74844805682206ed3b73f342d60bcdb6db189b8878611e04a44b7b1aa18805d5

Sharing

Copy URL Twitter E-mail

General

Target

74844805682206ed3b73f342d60bcdb6db189b8878611e04a44b7b1aa18805d5
Size

3.4MB
MD5

43ac68890d8b698848b51567079b95cf
SHA1

d7c10cfdc54d8c63536a8f2b3c846a45292963b9
SHA256

74844805682206ed3b73f342d60bcdb6db189b8878611e04a44b7b1aa18805d5
SHA512

5639c047d17e56d627be740ed4047902b87c6bd51b0e8dcfa74a5c3aedc49f1c06a58d2ef19c296af52acc936085db826c6a07cd69836ae54466d0d989a4686f
SSDEEP

98304:TqBhUGUMz7GaeCgsw/YtQoHVItmJ2KpAr6yonW:TqTOC73LJsKpAr6K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74844805682206ed3b73f342d60bcdb6db189b8878611e04a44b7b1aa18805d5

Files

74844805682206ed3b73f342d60bcdb6db189b8878611e04a44b7b1aa18805d5
.exe windows:5 windows x86 arch:x86

a5c38a6d3352da884f91627697bc678f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetConsoleMode
ReadConsoleW
GetDriveTypeW
GetFullPathNameA
FatalAppExitA
SetConsoleCtrlHandler
GetTimeZoneInformation
FreeEnvironmentStringsW
SetFilePointerEx
OutputDebugStringW
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
SetEnvironmentVariableW
WriteConsoleW
SetEnvironmentVariableA
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetProcessHeap
GetStdHandle
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
HeapSize
LockResource
IsProcessorFeaturePresent
IsDebuggerPresent
ExitThread
CreateThread
CreateSemaphoreW
GetModuleHandleExW
ExitProcess
HeapReAlloc
RaiseException
HeapAlloc
HeapFree
RtlUnwind
GetCommandLineW
LocalUnlock
LocalLock
FindResourceExW
GetUserDefaultLCID
ReplaceFileW
GetDiskFreeSpaceW
VirtualProtect
SearchPathW
GetProfileIntW
Sleep
GetTempPathW
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
lstrcpyW
GetTickCount
GetWindowsDirectoryW
SetErrorMode
GlobalFlags
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
GetAtomNameW
GlobalGetAtomNameW
InterlockedIncrement
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
AreFileApisANSI
UnhandledExceptionFilter
InitializeCriticalSection
GetThreadLocale
GetStringTypeExW
MoveFileW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetFullPathNameW
GetFileSize
FlushFileBuffers
SystemTimeToFileTime
FileTimeToSystemTime
SetFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
InterlockedDecrement
GlobalFindAtomW
LoadLibraryA
GetSystemDirectoryW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DecodePointer
EncodePointer
GetCurrentProcessId
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
GetModuleHandleA
FreeResource
GetVersion
OutputDebugStringA
CompareStringA
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetCurrentThreadId
GetCurrentThread
InterlockedExchange
WideCharToMultiByte
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
GetUserDefaultUILanguage
GetVersionExW
GetFileAttributesW
SetCurrentDirectoryW
GetEnvironmentVariableW
GetModuleFileNameW
LoadLibraryW
CreateMutexW
GetProcAddress
GetModuleHandleW
FindNextFileW
FindFirstFileW
FindClose
CopyFileW
DeleteFileW
SetFileAttributesW
CreateFileW
CreateProcessW
CloseHandle
GetLastError
MultiByteToWideChar
ExpandEnvironmentStringsW
FindResourceW
SizeofResource
LoadResource
InitializeCriticalSectionAndSpinCount
GetConsoleCP

user32

InSendMessage
CreateMenu
GetDCEx
DestroyCursor
GetWindowRgn
WindowFromDC
GetTabbedTextExtentW
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
IsZoomed
GetComboBoxInfo
TrackMouseEvent
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
SetWindowRgn
DrawFrameControl
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
PostThreadMessageW
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
GetIconInfo
DrawIconEx
SetRectEmpty
DrawFocusRect
RegisterClipboardFormatW
GetMenuDefaultItem
CreatePopupMenu
UnregisterClassW
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
SetRect
InvalidateRgn
CopyAcceleratorTableW
ReleaseCapture
SetCapture
OffsetRect
CharNextW
DestroyIcon
GetDialogBaseUnits
InvalidateRect
RealChildWindowFromPoint
DeleteMenu
CopyImage
LoadCursorW
GetSysColorBrush
WindowFromPoint
IntersectRect
CharUpperW
LoadMenuW
SendDlgItemMessageA
SystemParametersInfoW
InflateRect
DestroyMenu
FillRect
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
ReleaseDC
MapVirtualKeyW
GetKeyNameTextW
SendNotifyMessageW
SetWindowTextW
ScrollWindowEx
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
UnhookWindowsHookEx
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
MapDialogRect
SetWindowContextHelpId
SetWindowPos
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxW
SetCursor
ShowOwnedPopups
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
GetDesktopWindow
GetWindowLongW
SetActiveWindow
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
EnumChildWindows
FrameRect
CharUpperBuffW
ModifyMenuW
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
SetClassLongW
LockWindowUpdate
SetParent
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
IsDialogMessageW
ToUnicodeEx
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
LoadBitmapW
GetParent
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
PostQuitMessage
PostMessageW
RemoveMenu
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
GetWindow
wsprintfW
LoadImageW
GetWindowTextW
GetDC
DrawEdge
LoadIconW
GetWindowRect
DrawIcon
AppendMenuW
GetSystemMenu
GetSystemMetrics
KillTimer
SetTimer
IsIconic
GetClientRect
EnableWindow
SendMessageW
FindWindowW
BringWindowToTop
GetMenuItemInfoW

