390146be4f083ebc11066dd047f0ab89bd14b11b59d369644adad764405a299c

Sharing

Copy URL

Twitter E-mail

General

Target

390146be4f083ebc11066dd047f0ab89bd14b11b59d369644adad764405a299c
Size

1.3MB
MD5

fb25e8ee2ecf9afcbc514b40718c29a7
SHA1

82c09b40e0230c9a4b31f04bcbb884c9e16183bf
SHA256

390146be4f083ebc11066dd047f0ab89bd14b11b59d369644adad764405a299c
SHA512

1865c5835bc407d35e40456227bf6ea5bede8866f8541ec202776b23227164ecb49d488f6a50675be7e2b17c99ec2399651d6c7c5db2920cede1afe8882ea7d4
SSDEEP

24576:y5BxRwtCRRT2nNm0sGZcWdOBzL/ym5jPoyz5Tt2bcwcORfXy/KhdD1A/Ez+sdnb:ynxT2fw9r0kpilcO5XhdD1Xz+sdnb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
390146be4f083ebc11066dd047f0ab89bd14b11b59d369644adad764405a299c

Files

390146be4f083ebc11066dd047f0ab89bd14b11b59d369644adad764405a299c
.exe windows:5 windows x86 arch:x86

4dd55b6e7a22894a73ba13c55952fadd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetCloseEnum
WNetEnumResourceW
WNetOpenEnumW

rpcrt4

UuidCreate
UuidToStringW
RpcStringFreeW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

wtsapi32

WTSEnumerateProcessesW
WTSQuerySessionInformationW
WTSSendMessageW
WTSFreeMemory
WTSQueryUserToken
WTSEnumerateSessionsW

setupapi

SetupUninstallOEMInfW
SetupCopyOEMInfW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiRemoveDeviceInterface
SetupDiGetClassDevsW
SetupDiOpenDeviceInterfaceRegKey

crypt32

CertOpenStore
CertAddEncodedCertificateToStore
CertCloseStore

kernel32

GetUserDefaultUILanguage
FindResourceExW
GetFileAttributesExW
GetFileSizeEx
GetFileTime
SetErrorMode
UnhandledExceptionFilter
GetSystemDefaultUILanguage
IsProcessorFeaturePresent
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetDateFormatW
GetStdHandle
ExitProcess
HeapQueryInformation
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlUnwind
OutputDebugStringW
CompareStringW
FileTimeToLocalFileTime
GlobalFlags
LocalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SuspendThread
UnlockFile
LockFile
GetVolumeInformationW
GetFullPathNameW
VirtualProtect
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
EncodePointer
FreeResource
lstrcmpA
GetModuleHandleA
OutputDebugStringA
GetACP
InitializeCriticalSectionAndSpinCount
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
DecodePointer
GetEnvironmentVariableW
GetSystemWindowsDirectoryW
GetExitCodeProcess
GetTempPathW
GetModuleFileNameW
GetModuleFileNameA
MoveFileExW
GetPrivateProfileSectionNamesW
WritePrivateProfileSectionW
GetPrivateProfileSectionW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetProfileIntW
EnumUILanguagesW
GetVersionExW
GetVersion
GetSystemInfo
GlobalSize
GlobalReAlloc
GetWindowsDirectoryW
GlobalGetAtomNameW
FormatMessageW
GetExitCodeThread
GetComputerNameW
EnumResourceLanguagesW
lstrcmpiA
LocalAlloc
LoadLibraryW
LoadLibraryExW
FreeLibrary
TerminateProcess
HeapWalk
HeapUnlock
HeapLock
GetProcessHeap
QueryDosDeviceW
GetLogicalDriveStringsW
WideCharToMultiByte
VirtualFreeEx
VirtualAllocEx
WaitForMultipleObjects
CreateEventW
ResetEvent
SetEvent
WTSGetActiveConsoleSessionId
GetShortPathNameW
GetCurrentThread
OpenFileMappingW
OpenMutexW
CreateMutexW
WaitForSingleObject
ReleaseMutex
DeleteCriticalSection
ExpandEnvironmentStringsW
WriteProfileStringW
GetProfileStringW
SetLastError
WaitNamedPipeW
SetNamedPipeHandleState
DisconnectNamedPipe
WriteFile
ReadFile
FlushFileBuffers
IsBadReadPtr
GlobalFree
GlobalHandle
GetCurrentProcessId
GetCurrentProcess
DuplicateHandle
IsDBCSLeadByteEx
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
SetFilePointer
SetEndOfFile
GetFileSize
EnumSystemLocalesW
GetLocaleInfoW
WriteProcessMemory
ReadProcessMemory
FlushInstructionCache
GetCurrentThreadId
TransactNamedPipe
GetSystemDirectoryW
GetLocalTime
GetLongPathNameW
EnumResourceNamesW
CompareFileTime
CopyFileW
CreateProcessW
ResumeThread
SetThreadPriority
GetLastError
GetTempFileNameA
GetTempPathA
SetFileAttributesW
RemoveDirectoryW
GetTempFileNameW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
DeleteFileW
CreateFileW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetModuleHandleW
OpenProcess
CloseHandle
IsBadWritePtr
lstrcpyW
GlobalUnlock
GetTickCount
Sleep
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetProcAddress
LocalFree
GlobalLock
GlobalAlloc
GetCommandLineW
MultiByteToWideChar
MulDiv
FindResourceW
SizeofResource
LockResource
LoadResource
GetTimeFormatW
LCMapStringW
GetTimeZoneInformation
GetFileType
GetDriveTypeW
GetStringTypeW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
SetUnhandledExceptionFilter
WriteConsoleW

