800867706e4dfedfd4abf476ae4537a7e47f109cc7b7a8ca3fe3ab3b1a6a5e97

Sharing

Copy URL

Twitter E-mail

General

Target

800867706e4dfedfd4abf476ae4537a7e47f109cc7b7a8ca3fe3ab3b1a6a5e97
Size

15.0MB
MD5

572b886b47561870043b691a3251536c
SHA1

6135c7778d2189e0a37265c1eac2f23c6ee0fd39
SHA256

800867706e4dfedfd4abf476ae4537a7e47f109cc7b7a8ca3fe3ab3b1a6a5e97
SHA512

b03ad0343ac6bb042e3386c303cd6c0b065d103d004aea3c56c287b5393be8bb8e638803ca1d85482aaf789d63a68f99e1b3cc96f890e41c68d987142cca2c07
SSDEEP

393216:98OmcPlot0xIOUFPE5vSYIRhhd+yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyF:986ehdxp9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
800867706e4dfedfd4abf476ae4537a7e47f109cc7b7a8ca3fe3ab3b1a6a5e97

Files

800867706e4dfedfd4abf476ae4537a7e47f109cc7b7a8ca3fe3ab3b1a6a5e97
.exe windows:6 windows x86 arch:x86

0351ec9aa8a0c9a0bf89e0081163ee0e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ESETOnlineScanner.pdb

Imports

sciter-x

SciterSetCallback
SciterGetParentElement
SciterUpdateElement
SciterCallScriptingMethod
ValueFromString
ValueElementsCount
ValueNthElementValue
ValueNthElementValueSet
ValueGetValueOfKey
SciterSetStyleAttribute
SciterSetCapture
SciterGetMinHeight
SciterSetElementHtml
SciterSetElementText
SciterCreateElement
SciterInsertElement
SciterDeleteElement
SciterHidePopup
SciterShowPopupAt
ValueInt64Data
ValueIsolate
ValueInt64DataSet
SciterResetURLData
ValueClear
SciterReleaseCapture
SciterLoadHtml
SciterSetMediaVars
SciterSetMediaType
SciterProcND
SciterControlGetType
SciterCallScriptingFunction
SciterPostEvent
SciterSelectParent
SciterSelectElements
SciterFindElement
SciterGetFocusElement
SciterWindowAttachEventHandler
ValueSetValueToKey
ValueToString
ValueBinaryDataSet
ValueFloatDataSet
ValueIntDataSet
ValueFloatData
SciterEval
SciterDataReady
SciterSetTimer
SciterSetElementState
SciterGetElementState
SciterGetElementHwnd
SciterGetElementLocation
SciterRefreshElementArea
SciterGetStyleAttribute
SciterSetAttributeByName
SciterGetAttributeByName
Sciter_UnuseElement
Sciter_UseElement
ValueIntData
SciterGetRootElement
ValueStringData
ValueStringDataSet
ValueCopy
GraphinAPI
ValueInit

