02a6e5af9bfad4e5e3a803ab2580f10380b8754be1c8c47ea7c17ff19d6b2fdb

Sharing

Copy URL Twitter E-mail

General

Target

02a6e5af9bfad4e5e3a803ab2580f10380b8754be1c8c47ea7c17ff19d6b2fdb
Size

812KB
MD5

d0868fc4863ca05330685638d27ef8d6
SHA1

0b38d83dc49b71fbe067954c008c0c3f6f0cd8aa
SHA256

02a6e5af9bfad4e5e3a803ab2580f10380b8754be1c8c47ea7c17ff19d6b2fdb
SHA512

616a20c67f32aaffd21d8f01cd3fe85272413ef0701dc0bcc29b97c1927224349b7d8618b1a2105d9c5b7d2260a84dd926469f6686bc8eb4ff8af21b810a9463
SSDEEP

12288:z1tqkj1t4M1tJ1t871t11tKCo1tDUeR1teZfDFk11U:z1l1p1v1q71H1c131oBRk11U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02a6e5af9bfad4e5e3a803ab2580f10380b8754be1c8c47ea7c17ff19d6b2fdb

Files

02a6e5af9bfad4e5e3a803ab2580f10380b8754be1c8c47ea7c17ff19d6b2fdb
.exe windows:5 windows x86 arch:x86

69b7b14bf6c5611c1e7b2f07c2c06707

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msacm32

acmStreamClose

sqlite3

sqlite3_extended_errcode

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3
__setusermatherr

comctl32

ImageList_GetIconSize
ImageList_Write
ImageList_SetIconSize
ImageList_SetDragCursorImage
ImageList_SetBkColor
ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetImageCount
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon

kernel32

GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetLocalTime
GetLogicalDrives
GetLogicalDriveStringsA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetOverlappedResult
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeExA
GetStringTypeW
GetSystemDefaultLangID
GetSystemDirectoryA
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetThreadLocale
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExA
GetVolumeInformationA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFree
GlobalHandle
GlobalLock
GlobalMemoryStatus
GetFileSize
GlobalSize
GlobalUnlock
HeapAlloc
HeapFree
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsValidLocale
LCMapStringA
LoadLibraryExA
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockResource
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA
MapViewOfFile
MoveFileA
MulDiv
MultiByteToWideChar
OpenFileMappingA
PeekNamedPipe
QueryDosDeviceA
RaiseException
ReadFile
ReleaseSemaphore
RemoveDirectoryA
ResetEvent
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetPriorityClass
SetThreadLocale
SetThreadPriority
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
GetFileInformationByHandle
GetFileAttributesW
GetFileAttributesA
GetExitCodeProcess
GetEnvironmentVariableA
GetEnvironmentStrings
GetDriveTypeA
GetDiskFreeSpaceExA
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThread
GetCurrentProcess
GetCurrentDirectoryA
GetCPInfo
GetCommandLineA
GetACP
FreeResource
FreeLibrary
FormatMessageA
FindResourceA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
LoadLibraryA
ExpandEnvironmentStringsA
ExitThread
EnumCalendarInfoA
DuplicateHandle
DosDateTimeToFileTime
DeviceIoControl
DeleteFileA
DeleteCriticalSection
DefineDosDeviceA
CreateThread
CreateSemaphoreA
CreateProcessA
CreatePipe
CreateFileW
CreateFileMappingA
GetCurrentProcessId
GetCurrentThreadId
GetVersion
GetCommandLineW
InitializeCriticalSection
EnterCriticalSection
GetTickCount
ExitProcess
LeaveCriticalSection
GlobalReAlloc

user32

GetPropA
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetWindow
GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
InflateRect
InsertMenuA
InsertMenuItemA
IntersectRect
InvalidateRect
IsCharAlphaA
IsCharAlphaNumericA
IsChild
IsDialogMessageA
IsIconic
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadKeyboardLayoutA
LoadStringA
LockWindowUpdate
MapVirtualKeyA
MapWindowPoints
MessageBeep
MessageBoxA
MsgWaitForMultipleObjects
OemToCharA
OffsetRect
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassA
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindow
ScrollWindowEx
SendMessageA
SetActiveWindow
SetCapture
SetClassLongA
SetClipboardData
SetCursor
SetFocus
SetForegroundWindow
SetKeyboardState
SetMenu
SetMenuItemInfoA
SetPropA
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowsHookExA
GetParent
ShowCursor
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
GetMessagePos
GetMenuStringA
GetMenuState
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyState
GetKeyNameTextA
GetKeyboardState
GetKeyboardLayoutList
GetKeyboardLayout
GetIconInfo
GetForegroundWindow
GetFocus
GetDoubleClickTime
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardData
GetClientRect
GetClassNameA
GetClassInfoA
GetCaretPos
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowA
FillRect
ExitWindowsEx
EqualRect
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextA
DrawMenuBar
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateIcon
CloseClipboard
ClientToScreen
ChildWindowFromPoint
CheckMenuItem
CharUpperBuffA
CharUpperA
CharToOemBuffA
CharNextA
CharLowerBuffA
GetKeyboardType
SetWindowTextA
GetMessageTime
DrawIcon

gdi32

GetDIBits
GetDIBColorTable
GetDeviceCaps
GetDCOrgEx
GetEnhMetaFileBits
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetObjectA
GetPaletteEntries
GetPixel
GetCurrentPositionEx
GetStockObject
GetSystemPaletteEntries
GetTextExtentPoint32A
GetTextExtentPointA
GetTextMetricsA
GetWindowOrgEx
GetWinMetaFileBits
IntersectClipRect
LineTo
LPtoDP
MaskBlt
MoveToEx
PatBlt
Pie
PlayEnhMetaFile
PolyPolyline
RealizePalette
Rectangle
RectVisible
RestoreDC
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetEnhMetaFileBits
SetMapMode
GetClipRgn
GetClipBox
GetBrushOrgEx
GetBitmapBits
ExtTextOutA
ExtCreatePen
ExcludeClipRect
Ellipse
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreateRectRgn
GetRgnBox
CreatePenIndirect

advapi32

StartServiceA
RegEnumKeyExA
RegSetValueExA
RegDeleteKeyA
RegCreateKeyExA
RegQueryInfoKeyA
RegCreateKeyA
QueryServiceStatus
QueryServiceConfigA
OpenServiceA
OpenSCManagerA
OpenProcessToken
LookupPrivilegeValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA

shell32

SHFileOperationA

ole32

GetHGlobalFromILockBytes
OleFlushClipboard
OleGetClipboard
OleInitialize
OleIsCurrentClipboard
OleSetClipboard
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
StringFromCLSID
CoInitialize

oleaut32

GetErrorInfo

Sections

.text
Size: 421KB - Virtual size: 420KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 14.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.post
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 374KB - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69b7b14bf6c5611c1e7b2f07c2c06707

Headers

File Characteristics

Imports

msacm32

sqlite3

msvcrt

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 421KB - Virtual size: 420KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 1024B - Virtual size: 14.0MB

.post Size: 4KB - Virtual size: 3KB

.rsrc Size: 374KB - Virtual size: 374KB

.text
Size: 421KB - Virtual size: 420KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 1024B - Virtual size: 14.0MB

.post
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 374KB - Virtual size: 374KB