b1639a759daf554109244379c9f1aadd514ff4cebf2658f13b9d4bf3e7d07913

Sharing

Copy URL Twitter E-mail

General

Target

b1639a759daf554109244379c9f1aadd514ff4cebf2658f13b9d4bf3e7d07913
Size

11.7MB
MD5

1456e367ba293c4e95bee5d9f4564293
SHA1

57102c16bf65bc273f5b374294ff04a8609ff39a
SHA256

b1639a759daf554109244379c9f1aadd514ff4cebf2658f13b9d4bf3e7d07913
SHA512

46b8865cd3aaf7cc5cd5b25029bf30f921114fb0870e55ac28193698cfecb5bf2dc39099a1aecc4dc802c60da7b554ebcee06671c4334f0fdb30f6f1f661d3fb
SSDEEP

196608:mxl+FLvesPsaPHJIjXEtahjSYZ1tSmqcl2Vw18LBN53gdQQDIRsAARlr0H4naZxa:pvdPsaPp6Ut5mqc6BLJ3ga1NAR10H4aC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/202408.exe

Files

b1639a759daf554109244379c9f1aadd514ff4cebf2658f13b9d4bf3e7d07913
.zip
202408.exe
.exe windows:6 windows x64 arch:x64

902c5f97e7a449d8d6ba3c9c3425bae0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shlwapi

PathStripToRootW
PathFindExtensionW
StrChrW
StrFormatKBSizeW
PathIsUNCW
PathRemoveFileSpecW
PathFindFileNameW

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

uxtheme

IsThemeBackgroundPartiallyTransparent
GetThemeBool
SetWindowTheme
IsThemeActive
IsAppThemed
GetCurrentThemeName
GetThemePropertyOrigin
GetThemeBackgroundRegion
OpenThemeData
GetThemePartSize
GetThemeColor
DrawThemeText
DrawThemeParentBackground
DrawThemeBackground
GetWindowTheme
GetThemeSysColor
CloseThemeData
ord47
GetThemeInt
GetThemeEnumValue
GetThemeMargins
GetThemeTransitionDuration

dwmapi

DwmGetWindowAttribute
DwmIsCompositionEnabled
DwmSetWindowAttribute
DwmEnableBlurBehindWindow

oleaut32

SysStringLen
SysAllocString
VariantInit
VarBstrFromDate
VariantChangeType
VariantCopy
VariantClear
SysFreeString
VariantTimeToSystemTime
SafeArrayPutElement
SystemTimeToVariantTime
SysAllocStringLen
LoadTypeLi
SafeArrayCreateVector

imm32

ImmGetVirtualKey
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmNotifyIME
ImmGetOpenStatus
ImmGetCompositionStringW
ImmAssociateContextEx
ImmAssociateContext
ImmReleaseContext
ImmGetContext
ImmGetDefaultIMEWnd

gdi32

OffsetRgn
SetLayout
GetDeviceCaps
CreateCompatibleBitmap
CreateDCW
CreateBitmap
ChoosePixelFormat
DescribePixelFormat
GetPixelFormat
SetPixelFormat
SwapBuffers
GetBitmapBits
GetObjectW
CreateFontIndirectW
EnumFontFamiliesExW
GetFontData
GetStockObject
AddFontResourceExW
RemoveFontResourceExW
AddFontMemResourceEx
RemoveFontMemResourceEx
GetTextMetricsW
GetTextFaceW
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetGlyphOutlineW
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetCharABCWidthsI
SetBkMode
SetGraphicsMode
SetTextColor
SetTextAlign
SetWorldTransform
ExtTextOutW
RoundRect
GetRgnBox
Rectangle
LPtoDP
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
GdiFlush
SetPixel
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetBkColor
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
DPtoLP
SetRectRgn
PatBlt
CreateRectRgnIndirect
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
TextOutW
MoveToEx
SetROP2
SetPolyFillMode
GetLayout
SetMapMode
SelectPalette
ExtSelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreatePatternBrush
CreatePen
CreateHatchBrush
SetBkColor
CopyMetaFileW
GetDIBits
CreateDIBSection
SelectObject
SelectClipRgn
GetRegionData
DeleteObject
DeleteDC
CreateRectRgn
CreateCompatibleDC
CombineRgn
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
BitBlt
StretchBlt