user32

AdjustWindowRectEx
InvalidateRgn
GetUpdateRgn
IsZoomed
PostQuitMessage
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
WinHelpW
EnumWindows
MessageBoxW
FindWindowW
LoadCursorW
SetCursor
ShowCursor
MsgWaitForMultipleObjects
SystemParametersInfoW
GetLastActivePopup
EnumThreadWindows
FillRect
PeekMessageW
RemovePropW
GetPropW
SetPropW
CallWindowProcW
ExitWindowsEx
SetWindowLongW
GetClassInfoW
UnregisterClassW
RegisterClassW
DefWindowProcW
GetWindowPlacement
IsIconic
FlashWindow
LoadImageW
ShowWindow
LoadStringW
SendMessageTimeoutW
GetWindowThreadProcessId
ChildWindowFromPoint
EnumChildWindows
ClientToScreen
GetClassLongW
CopyImage
GetScrollInfo
wsprintfW
DialogBoxParamW
EndDialog
SendDlgItemMessageA
GetMenuStringW
GetSubMenu
SendMessageW
IsWindow
GetSystemMetrics
GetDC
ReleaseDC
GetWindowRect
SetRect
LoadBitmapW
GetDialogBaseUnits
SetRectEmpty
MapDialogRect
GetFocus
DestroyWindow
InsertMenuItemW
DeleteMenu
AppendMenuW
EnableMenuItem
TabbedTextOutW
GrayStringW
DrawTextExW
EqualRect
OffsetRect
UnionRect
IsWindowEnabled
GetSysColorBrush
GetSysColor
ScreenToClient
RedrawWindow
InflateRect
GetCursorPos
ValidateRect
CreatePopupMenu
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetKeyState
SetWindowTextW
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuItemCount
GetMenuItemID
SetFocus
GetClassNameW
GetParent
GetWindowLongW
PtInRect
IntersectRect
GetClientRect
GetWindowTextLengthW
InvalidateRect
UpdateWindow
DrawTextW
GetDlgCtrlID
GetDlgItemTextW
SetDlgItemTextW
GetDesktopWindow
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
RegisterClipboardFormatW
RegisterWindowMessageW
DestroyIcon
LoadIconW
GetAsyncKeyState
CharUpperW
IsDlgButtonChecked
GetDlgItem
SetWindowPos
CreateWindowExW
GetWindowDC
BeginPaint
EndPaint
CheckMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
CheckDlgButton
CheckRadioButton
CopyRect
IsRectEmpty
PostMessageW
EndDeferWindowPos
IsWindowVisible
GetCapture
GetMenu
IsDialogMessageW
DispatchMessageW
GetMessagePos
GetMessageTime
GetClassInfoExW
IsMenu
IsChild
DeferWindowPos
BeginDeferWindowPos
EnableWindow
GetWindow
CharLowerW
SetMenu
TrackPopupMenu
SetActiveWindow
GetForegroundWindow
SetForegroundWindow
GetScrollPos
MapWindowPoints
GetTopWindow
MonitorFromWindow
GetMonitorInfoW
CreateDialogIndirectParamW
GetActiveWindow
DestroyMenu
GetMessageW
TranslateMessage
RealChildWindowFromPoint
GetWindowTextW
GetNextDlgTabItem