kernel32

GetACP
IsValidCodePage
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
ExitProcess
VirtualAlloc
RtlUnwind
GetCPInfo
CompareStringEx
LCMapStringEx
GetStringTypeW
OutputDebugStringW
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
GetUserDefaultLCID
SearchPathW
GetProfileIntW
GetFileAttributesExW
DuplicateHandle
UnlockFile
LockFile
GetVolumeInformationW
GetFullPathNameW
lstrcmpiW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GlobalGetAtomNameW
GlobalFlags
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
SetThreadPriority
WritePrivateProfileStringW
CompareStringA
lstrcmpW
GlobalDeleteAtom
GetVersionExW
OutputDebugStringA
lstrcmpA
GlobalSize
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
HeapFree
HeapSize
GetLastError
HeapReAlloc
HeapAlloc
DeleteCriticalSection
GetProcessHeap
SetLastError
InitializeCriticalSection
GetTickCount
GetModuleHandleA
GetModuleHandleW
GetCurrentThread
GetCurrentProcess
GetCurrentProcessId
FileTimeToSystemTime
Sleep
FindFirstFileExW
FindNextFileW
FindClose
RemoveDirectoryW
CreateDirectoryW
ReadFile
WriteFile
SetEndOfFile
SetFilePointer
GetFileSize
DeleteFileW
MoveFileW
CopyFileW
GetTempPathW
GetTempFileNameW
FlushFileBuffers
GetFileTime
GetFileAttributesW
GetFileInformationByHandle
WriteConsoleW
GetDiskFreeSpaceW
GetSystemInfo
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
LoadLibraryExA
VirtualQuery
VirtualProtect
SwitchToThread
ResetEvent
GetEnvironmentVariableW
RaiseException
CreateMutexW
SetSearchPathMode
GetSystemDirectoryW
GetUserDefaultLangID
SuspendThread
GetLocaleInfoA
WaitForSingleObject
SetEvent
DeleteFileA
GetTempFileNameA
GetTempPathA
GlobalFree
GetDateFormatA
GlobalUnlock
GlobalLock
GlobalAlloc
SetCurrentDirectoryW
FormatMessageW
GetTimeFormatA
GetLocalTime
GetNumberFormatW
GetTimeFormatW
GetDateFormatW
SystemTimeToTzSpecificLocalTime
lstrcpyW
lstrcpynW
MulDiv
LoadLibraryA
FindNextFileA
TerminateThread
SystemTimeToFileTime
OpenProcess
VerifyVersionInfoW
VerSetConditionMask
LoadLibraryExW
GetModuleFileNameW
GetTimeZoneInformation
GetProcAddress
GetPrivateProfileStringW
GetPrivateProfileIntW
FindResourceExW
GetLocaleInfoW
ExpandEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
LockResource
LoadResource
SizeofResource
FindResourceW
GetCurrentThreadId
QueryPerformanceCounter
GetCurrentDirectoryW
LocalFree
SetErrorMode
FindFirstFileA
MoveFileExW
FindFirstFileW
GetSystemTime
FreeLibrary
LoadLibraryW
LeaveCriticalSection
EnterCriticalSection

user32

EqualRect
GetWindowThreadProcessId
GetClassNameW
IsWindowVisible
GetDesktopWindow
SetRect
GetForegroundWindow
InvertRect
HideCaret
DrawIcon
DestroyCursor
TranslateMessage
PeekMessageW
CreateMenu
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
GetNextDlgGroupItem
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
CharUpperBuffW
GetWindowDC
RegisterClipboardFormatW
SubtractRect
CopyAcceleratorTableW
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
MapDialogRect
SendDlgItemMessageA
GetUpdateRect
SetClassLongW
DestroyAcceleratorTable
ModifyMenuW
SetMenuDefaultItem
GetMenuDefaultItem
GetMenuItemInfoW
CopyIcon
GetDoubleClickTime
SystemParametersInfoW
DestroyMenu
LockWindowUpdate
CreatePopupMenu
UnionRect
SetCursorPos
WindowFromPoint
GetSystemMenu
ReleaseCapture
SetCapture
MonitorFromPoint
EnumDisplayMonitors
SetRectEmpty
CharUpperW
MessageBeep
IsClipboardFormatAvailable
DeleteMenu
CopyImage
LoadMenuW
RealChildWindowFromPoint
WinHelpW
GetScrollInfo
SetScrollInfo
GetSystemMetrics
GetTopWindow
GetClassLongW
RemovePropW
ShowScrollBar
GetScrollRange
GetWindowRect
DestroyIcon
GetIconInfo
ReleaseDC
GetDC
LoadBitmapW
EndPaint
BeginPaint
SetScrollRange
GetScrollPos
GetWindowRgn
MoveWindow
InvalidateRect
BringWindowToTop
RedrawWindow
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
SetParent
LoadImageW
EndDialog
CreateDialogIndirectParamW
GetDlgItem
UpdateWindow
IsZoomed
IsIconic
SetWindowPlacement
GetWindowPlacement
KillTimer
SetTimer
IsWindowEnabled
SetWindowTextW
SetForegroundWindow
SetActiveWindow
MapWindowPoints
SetWindowContextHelpId
GetWindowContextHelpId
RegisterClassExW
LoadCursorW
LoadIconW
LoadAcceleratorsW
PostQuitMessage
RegisterWindowMessageW
LoadStringW
FrameRect
GetAsyncKeyState
DrawFocusRect
AdjustWindowRectEx
SetFocus
GetWindow
IsDialogMessageW
WaitMessage
GetDlgCtrlID
ScreenToClient
GetWindowTextW
GetWindowTextLengthW
GetKeyState
GetCursorPos
GetWindowLongW
MonitorFromWindow
SendMessageW
GetParent
IsWindow
CopyRect
SetWindowPos
SetPropW
SetWindowLongW
SetProcessDefaultLayout
GetProcessDefaultLayout
GetClassInfoW
ShowWindow
GetClientRect
GetPropW
PtInRect
NotifyWinEvent
IntersectRect
EnableWindow
DrawTextW
GetSysColor
GetSysColorBrush
FillRect
InflateRect
DrawFrameControl
EnableScrollBar
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
DrawTextExW
GrayStringW
TabbedTextOutW
ClientToScreen
MessageBoxW
GetLastActivePopup
UnhookWindowsHookEx
CheckDlgButton
GetFocus
GetKeyNameTextW
MapVirtualKeyW
DrawEdge
DrawStateW
SetWindowRgn
OffsetRect
IsRectEmpty
DrawIconEx
GetNextDlgTabItem
GetActiveWindow
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
ValidateRect
SetWindowsHookExW
CallNextHookEx
ShowOwnedPopups
SetCursor
GetMessagePos
GetMessageTime
CallWindowProcW
GetClassInfoExW
IsMenu
IsChild
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetCapture
GetMenu
SetMenu
TrackPopupMenu
ScrollWindow
SetScrollPos