kernel32

lstrcpyW
SystemTimeToTzSpecificLocalTime
SetFileAttributesW
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetVersionExW
GlobalFindAtomW
GlobalDeleteAtom
GlobalFlags
LoadLibraryExW
UnlockFile
LockFile
GlobalAddAtomW
GlobalGetAtomNameW
lstrcmpA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
InitializeCriticalSection
MulDiv
GlobalFree
FindResourceW
SizeofResource
LockResource
LoadResource
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
SetLastError
OutputDebugStringA
GetCPInfo
GetStringTypeW
LCMapStringEx
DecodePointer
EncodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
RtlPcToFileHeader
FormatMessageA
GetExitCodeProcess
GetUserGeoID
GetGeoInfoW
GetTimeZoneInformation
GetModuleHandleExW
FreeLibrary
FindNextFileW
FindFirstFileExW
AcquireSRWLockExclusive
FindFirstChangeNotificationW
FindCloseChangeNotification
MultiByteToWideChar
LCMapStringW
CompareStringW
RegisterWaitForSingleObject
UnregisterWaitEx
SetFilePointerEx
CreateMutexW
ReleaseMutex
WriteConsoleW
SetEndOfFile
GetFileType
FlushFileBuffers
GetFileInformationByHandleEx
SystemTimeToFileTime
FileTimeToSystemTime
TzSpecificLocalTimeToSystemTime
MoveFileExW
MoveFileW
CopyFileW
DeviceIoControl
SetErrorMode
GetVolumePathNamesForVolumeNameW
GetTempPathW
FindResourceExW
RemoveDirectoryW
GetLogicalDrives
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesW
FindFirstFileW
FindClose
DeleteFileW
CreateDirectoryW
GetCurrentDirectoryW
GetStartupInfoW
GetTickCount64
QueryPerformanceFrequency
QueryPerformanceCounter
GetFileAttributesExW
GetUserPreferredUILanguages
GetUserDefaultLCID
GetCurrencyFormatW
GetTimeFormatW
GetDateFormatW
ResetEvent
GetSystemInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ResumeThread
TerminateThread
GetThreadPriority
SetThreadPriority
GetCurrentThread
CreateThread
SwitchToThread
WaitForMultipleObjects
Sleep
DuplicateHandle
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
GetSystemTimeAsFileTime
InitializeSListHead
GetSystemDirectoryW
WaitForSingleObjectEx
IsProcessorFeaturePresent
TerminateProcess
OutputDebugStringW
GetLocalTime
GetSystemTime
GetCommandLineW
CompareStringEx
GetConsoleWindow
GetDriveTypeW
GetLongPathNameW
GetVolumeInformationW
IsDebuggerPresent
InitializeSRWLock
MapViewOfFileEx
lstrlenW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
ReleaseSRWLockShared
AcquireSRWLockShared
SetEnvironmentVariableW
EnumSystemLocalesW
IsValidLocale
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
SetConsoleCtrlHandler
PeekNamedPipe
GetSystemDirectoryA
GetWindowsDirectoryW
VerSetConditionMask
VerifyVersionInfoW
GetProfileIntW
SearchPathW
GetTempFileNameW
SetFileTime
ReleaseSRWLockExclusive
VirtualProtect
GetModuleFileNameW
GetUserDefaultUILanguage
InitializeCriticalSectionEx
HeapWalk
CreateEventW
GetLastError
SetEvent
GetProcessHeaps
ExitProcess
WriteProcessMemory
GetCurrentProcess
WaitForSingleObject
CreateFileW
GetCurrentThreadId
lstrcatW
CloseHandle
LoadLibraryW
GetProcAddress
GetCurrentProcessId
lstrcmpiW
SetUnhandledExceptionFilter
lstrcmpW
GetModuleHandleW
LocalFree
VirtualAlloc
VirtualFree
GetStdHandle
FormatMessageW
WTSGetActiveConsoleSessionId
ExpandEnvironmentStringsW
CreateProcessW
CheckRemoteDebuggerPresent
OpenProcess
GlobalAlloc
GlobalUnlock
GlobalLock
GetLocaleInfoW
LoadLibraryA
GlobalSize
GetUserDefaultLangID
GetEnvironmentVariableW
GetACP
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
RtlUnwindEx
RtlUnwind
GetCommandLineA
ExitThread
FreeLibraryAndExitThread
SetStdHandle
GetConsoleOutputCP
HeapQueryInformation
VirtualQuery
WideCharToMultiByte
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
WriteFile
SetFilePointer
ReadFile
GetFileSize
FindNextChangeNotification