gdi32

PolyBezierTo
GetTextExtentPointW
GetStockObject
CreateRoundRectRgn
FillRgn
CreateEllipticRgn
EqualRgn
CreatePolygonRgn
ModifyWorldTransform
PathToRegion
Polygon
CreateDIBitmap
CreateFontW
CreatePen
FrameRgn
TranslateCharsetInfo
GetFontLanguageInfo
SaveDC
SelectClipRgn
StretchBlt
CreateDIBSection
Polyline
CopyMetaFileW
CreateBitmap
GetClipBox
SetTextColor
SetMapMode
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SetTextCharacterExtra
SetStretchBltMode
SetROP2
SetPolyFillMode
SetPixel
SetGraphicsMode
SetBkMode
SetBkColor
RestoreDC
LineTo
GetTextColor
GetTextAlign
GetTextCharacterExtra
GetStretchBltMode
GetPolyFillMode
GetObjectType
GetGraphicsMode
GetGlyphOutlineW
GetDIBits
GetCurrentObject
GetBkMode
GetBkColor
GetROP2
GetObjectW
GetRgnBox
CreateCompatibleDC
BitBlt
GdiFlush
ResetDCW
CreateSolidBrush
PatBlt
SetWorldTransform
GetWorldTransform
SetTextAlign
GetGlyphIndicesW
GetFontUnicodeRanges
EnumFontFamiliesExW
CreateCompatibleBitmap
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetOutlineTextMetricsW
GetCharWidthW
GetCharWidthA
Escape
CreateRectRgnIndirect
CreateRectRgn
CombineRgn
FillPath
EndPath
CloseFigure
CreateFontIndirectW
GetDeviceCaps
GetTextMetricsW
GetTextExtentPoint32W
SelectObject
CreateDCW
DeleteDC
ExtEscape
BeginPath
DeleteObject

winspool.drv

EnumPrinterDriversW
GetPrinterDriverDirectoryW
EnumPortsW
SetPrinterW
DeleteMonitorW
DeletePrinterDriverW
DocumentPropertiesW
DeletePrinter
DeletePrinterConnectionW
OpenPrinterW
EnumPrintersW
AddPrinterConnectionW
GetPrinterDriverW
GetPrinterW
DeletePrinterDriverExW
GetPrinterA
AddMonitorW
ClosePrinter
AddPrinterW
AddPrinterDriverW
DeviceCapabilitiesW

advapi32

OpenProcessToken
RegLoadKeyW
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetUserNameW
SetSecurityDescriptorSacl
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetSecurityDescriptorSacl
LookupPrivilegeValueW
LookupAccountNameW
IsValidSid
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
GetSidIdentifierAuthority
GetSecurityDescriptorOwner
GetSecurityDescriptorDacl
GetAclInformation
GetAce
EqualSid
CopySid
AllocateAndInitializeSid
AdjustTokenPrivileges
OpenThreadToken
LookupAccountSidW
StartServiceW
QueryServiceStatus
OpenServiceW
OpenSCManagerW
GetServiceDisplayNameW
EnumDependentServicesW
DeleteService
CreateServiceW
ControlService
CloseServiceHandle
SetNamedSecurityInfoW
SetEntriesInAclW
RegSetValueExW
RegSetKeySecurity
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegGetKeySecurity
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegConnectRegistryW
RegCloseKey
FreeSid
RegUnLoadKeyW
RegFlushKey

shell32

ShellExecuteW
SHChangeNotify
ShellExecuteExW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHAppBarMessage
SHGetFolderPathW
CommandLineToArgvW

ole32

OleDuplicateData
CoInitializeEx
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoGetMalloc
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
IIDFromString
StringFromGUID2
ReleaseStgMedium
DoDragDrop
CoCreateGuid
CreateStreamOnHGlobal
CoInitialize
CoUninitialize

oleaut32

SysAllocString
VariantClear
VariantInit
SysFreeString
VariantChangeType

msimg32

AlphaBlend

comctl32

ord17
InitCommonControlsEx

shlwapi

StrRetToBufW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathCreateFromUrlW
SHCreateStreamOnFileEx
StrRetToStrW

uxtheme

IsThemeDialogTextureEnabled
EnableThemeDialogTexture
IsAppThemed

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 995KB - Virtual size: 994KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 238KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4dd55b6e7a22894a73ba13c55952fadd

Headers

DLL Characteristics

File Characteristics

Imports

mpr

rpcrt4

version

wtsapi32

setupapi

crypt32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

uxtheme

oleacc

Sections

.text Size: 995KB - Virtual size: 994KB

.rdata Size: 238KB - Virtual size: 237KB

.data Size: 10KB - Virtual size: 36KB

.gfids Size: 6KB - Virtual size: 6KB

.giats Size: 512B - Virtual size: 8B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 28KB - Virtual size: 28KB

.reloc Size: 58KB - Virtual size: 58KB

.text
Size: 995KB - Virtual size: 994KB

.rdata
Size: 238KB - Virtual size: 237KB

.data
Size: 10KB - Virtual size: 36KB

.gfids
Size: 6KB - Virtual size: 6KB

.giats
Size: 512B - Virtual size: 8B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 28KB - Virtual size: 28KB

.reloc
Size: 58KB - Virtual size: 58KB