ws2_32

inet_ntoa
ntohs
getservbyport
gethostbyaddr
setsockopt
closesocket
ioctlsocket
connect
select
htonl
send
WSASetLastError
recv
socket
getsockopt
getservbyname
htons
WSAGetLastError
__WSAFDIsSet
inet_addr
gethostbyname

gdi32

SetPixelV
CreateRectRgnIndirect
PatBlt
CreateEllipticRgn
CreatePolygonRgn
Polyline
SetRectRgn
DPtoLP
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
RealizePalette
SetPixel
CreateRoundRectRgn
GetRgnBox
OffsetRgn
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
GetTextFaceW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetDIBColorTable
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
CopyMetaFileW
CreateHatchBrush
CreatePatternBrush
Escape
ExcludeClipRect
GetObjectType
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
RestoreDC
SaveDC
ExtSelectClipRgn
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
TextOutW
StretchBlt
PtInRegion
CreateBrushIndirect
RoundRect
SetDCBrushColor
GetDCPenColor
LineTo
MoveToEx
SetDCPenColor
SetBkMode
SetTextColor
SetTextAlign
Polygon
GetStockObject
CreateBitmap
GetTextColor
GetWindowOrgEx
GetClipBox
IntersectClipRect
GetClipRgn
RemoveFontMemResourceEx
AddFontMemResourceEx
CreateFontIndirectW
GetTextMetricsW
GetTextExtentPoint32W
GetBkColor
CombineRgn
CreateRectRgn
Ellipse
Rectangle
CreateSolidBrush
CreatePen
SelectClipRgn
ExtTextOutW
SetBkColor
GetPixel
GetDeviceCaps
CreateDCW
SetBitmapBits
GetBitmapBits
CreateDIBSection
GetCurrentObject
DeleteDC
DeleteObject
SetDIBits
GetDIBits
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetObjectW

advapi32

RegDeleteKeyW
OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegOpenCurrentUser
RegEnumKeyExW
RegEnumValueW
RegDeleteValueW
RegQueryInfoKeyW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegEnumKeyExA
OpenSCManagerW
QueryServiceStatus
RegGetValueA
RegOpenKeyW
GetUserNameW
RegSetKeyValueW
RegEnumKeyW
RegQueryValueW

shell32

DragFinish
Shell_NotifyIconW
SHGetSpecialFolderLocation
SHGetMalloc
SHGetDesktopFolder
DragQueryFileW
SHAppBarMessage
ExtractIconExW
ShellExecuteW

ole32

CoResumeClassObjects
CoRegisterClassObject
CoRevokeClassObject
CoAddRefServerProcess
CoReleaseServerProcess
CoTaskMemAlloc
CoCreateGuid
CoTaskMemFree
OleDuplicateData
ReleaseStgMedium
CoDisconnectObject
CreateStreamOnHGlobal
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator

