b6f4e8ceb9e71a9165d
SHA512

5154a78ba20c213f7bafa07b8a069bd86e6b22fccec79d8fafbaad0623e6c2a5c128b8b46f432fcc2423c89695d2329f13c1268ff20508c32b29933e20aa728e
SSDEEP

49152:l+/7hhGAidnzf4L8wpX1Wp27fmRLvD8c0XHq5cnR3eS4i6/OD6dvr0jyhXb+MPCC:oTGAidnsL8y1Wpecz30Xq5cnR3lI/Bxa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95e8630bd380b845d7d6570ca13516075233d4e059f87b6f4e8ceb9e71a9165d

Files

95e8630bd380b845d7d6570ca13516075233d4e059f87b6f4e8ceb9e71a9165d
.exe windows:5 windows x86 arch:x86

9be81ae18727285b07073e1cbc1818ff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
SetEnvironmentVariableA
WriteConsoleW
CompareStringW
GetStringTypeW
GetDriveTypeW
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
CreateFileW
HeapCreate
FindFirstFileExA
GetDriveTypeA
GetFileInformationByHandle
ExpandEnvironmentStringsA
WaitForMultipleObjects
PeekNamedPipe
VerSetConditionMask
VerifyVersionInfoA
SleepEx
FreeEnvironmentStringsW
GetStdHandle
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
IsProcessorFeaturePresent
LCMapStringW
IsValidCodePage
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetFileType
SetStdHandle
HeapQueryInformation
HeapSize
CreateThread
ExitThread
HeapReAlloc
VirtualQuery
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapAlloc
HeapFree
ExitProcess
DecodePointer
EncodePointer
RaiseException
RtlUnwind
SearchPathA
GetNumberFormatA
GetWindowsDirectoryA
GetFileSizeEx
GetFileAttributesExA
FindResourceExW
GetACP
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
GetDiskFreeSpaceA
GetTempFileNameA
GetFileTime
ReplaceFileA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GetModuleHandleW
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
CreateEventA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
MoveFileA
lstrcmpiA
GetThreadLocale
GetStringTypeExA
GetProfileIntA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
GetModuleFileNameW
ReleaseActCtx
GetCurrentProcessId
FindResourceA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
CompareStringA
LoadLibraryW
lstrcmpW
CopyFileA
GlobalSize
GlobalAlloc
FormatMessageA
LocalFree
lstrlenW
MulDiv
WriteFile
SetFileTime
GetCurrentDirectoryA
GetFileAttributesA
LocalFileTimeToFileTime
lstrcpyA
lstrlenA
lstrcatA
SystemTimeToFileTime
SetFilePointer
InterlockedDecrement
InterlockedIncrement
CreateDirectoryA
FreeLibrary
ActivateActCtx
DeactivateActCtx
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetTempPathA
DeviceIoControl
DeleteFileA
WaitForSingleObject
TerminateThread
GetTickCount
GlobalMemoryStatusEx
CreateFileMappingA
MapViewOfFile
Sleep
FlushViewOfFile
UnmapViewOfFile
CloseHandle
GetLastError
GetSystemInfo
VirtualProtect
VirtualFree
FindFirstFileA
FindClose
MultiByteToWideChar
GlobalLock
GlobalUnlock
GlobalFree
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
GetSystemDirectoryA
GetModuleFileNameA
CreateFileA
GetFileSize
VirtualAlloc
ReadFile
GetCurrentDirectoryW

