4b0025b997860a470aa637ae5d32c2f424b3883fdaa7fe8f5ec3ac7d11b8b114

Sharing

Copy URL

Twitter E-mail

General

Target

4b0025b997860a470aa637ae5d32c2f424b3883fdaa7fe8f5ec3ac7d11b8b114
Size

2.1MB
MD5

64e0ee6e6274b3201dac5d865b4bac0a
SHA1

3fedaab5ceb3165d4366eb119d66fc916ac37d3b
SHA256

4b0025b997860a470aa637ae5d32c2f424b3883fdaa7fe8f5ec3ac7d11b8b114
SHA512

fdf82bd602134b250fe0d884454f2f50eb22316f794cc2e3515da5eef203e5136415ba0d4d9461beabc6ecc73e41e902da25048d2488b0da9f9bd83a917830d0
SSDEEP

49152:ngkg7Ge49gn8erH0r8SWAdikwBG4ITHkGzgghz1jPhPubxS4wo9QFhhhZhXaEo:q7Ge49reri8SWAdikwBG4eHkGznzBPVE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b0025b997860a470aa637ae5d32c2f424b3883fdaa7fe8f5ec3ac7d11b8b114

Files

4b0025b997860a470aa637ae5d32c2f424b3883fdaa7fe8f5ec3ac7d11b8b114
.exe windows:5 windows x86 arch:x86

79aa09d0ce8d53c4e4943af361be3c32

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
CreateFileW
GetTimeZoneInformation
CompareStringW
IsProcessorFeaturePresent
GetStringTypeW
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
IsValidCodePage
HeapCreate
GetStdHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
HeapSize
GetProcAddress
HeapQueryInformation
VirtualQuery
GetSystemInfo
HeapReAlloc
CreateThread
ExitThread
RaiseException
ExitProcess
RtlUnwind
HeapSetInformation
GetCommandLineA
HeapFree
HeapAlloc
DecodePointer
EncodePointer
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
InitializeCriticalSectionAndSpinCount
GetNumberFormatA
GetWindowsDirectoryA
GetTickCount
GetTempPathA
SetErrorMode
GetFileSizeEx
LocalFileTimeToFileTime
GetFileAttributesExA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetACP
GetOEMCP
GetShortPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetConsoleMode
GetStartupInfoW
GetConsoleCP
SetFilePointer
WriteFile
ReadFile
MoveFileA
CreateFileA
GetStringTypeExA
GetThreadLocale
lstrcpyA
DeleteFileA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetCurrentDirectoryA
GlobalFlags
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
EnterCriticalSection
LeaveCriticalSection
CopyFileA
GlobalSize
FormatMessageA
LocalFree
MulDiv
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
ReplaceFileA
SystemTimeToFileTime
GetFileAttributesA
GetCurrentProcessId
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
GlobalGetAtomNameA
GlobalFindAtomA
LoadLibraryW
lstrcmpW
GlobalAddAtomA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalFree
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetModuleFileNameA
GetLocaleInfoA
CompareStringA
InterlockedExchange
GlobalAlloc
GetModuleHandleW
GlobalUnlock
GlobalLock
lstrcmpA
lstrcmpiA
FreeResource
FindResourceA
FindResourceW
LoadResource
LockResource
SizeofResource
GetCPInfo
WideCharToMultiByte
lstrlenW
MultiByteToWideChar
lstrlenA
GetVersionExA
GetVersion
ActivateActCtx
GetModuleHandleA
GetLastError
DeactivateActCtx
SetLastError
InterlockedDecrement
InterlockedIncrement
FreeLibrary
Sleep
VirtualFree
VirtualAlloc
LoadLibraryA
SetEnvironmentVariableA