oleaut32

SysAllocString
SysAllocStringByteLen
SysFreeString
VariantInit
VariantClear
SysAllocStringLen
VarBstrFromDate
SysStringLen
VariantCopy
VariantChangeType
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadTypeLi

shlwapi

StrStrIW
StrFormatKBSizeW
PathIsDirectoryW

msimg32

TransparentBlt

comctl32

ImageList_DrawEx
ImageList_GetIconSize
ImageList_GetImageInfo
ImageList_ReplaceIcon
InitCommonControlsEx

uxtheme

GetThemeSysColor
GetThemeColor
GetCurrentThemeName
IsAppThemed
DrawThemeParentBackground
GetWindowTheme
IsThemeBackgroundPartiallyTransparent

gdiplus

GdipAlloc
GdipDrawImageRectI
GdipCreateFromHDC
GdipDrawImageI
GdipBitmapUnlockBits
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipSaveImageToStream
GdipDrawImageRectRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipSetImageAttributesWrapMode
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdiplusShutdown
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipBitmapLockBits
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDisposeImage
GdipFree

esdkw

esdk_global_setup_set_data_dir
esdk_global_setup_set_license_dir
esdk_global_setup_create
esdk_scan_packet_result_get_logs
esdk_proxy_set_address
esdk_module_info_get_build
esdk_module_info_get_name
esdk_update_setup_delete
esdk_deinit
esdk_update_setup_set_server
esdk_update_setup_set_callbacks
esdk_global_setup_set_quarantine_dir
esdk_license_info_is_expired
esdk_modules_evaluate_versions
esdk_get_last_error
esdk_quarantine_entry_get_id
esdk_quarantine_entry_get_object_name
esdk_quarantine_entry_get_last_add_time
esdk_scan_packet_result_get_av_status
esdk_scan_packet_result_get_statistic_total
esdk_scan_packet_result_get_statistic_infected
esdk_scan_packet_result_get_statistic_cleaned
esdk_scan_packet_result_delete
esdk_global_setup_set_license_change_callback
esdk_global_setup_set_proxy_server_callback
esdk_global_setup_delete
esdk_modules_reload
esdk_global_setup_set_modules_dir
esdk_update_setup_create
esdk_quarantine_entry_get_object_size
esdk_quarantine_entry_get_reason
esdk_quarantine_evaluate_list
esdk_quarantine_restore
esdk_quarantine_delete
esdk_setup_packet_create
esdk_setup_packet_set_boot_sectors
esdk_setup_packet_set_log_all_files
esdk_setup_packet_compile
esdk_setup_packet_delete
esdk_scan_packet_create
esdk_scan_packet_set_disks
esdk_scan_packet_set_memory
esdk_setup_packet_set_archives
esdk_setup_packet_set_rtp
esdk_setup_packet_set_sfx
esdk_setup_packet_set_app_unsafe
esdk_setup_packet_set_app_unwanted
esdk_setup_packet_set_app_suspicious
esdk_scan_log_entry_get_object_name
esdk_scan_log_entry_get_virus_name
esdk_scan_log_entry_get_action
esdk_scan_log_entry_get_information
esdk_scan_log_entry_get_severity
esdk_scan_execute
esdk_stream_create
esdk_stream_set_file
esdk_scan_packet_set_stream
esdk_update_execute
esdk_stream_delete
esdk_proxy_set_authentication
esdk_init

wsock32

WSACleanup
WSAStartup

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 768KB - Virtual size: 767KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10.6MB - Virtual size: 10.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 772KB - Virtual size: 776KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0351ec9aa8a0c9a0bf89e0081163ee0e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

sciter-x

kernel32

user32

ws2_32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

msimg32

comctl32

uxtheme

gdiplus

esdkw

wsock32

oleacc

imm32

winmm

winspool.drv

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 768KB - Virtual size: 767KB

.data Size: 45KB - Virtual size: 73KB

.didat Size: 512B - Virtual size: 40B

.rsrc Size: 10.6MB - Virtual size: 10.6MB

.reloc Size: 772KB - Virtual size: 776KB

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 768KB - Virtual size: 767KB

.data
Size: 45KB - Virtual size: 73KB

.didat
Size: 512B - Virtual size: 40B

.rsrc
Size: 10.6MB - Virtual size: 10.6MB

.reloc
Size: 772KB - Virtual size: 776KB