user32

CharUpperA
WindowFromPoint
SystemParametersInfoA
GetMenuItemInfoA
IsClipboardFormatAvailable
MapDialogRect
GetAsyncKeyState
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
MapVirtualKeyA
GetKeyNameTextA
LoadCursorW
LoadCursorA
DestroyCursor
RedrawWindow
SetCursorPos
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
GetActiveWindow
SetCursor
LoadAcceleratorsA
IsIconic
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
GetDesktopWindow
TranslateAcceleratorA
IntersectRect
GetWindowThreadProcessId
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
IsWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
ValidateRect
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MessageBeep
GetMonitorInfoA
MapWindowPoints
ScrollWindow
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
GetDCEx
LockWindowUpdate
LoadAcceleratorsW
SetWindowPos
GetWindow
CreateMenu
PostThreadMessageA
TrackPopupMenu
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
LoadImageA
DestroyIcon
TranslateMessage
GetMessageA
IsRectEmpty
SetWindowRgn
PostQuitMessage
ShowOwnedPopups
SetWindowContextHelpId
IsZoomed
DeleteMenu
GetSystemMenu
SetParent
GetSysColorBrush
RealChildWindowFromPoint
EnumDisplayMonitors
SetLayeredWindowAttributes
DrawEdge
DrawIcon
CopyRect
LoadIconA
IsWindowVisible
GetWindowLongA
SetWindowLongA
LoadIconW
SetForegroundWindow
UpdateWindow
wsprintfA
MessageBoxA
UnionRect
CopyAcceleratorTableA
InvalidateRgn
CharNextA
EndDeferWindowPos
GetNextDlgGroupItem
ReleaseCapture
GetTabbedTextExtentW
GetMenuDefaultItem
GetWindowRgn
SubtractRect
GetDoubleClickTime
CharUpperBuffA
CopyIcon
GetUpdateRect
FrameRect
SetMenuDefaultItem
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
IsMenu
MonitorFromPoint
UpdateLayeredWindow
MapVirtualKeyExA
IsCharLowerA
LoadImageW
SetRect
FillRect
InvalidateRect
EnableWindow
GetSysColor
PtInRect
InflateRect
OffsetRect
GetWindowRect
GetClientRect
GetDC
ReleaseDC
SetTimer
KillTimer
SendMessageA
GetSystemMetrics
GetCursorPos
GetParent
LoadBitmapW
GetSubMenu
LoadMenuW
ScreenToClient
SetCapture
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
WaitMessage
RegisterClipboardFormatA
CreateAcceleratorTableA
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFrameControl
DrawStateA
SetClassLongA
DestroyAcceleratorTable
DrawIconEx
CopyImage
GetIconInfo
NotifyWinEvent
EnableScrollBar
HideCaret
DrawFocusRect
MonitorFromWindow
InvertRect

gdi32

GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateBitmap
SelectPalette
GetObjectType
CreateHatchBrush
CreateFontIndirectA
CreateRectRgnIndirect
SetRectRgn
CombineRgn
PatBlt
DPtoLP
GetTextExtentPoint32A
CreateEllipticRgn
LPtoDP
Ellipse
CreateDIBSection
GetCharWidthA
StretchDIBits
GetTextMetricsA
GetBkColor
EndPage
SetAbortProc
AbortDoc
EndDoc
GetViewportOrgEx
Rectangle
CreateDIBitmap
GetObjectA
GetTextCharsetInfo
EnumFontFamiliesExA
GetRgnBox
GetTextColor
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetTextExtentPoint32W
GetWindowOrgEx
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateRoundRectRgn
CreatePolygonRgn
Polyline
Polygon
SetDIBColorTable
StretchBlt
SetPixel
OffsetRgn
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
CreateRectRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
GetDeviceCaps
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
EnumFontFamiliesA
LineTo
GetStockObject
GetMapMode
CreateCompatibleBitmap
CreateFontA
BitBlt
CreateCompatibleDC
SelectObject
CreateSolidBrush
StartPage
CreatePen

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

GetJobA
ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

CryptGetHashParam
CryptEncrypt
CryptDestroyKey
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegEnumKeyExA
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumValueA
RegEnumKeyA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
CryptImportKey

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA
Shell_NotifyIconA
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetFileInfoA
SHAddToRecentDocs
DragQueryFileA
DragFinish

comctl32

InitCommonControlsEx
ImageList_GetIconSize
_TrackMouseEvent

shlwapi

PathIsUNCA
UrlUnescapeA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathRemoveFileSpecW

ole32

CoUninitialize
OleRun
CoRegisterMessageFilter
CoRevokeClassObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoInitializeEx
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
CreateStreamOnHGlobal
OleDraw
OleGetClipboard
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleDuplicateData
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
ReleaseStgMedium

oleaut32

SysStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
GetErrorInfo
SysAllocString
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
OleCreateFontIndirect
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
VariantInit
VariantClear
VariantChangeType

oledlg

ord8

ws2_32

sendto
getaddrinfo
recvfrom
ntohs
send
gethostbyname
htons
connect
recv
setsockopt
closesocket
getprotobyname
socket
WSAIoctl
getsockname
gethostname
ioctlsocket
listen
htonl
freeaddrinfo
getpeername
getsockopt
bind
ntohl
select
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup
accept

winmm

sndPlaySoundA
PlaySoundA

wldap32

ord27
ord22
ord211
ord143
ord60
ord50
ord26
ord30
ord200
ord32
ord35
ord79
ord33
ord301
ord41
ord46

crypt32

CertFreeCertificateContext

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusShutdown

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 361KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9be81ae18727285b07073e1cbc1818ff

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

ws2_32

winmm

wldap32

crypt32

oleacc

gdiplus

wininet

imm32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 361KB - Virtual size: 361KB

.data Size: 27KB - Virtual size: 57KB

.rsrc Size: 93KB - Virtual size: 96KB

.reloc Size: 189KB - Virtual size: 189KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 361KB - Virtual size: 361KB

.data
Size: 27KB - Virtual size: 57KB

.rsrc
Size: 93KB - Virtual size: 96KB

.reloc
Size: 189KB - Virtual size: 189KB