ole32

CreateStreamOnHGlobal
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoDisconnectObject
StringFromGUID2
CoTaskMemAlloc
OleDuplicateData
CoCreateGuid
CoGetMalloc
ReleaseStgMedium
CoTaskMemFree
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
OleSetClipboard
CoInitialize
OleUninitialize
OleInitialize
RegisterDragDrop
CoLockObjectExternal
CoInitializeEx
CoCreateInstance
CoUninitialize
RevokeDragDrop

shell32

SHGetFileInfoW
SHAppBarMessage
DragFinish
DragQueryFileW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetKnownFolderPath
CommandLineToArgvW
Shell_NotifyIconGetRect
Shell_NotifyIconW
SHBrowseForFolderW
SHGetKnownFolderIDList
SHGetPathFromIDListW
SHGetMalloc
SHCreateItemFromParsingName
SHCreateItemFromIDList
ShellExecuteW
ord727
SHGetStockIconInfo

user32

SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
CharNextExA
RegisterDeviceNotificationW
UnregisterDeviceNotification
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
WindowFromPoint
DrawIconEx
GetUserObjectInformationW
GetProcessWindowStation
MsgWaitForMultipleObjects
GetWindowRgn
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
IsClipboardFormatAvailable
CharUpperBuffW
SetMenuDefaultItem
LockWindowUpdate
SetRect
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
WaitMessage
PostThreadMessageW
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
UnionRect
DrawIcon
FrameRect
CopyIcon
BringWindowToTop
DrawFrameControl
DrawEdge
SetClassLongPtrW
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
LoadMenuW
GetKeyNameTextW
GetMenuDefaultItem
NotifyWinEvent
InvertRect
EnableScrollBar
IsRectEmpty
DrawFocusRect
GetNextDlgGroupItem
IntersectRect
DeleteMenu
ShowOwnedPopups
MapDialogRect
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
OffsetRect
SetRectEmpty
SendDlgItemMessageA
CopyImage
InflateRect
FillRect
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
PostQuitMessage
IsDialogMessageW
CheckDlgButton
TranslateMessage
EnableWindow
ChangeWindowMessageFilterEx
RealGetWindowClassW
EnumWindows
GetWindowTextW
CloseTouchInputHandle
GetTouchInputInfo
GetAsyncKeyState
GetMessageExtraInfo
TrackMouseEvent
GetClipboardFormatNameW
EnumDisplayDevicesW
RegisterClassW
GetCursorInfo
GetIconInfo
CreateIconIndirect
CreateCursor
LoadCursorW
GetCursor
SetCursorPos
TrackPopupMenuEx
MapVirtualKeyW
ToUnicode
ToAscii
GetKeyboardState
GetKeyState
IsZoomed
PeekMessageW
FindWindowA
SetCaretPos
ShowCaret
HideCaret
DestroyCaret
CreateCaret
IsWindowEnabled
RegisterWindowMessageW
GetKeyboardLayout
RegisterClipboardFormatW
ChangeClipboardChain
SetClipboardViewer
IsHungAppWindow
LoadIconW
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromWindow
SetMenuItemInfoW
GetMenuItemInfoW
TrackPopupMenu
RemoveMenu
ModifyMenuW
AppendMenuW
InsertMenuW
DestroyMenu
CreatePopupMenu
CreateMenu
DrawMenuBar
SetMenu
LoadImageW
GetSysColorBrush
ChildWindowFromPointEx
GetLastActivePopup
GetCursorPos
GetFocus
RegisterClassExW
GetClassInfoW
UnregisterClassW
UnregisterPowerSettingNotification
RegisterPowerSettingNotification
GetKeyboardLayoutList
GetAncestor
MonitorFromPoint
DestroyIcon
DestroyCursor
GetWindow
GetWindowThreadProcessId
SetParent
GetParent
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
GetWindowLongW
ScreenToClient
ClientToScreen
SetCursor
AdjustWindowRectEx
GetWindowRect
GetClientRect
SetWindowTextW
InvalidateRect
SetWindowRgn
GetUpdateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
EnableMenuItem
GetSystemMenu
GetMenu
ReleaseCapture
SetCapture
GetCapture
IsTouchWindow
UnregisterTouchWindow
RegisterTouchWindow
SetFocus
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindowEx
SetLayeredWindowAttributes
UpdateLayeredWindow
ShowWindow
IsChild
CreateWindowExW
AttachThreadInput
PostMessageW
SendMessageW
UpdateLayeredWindowIndirect
GetCaretBlinkTime
MessageBeep
IsWindow
GetDoubleClickTime
GetDesktopWindow
GetSysColor
ReleaseDC
GetDC
DestroyWindow
DefWindowProcW
SystemParametersInfoW
GetSystemMetrics
MessageBoxW
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongPtrW
EqualRect
CopyRect
MapWindowPoints
RemovePropW
DispatchMessageW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetActiveWindow
GetQueueStatus
GetMessageW
GetActiveWindow
ValidateRect
GetWindowTextLengthW
CharUpperW
GetDlgCtrlID
PtInRect
GetClassNameW
RealChildWindowFromPoint
CheckMenuItem
UpdateWindow
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsMenu
GetClassInfoExW
CallWindowProcW
GetMessageTime
GetMessagePos
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
MsgWaitForMultipleObjectsEx

