93a3a7a9659bdfa16a9a9a879c92516c9d50d798539894eaf6f4b3f6ff8086dd

Sharing

Copy URL Twitter E-mail

General

Target

93a3a7a9659bdfa16a9a9a879c92516c9d50d798539894eaf6f4b3f6ff8086dd
Size

300KB
MD5

2d5f648d414ed7303d00d43acbf4f315
SHA1

dffa94c727639c8252cc14d4cd5e7593de54358e
SHA256

93a3a7a9659bdfa16a9a9a879c92516c9d50d798539894eaf6f4b3f6ff8086dd
SHA512

ff590bc4e38cef93e266e18d101fc8eb762857d42a451f78653b9bbe27544558e08390fabfda4766a702445f88c4ff4cd71400da3d424f45d08816bb3b23574f
SSDEEP

6144:UNAUAhuQ/F+H0iJWrRju5Vn7Ioppea+GGwZ+RzeRCPGMer5v:UNAeQ/FSTE/oXBRV5v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93a3a7a9659bdfa16a9a9a879c92516c9d50d798539894eaf6f4b3f6ff8086dd

Files

93a3a7a9659bdfa16a9a9a879c92516c9d50d798539894eaf6f4b3f6ff8086dd
.exe windows:4 windows x86 arch:x86

7c0a45853a19590104720910cc56837f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetCurrentDirectoryW
OpenProcess
GlobalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
LocalFree
TerminateProcess
GlobalAlloc
GetTickCount
GetProcessHeap
HeapAlloc
RtlMoveMemory
HeapFree
WaitForSingleObject
lstrcpyn
Process32Next
lstrcatA
CloseHandle
Process32First
LocalAlloc
CreateToolhelp32Snapshot
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedExchange
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetACP
HeapSize
RaiseException
RtlUnwind
ExitProcess
GetCommandLineA
GetStartupInfoA
CloseHandle
GlobalFree
GlobalUnlock
GlobalLock
DeleteFileA
FindClose
FindNextFileA
FindFirstFileA
WriteFile
SetFilePointer
HeapFree
HeapAlloc
GetLastError
GetCurrentProcess
GetVersionExA
GetDriveTypeA
TerminateProcess
GetProcAddress
GetModuleHandleA
Sleep
FreeLibrary
lstrcpyA
LoadLibraryA
lstrlenA
MultiByteToWideChar
GlobalAlloc
SetLastError
lstrcatA
HeapReAlloc
GetTimeZoneInformation
GetVersion
GetCurrentThreadId
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GetModuleFileNameA
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
LocalFree
FlushFileBuffers
lstrcpynA
GetFullPathNameA
LocalAlloc
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalHandle
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetCurrentDirectoryA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCPInfo
GetOEMCP

user32

GetWindowThreadProcessId
GetClassNameA
GetWindowTextLengthW
GetWindowTextW
CallWindowProcA
IsWindowVisible
GetParent
GetInputState
FindWindowExA
LoadStringA
GetSysColorBrush
LoadCursorA
LoadIconA
MapWindowPoints
GetSysColor
AdjustWindowRectEx
GetClientRect
CopyRect
DestroyMenu
GetSystemMetrics
GetWindowRect
SendMessageA
GetClassNameA
wsprintfA
ReleaseDC
GetDC
SystemParametersInfoA
GetDlgItem
SetWindowLongA
GetWindowTextA
GetWindowLongA
PtInRect
GetWindow
GetParent
PostQuitMessage
PostMessageA
EnableWindow
MessageBoxA
IsWindowEnabled
GetLastActivePopup
SetWindowsHookExA
PeekMessageA
CallNextHookEx
GetKeyState
DispatchMessageA
GetNextDlgTabItem
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
ClientToScreen
TabbedTextOutA
DrawTextA
GrayStringA
UnhookWindowsHookEx
DestroyWindow
GetDlgCtrlID
SetWindowTextA
GetMenuItemCount
SetWindowPos
SetFocus
GetWindowPlacement
IsIconic
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow

msvcrt

strlen

shell32

ShellExecuteExW
SHChangeNotify
SHGetSpecialFolderPathA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

odbc32

SQLDisconnect
SQLDriverConnect
SQLSetStmtAttr
SQLFetchScroll
SQLGetData
SQLDescribeCol
SQLFreeHandle
SQLPrepare
SQLEndTran
SQLGetConnectAttr
SQLGetDiagRec
SQLBrowseConnect
SQLExecDirect
SQLBindParameter
SQLNumResultCols
SQLRowCount
SQLSetEnvAttr
SQLAllocHandle
SQLSetConnectAttr
SQLExecute

ntdll

NtQueryInformationProcess
sprintf

advapi32

DeleteService
EnumDependentServicesA
StartServiceA
EnumServicesStatusA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
CloseServiceHandle
QueryServiceConfigA
CreateServiceA
GetServiceKeyNameA
QueryServiceConfig2A
ControlService
EnumServicesStatusExA
ChangeServiceConfigA
GetServiceDisplayNameA
ChangeServiceConfig2A
RegOpenKeyA
RegCloseKey
RegSetValueExA
RegDeleteValueA

wininet

HttpQueryInfoA
InternetReadFile
InternetOpenA
InternetGetConnectedState
InternetCloseHandle
InternetConnectA
FtpFindFirstFileA
FtpOpenFileA
InternetSetFilePointer
InternetOpenUrlA

wmvert

wm_WriteFile
wm_StrComp
wm_InStr
wm_DoEvents
wm_Space
wm_SpaceBin
wm_GetBinData
wm_ReadFile
wm_BinLen
wm_BOr
wm_CnvToBin
wm_MkDir
wm_ObjClear
wm_ObjCreateObject
wm_ObjCopy
wm_TimePart
wm_ObjRunMethod
wm_ObjSetProperty
wm_Len
wm_RpSubText
wm_Now
wm_Sleep
wm_Split
wm_VariantSet
wm_ObjGetProperty
wm_IsFileExist
wm_Str
wm_SaveRegItem
wm_IsRegItemExist
wm_GetRunPath
wm_GetRunFileName
wm_pbin
wm_VariantGetBin
wm_VariantClear
wm_ObjGetTextProperty
wm_ObjGetNumProperty
wm_Trim
wm_Right
wm_Left
wm_Mid
wm_Asc
wm_UCase
wm_Mod
wm_SHR
wm_BAnd
wm_SHL
wm_ToByte
wm_InStrRev
wm_Chr
wm_BinMid
wm_SetVariantType
wm_VariantCreateArray
wm_ObjRunTextMethod
wm_RunVariantMethod
wm_pstr
wm_ZeroAry
wm_GetTickCount
wm_BinLeft
wm_Open
wm_SeekToEnd
wm_Close
wm_WriteBin
wm_ToInt
wm_NotifySys
wm_CreateWindowFromTemplate

gdi32

GetStockObject
GetDeviceCaps
SelectObject
DeleteDC
GetObjectA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

comctl32

ord17

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c0a45853a19590104720910cc56837f

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

shell32

ole32

odbc32

ntdll

advapi32

wininet

wmvert

gdi32

winspool.drv

comctl32

Sections

.text Size: 164KB - Virtual size: 162KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 20KB - Virtual size: 81KB

.rsrc Size: 92KB - Virtual size: 89KB

.text
Size: 164KB - Virtual size: 162KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 20KB - Virtual size: 81KB

.rsrc
Size: 92KB - Virtual size: 89KB