user32

DrawMenuBar
DefMDIChildProcA
DefFrameProcA
WaitMessage
IsClipboardFormatAvailable
CopyImage
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
RegisterClipboardFormatA
SetCursorPos
CreateAcceleratorTableA
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFocusRect
DrawFrameControl
DrawStateA
SetClassLongA
GetAsyncKeyState
NotifyWinEvent
DestroyAcceleratorTable
RedrawWindow
LockWindowUpdate
GetDCEx
UnregisterClassA
UnionRect
WindowFromPoint
GetTabbedTextExtentW
PostThreadMessageA
CharUpperA
LoadMenuW
LoadAcceleratorsW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
CharNextA
SetLayeredWindowAttributes
EnumDisplayMonitors
RealChildWindowFromPoint
SetParent
GetSystemMenu
MapVirtualKeyA
GetKeyNameTextA
IsZoomed
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
IntersectRect
BringWindowToTop
TranslateAcceleratorA
EndPaint
BeginPaint
GetWindowDC
ReleaseCapture
KillTimer
SetTimer
ClientToScreen
SetWindowRgn
DrawIcon
IsRectEmpty
IsIconic
LoadCursorW
LoadCursorA
DestroyCursor
InvalidateRect
OffsetRect
SetRectEmpty
GetWindowThreadProcessId
ShowOwnedPopups
SetCursor
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
TranslateMDISysAccel
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CheckDlgButton
GetMenuStringA
DestroyMenu
InflateRect
RegisterWindowMessageA
LoadIconW
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
IsWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetClientRect
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
MonitorFromPoint
UpdateLayeredWindow
SetMenuDefaultItem
GetWindowRgn
SubtractRect
MapVirtualKeyExA
IsCharLowerA
GetDoubleClickTime
CharUpperBuffA
CopyIcon
LoadImageW
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetUpdateRect
CheckMenuItem
FrameRect
GetWindowLongA
SetWindowLongA
GetWindow
SetWindowContextHelpId
GetParent
MapDialogRect
SetWindowPos
PostMessageA
PostQuitMessage
GrayStringA
DrawTextExA
TabbedTextOutA
GetSubMenu
DeleteMenu
RemoveMenu
LoadBitmapW
GetSysColorBrush
CreatePopupMenu
CreateMenu
GetMenuItemID
GetMenuState
ModifyMenuA
InsertMenuA
GetMenuItemCount
AppendMenuA
ReleaseDC
GetDC
GetDesktopWindow
DestroyIcon
DrawIconEx
SystemParametersInfoA
DrawTextA
GetMenuItemInfoA
SetRect
DrawEdge
FillRect
GetSysColor
CopyRect
IsMenu
GetSystemMetrics
EnableMenuItem
SendMessageA
LoadImageA
EnableWindow
UpdateWindow
SetCapture

gdi32

OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
GetTextMetricsA
GetCharWidthA
CreateFontA
StretchDIBits
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetBkColor
GetTextColor
GetRgnBox
GetNearestColor
GetPolyFillMode
GetROP2
SetWindowOrgEx
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetWindowOrgEx
CreateRoundRectRgn
CreatePolygonRgn
Polyline
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
EnumFontFamiliesExA
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
SetStretchBltMode
SetROP2
SetViewportExtEx
ScaleViewportExtEx
SetPolyFillMode
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
GetStretchBltMode
PatBlt
SetBkMode
RestoreDC
SaveDC
LPtoDP
CreateEllipticRgn
CopyMetaFileA
GetStockObject
GetViewportOrgEx
CreateDCA
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocA
DPtoLP
CreateBitmap
SetBkColor
SetTextColor
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
Rectangle
CreateHatchBrush
SetPixel
GetPixel
GetObjectA
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateFontIndirectA
GetBkMode
CreatePen
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
GetJobA
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumValueA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumKeyExA
RegOpenKeyExW
RegOpenKeyExA
RegSetValueA
GetFileSecurityA
SetFileSecurityA

shell32

SHAppBarMessage
DragFinish
DragQueryFileA
SHAddToRecentDocs
ExtractIconA
SHGetFileInfoA
SHBrowseForFolderA
DragAcceptFiles
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder

comctl32

ImageList_GetIconSize

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

ole32

OleLockRunning
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoInitializeEx
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
CoGetClassObject
CoInitialize
CoCreateInstance
CoUninitialize
OleDuplicateData
ReleaseStgMedium
StringFromCLSID
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
RevokeDragDrop
RegisterDragDrop
CoRegisterMessageFilter
CoRevokeClassObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleGetClipboard
CoLockObjectExternal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes

oleaut32

SysFreeString
VarBstrFromDate
VariantCopy
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysStringLen
SysAllocStringByteLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen

oledlg

ord8

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusShutdown
GdipDrawImageI

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 286KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 321KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79aa09d0ce8d53c4e4943af361be3c32

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 286KB - Virtual size: 286KB

.data Size: 321KB - Virtual size: 350KB

.rsrc Size: 71KB - Virtual size: 70KB

.reloc Size: 168KB - Virtual size: 167KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 286KB - Virtual size: 286KB

.data
Size: 321KB - Virtual size: 350KB

.rsrc
Size: 71KB - Virtual size: 70KB

.reloc
Size: 168KB - Virtual size: 167KB