winmm

timeKillEvent
timeBeginPeriod
timeSetEvent
PlaySoundW
timeEndPeriod
timeGetDevCaps
timeGetTime

msimg32

AlphaBlend
TransparentBlt

ws2_32

getservbyname
getservbyport
gethostbyname
gethostbyaddr
inet_ntoa
inet_addr
WSAWaitForMultipleEvents
WSAResetEvent
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
recv
connect
socket
bind
InetNtopW
freeaddrinfo
getaddrinfo
WSAStringToAddressW
WSAIoctl
WSASetLastError
shutdown
setsockopt
send
select
htons
htonl
getsockopt
getsockname
getpeername
ioctlsocket
closesocket
__WSAFDIsSet
WSAGetLastError
ntohs
WSAAsyncSelect
WSACleanup
WSAStartup

crypt32

CertDuplicateCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertGetCertificateContextProperty
CertFreeCertificateContext
CertOpenStore

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDrawImageRectI
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

bcrypt

BCryptGenRandom

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

userenv

GetUserProfileDirectoryW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

netapi32

NetShareEnum
NetApiBufferFree

advapi32

OpenProcessToken
RegSetValueExW
RegQueryInfoKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
SystemFunction036
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
AccessCheck
AllocateAndInitializeSid
CopySid
DuplicateToken
FreeSid
GetLengthSid
LookupAccountSidW
GetEffectiveRightsFromAclW
GetNamedSecurityInfoW
BuildTrusteeWithSidW
MapGenericMask
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW
ReportEventW
RegisterEventSourceW
DeregisterEventSource

Sections

.text
Size: 17.8MB - Virtual size: 17.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 629KB - Virtual size: 629KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmimed
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

902c5f97e7a449d8d6ba3c9c3425bae0

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

wtsapi32

uxtheme

dwmapi

oleaut32

imm32

gdi32

kernel32

ole32

shell32

user32

winmm

msimg32

ws2_32

crypt32

gdiplus

oleacc

bcrypt

winspool.drv

userenv

version

netapi32

advapi32

Sections

.text Size: 17.8MB - Virtual size: 17.8MB

.rdata Size: 5.4MB - Virtual size: 5.4MB

.data Size: 139KB - Virtual size: 249KB

.pdata Size: 629KB - Virtual size: 629KB

.qtmetad Size: 1KB - Virtual size: 1KB

.qtmimed Size: 315KB - Virtual size: 315KB

.reloc Size: 142KB - Virtual size: 141KB

.text
Size: 17.8MB - Virtual size: 17.8MB

.rdata
Size: 5.4MB - Virtual size: 5.4MB

.data
Size: 139KB - Virtual size: 249KB

.pdata
Size: 629KB - Virtual size: 629KB

.qtmetad
Size: 1KB - Virtual size: 1KB

.qtmimed
Size: 315KB - Virtual size: 315KB

.reloc
Size: 142KB - Virtual size: 141KB