gdi32

GetLayout
SetArcDirection
ExtCreatePen
MoveToEx
TextOutW
ExtTextOutW
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetTextExtentPoint32W
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
GetTextMetricsW
GetBkColor
GetRgnBox
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
SelectClipPath
Polygon
Polyline
Rectangle
EnumFontFamiliesExW
OffsetRgn
CreateRoundRectRgn
GetCurrentObject
CreateFontW
GetCharWidthW
StretchDIBits
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextFaceW
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
SetLayout
SetMapMode
SetGraphicsMode
SetMapperFlags
PolyDraw
ArcTo
StartDocW
SetColorAdjustment
ModifyWorldTransform
SetWorldTransform
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
SetTextAlign
SetTextCharacterExtra
SetStretchBltMode
SetROP2
CreatePolygonRgn
CreateSolidBrush
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
CreateCompatibleDC
BitBlt
PatBlt
CreateRectRgnIndirect
SetTextColor
SetBkColor
CreateBitmap
GetDeviceCaps
CreateDCW
CopyMetaFileW
GetObjectW
CreateFontIndirectW
GetTextColor
GetDCBrushColor
SetPolyFillMode

msimg32

AlphaBlend
TransparentBlt

winspool.drv

GetJobW
ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

GetFileSecurityW
RegEnumKeyExW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegCloseKey
SetFileSecurityW

shell32

DragQueryFileW
SHGetFolderPathW
SHGetFileInfoW
SHAddToRecentDocs
ExtractIconW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHAppBarMessage
DragFinish
ShellExecuteW
SHBrowseForFolderW
SHGetMalloc
SHGetDesktopFolder

shlwapi

PathFindFileNameW
PathRemoveExtensionW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
PathFindExtensionW
StrFormatKBSizeW

uxtheme

CloseThemeData
GetThemePartSize
GetWindowTheme
GetThemeSysColor
DrawThemeText
DrawThemeParentBackground
OpenThemeData
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeBackground
GetThemeColor
GetCurrentThemeName

ole32

CoRevokeClassObject
CoRegisterClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleRun
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
StringFromGUID2
CoInitializeEx
CLSIDFromProgID
CLSIDFromString
CreateGenericComposite
CoCreateInstance
CoCreateGuid
CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
OleSetClipboard
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
CreateBindCtx
CoTreatAsClass
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateFileMoniker
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
OleLockRunning
OleSetMenuDescriptor
DoDragDrop
CreateStreamOnHGlobal
CreateOleAdviseHolder
CreateDataAdviseHolder
GetRunningObjectTable
CoGetMalloc
OleIsRunning
OleQueryCreateFromData
OleQueryLinkFromData
OleRegEnumVerbs
OleRegGetMiscStatus
PropVariantCopy
GetHGlobalFromILockBytes
OleGetIconOfClass
OleSetContainedObject
OleSaveToStream
OleSave
OleLoad
OleCreateFromFile
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleCreate
WriteClassStm
ReadFmtUserTypeStg
CreateItemMoniker
CoRegisterMessageFilter
OleIsCurrentClipboard
CoInitialize
OleFlushClipboard

oleaut32

SysFreeString
OleCreateFontIndirect
VarDecFromStr
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VariantCopy
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
SystemTimeToVariantTime
SysStringLen
SysReAllocStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocString
SysAllocStringByteLen
SysStringByteLen
VariantTimeToSystemTime

oledlg

OleUIBusyW

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipDrawImageRectI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 630KB - Virtual size: 629KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 153KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a5c38a6d3352da884f91627697bc678f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 630KB - Virtual size: 629KB

.data Size: 41KB - Virtual size: 72KB

.idata Size: 23KB - Virtual size: 23KB

.rsrc Size: 153KB - Virtual size: 156KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 630KB - Virtual size: 629KB

.data
Size: 41KB - Virtual size: 72KB

.idata
Size: 23KB - Virtual size: 23KB

.rsrc
Size: 153KB - Virtual size: 156KB