111c0ae95111409f306e14404b085d4e073314aefbc8f738ea67ce0debbd2301

Sharing

Copy URL

Twitter E-mail

General

Target

111c0ae95111409f306e14404b085d4e073314aefbc8f738ea67ce0debbd2301
Size

3.9MB
MD5

25f717f5bbd2887d62dcade7b5217dbc
SHA1

9f78db670ca92af866e20944d5a2828c8e4e4968
SHA256

111c0ae95111409f306e14404b085d4e073314aefbc8f738ea67ce0debbd2301
SHA512

351ffbfb09ec000be8ccd1420af7488e71effdb1cd2b28479db9bc0803a41bdb05a1032c4dc33bbef1161c4ba90d327e49ede1d1115e3d1257c42fbf1830b9f0
SSDEEP

98304:VjqcAvPCdx495Tc5u8ZeILALlfgpLDGg8hhVaokOFO:VbAyx4auSDLAxgJDGgrovFO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
111c0ae95111409f306e14404b085d4e073314aefbc8f738ea67ce0debbd2301

Files

111c0ae95111409f306e14404b085d4e073314aefbc8f738ea67ce0debbd2301
.exe windows:5 windows x86 arch:x86

94d8bbeeb6f00fff2b0da527a3b46834

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadTimes
CreateSemaphoreA
CreateEventA
SetThreadPriority
GetDiskFreeSpaceExW
GetCommandLineW
InterlockedDecrement
InterlockedIncrement
CreateThread
lstrcmpiW
OutputDebugStringW
GetStdHandle
GetFileInformationByHandle
GetSystemInfo
GetProcessAffinityMask
GlobalMemoryStatus
FileTimeToSystemTime
FileTimeToLocalFileTime
SetFilePointer
SetEndOfFile
ReadFile
WriteFile
GetFileSize
FindNextFileW
FindFirstFileW
GetModuleHandleA
FindClose
MoveFileExW
MoveFileW
DeleteFileW
GetFileAttributesW
SetFileAttributesW
CreateFileW
RemoveDirectoryW
CreateDirectoryW
GetCurrentDirectoryW
GetWindowsDirectoryW
GetTempPathW
SetFileTime
SetLastError
GetCurrentThreadId
GetCurrentProcessId
FormatMessageW
LocalFree
GetModuleFileNameW
LoadLibraryW
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
CreateEventW
CloseHandle
WaitForSingleObject
ReleaseSemaphore
ResetEvent
SetEvent
InitializeCriticalSection
GetSystemDirectoryW
LoadLibraryExW
lstrcatW
GetVersionExW
VirtualFree
VirtualAlloc
lstrlenW
GetStringTypeW
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
CompareStringW
LCMapStringW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
GetACP
VerSetConditionMask
VerifyVersionInfoW
FreeResource
ExitProcess
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetFileType
DuplicateHandle
SystemTimeToFileTime
DosDateTimeToFileTime
GetLocalTime
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
GetExitCodeProcess
CreateProcessW
CopyFileW
RtlUnwind
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetCurrentThread
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetTimeZoneInformation
ReadConsoleW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
WriteConsoleW
GetModuleHandleW
GetProcAddress
FindResourceW
SizeofResource
LoadResource
LockResource
SetPriorityClass
Sleep
WaitForMultipleObjects
GetCurrentProcess
CompareFileTime
GetTickCount
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetLastError
RaiseException
DecodePointer

user32

ClientToScreen
GetSysColor
CreateAcceleratorTableW
InvalidateRgn
DestroyIcon
GetIconInfo
GetClientRect
GetPropW
SetPropW
SetForegroundWindow
GetSystemMetrics
MsgWaitForMultipleObjects
BringWindowToTop
IsWindowVisible
SetWindowPos
DestroyWindow
IsWindow
GetClassInfoExW
RegisterClassExW
RegisterClassW
DefWindowProcW
GetCaretPos
DispatchMessageW
TranslateMessage
GetMessageW
PostMessageW
EndDialog
SendMessageW
SetCaretPos
ShowCaret
HideCaret
CreateCaret
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetWindowRgn
MonitorFromPoint
GetDesktopWindow
SetRect
FillRect
ShowWindow
MoveWindow
GetDlgItem
SetDlgItemTextW
SetFocus
GetFocus
GetKeyState
EnableWindow
DrawTextW
CharPrevW
SetWindowRgn
IsIconic
IntersectRect
UpdateWindow
PtInRect
IsRectEmpty
MapWindowPoints
GetCursorPos
GetUpdateRect
CharNextW
EndPaint
BeginPaint
ReleaseDC
GetDC
SetCapture
InvalidateRect
SetWindowTextW
GetWindowRect
ScreenToClient
SetTimer
UpdateLayeredWindow
PostQuitMessage
ReleaseCapture
IsZoomed
GetWindowTextLengthW
GetWindowTextW
LoadStringW
CreateWindowExW
CallWindowProcW
SystemParametersInfoW
MapDialogRect
OffsetRect
UnionRect
InflateRect
GetMonitorInfoW
MonitorFromWindow
LoadImageW
GetWindow
PeekMessageW
KillTimer
MessageBoxW
SetCursor
GetParent
LoadCursorW
LoadIconW
wsprintfW
CharUpperW
GetWindowLongW
SetWindowLongW

gdi32

GetTextExtentPoint32W
GetClipBox
GetCharABCWidthsW
CreateSolidBrush
CreateRectRgnIndirect
CreatePenIndirect
CombineRgn
GetObjectA
CreateRoundRectRgn
GetDIBits
CreateDCW
SetWindowOrgEx
BitBlt
CreateDIBSection
GetTextMetricsW
SelectObject
SaveDC
RestoreDC
Rectangle
GetStockObject
DeleteDC
CreatePen
CreateFontIndirectW
PtInRegion
CreateRectRgn
GetDeviceCaps
DeleteObject
CreateICW
CreateCompatibleDC
CreateCompatibleBitmap
TextOutW
MoveToEx
SetTextColor
SetStretchBltMode
StretchBlt
SetBkMode
SetBkColor
ExtSelectClipRgn
SelectClipRgn
GetObjectW
LineTo

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegQueryInfoKeyW

shell32

SHGetFileInfoW
SHBrowseForFolderW
ord75
SHGetSpecialFolderPathW
ShellExecuteW
SHGetPathFromIDListW

ole32

RegisterDragDrop
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
OleInitialize
RevokeDragDrop
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
OleLockRunning

oleaut32

SysAllocString
SysAllocStringLen
VarUI4FromStr
SysFreeString
VariantClear
SysStringLen
VariantInit

shlwapi

ord219
PathFileExistsW

gdiplus

GdipCreateFontFromLogfontA
GdipDeleteFont
GdipDrawString
GdipMeasureString
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipCreatePath
GdipDeletePath
GdipAddPathLineI
GdipAddPathArcI
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipSetCompositingMode
GdipSetCompositingQuality
GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipSetInterpolationMode
GdipDrawRectangleI
GdipDrawPath
GdipCreateFontFromDC
GdipDrawImageRectRect
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipStringFormatGetGenericTypographic
GdipCloneStringFormat
GdiplusStartup
GdiplusShutdown
GdipCreateLineBrushI
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipDrawArcI
GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDisposeImage
GdipCloneImage
GdipFree
GdipAlloc
GdipSetTextRenderingHint
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipFillRectangleI
GdipBitmapUnlockBits
GdipCreateHBITMAPFromBitmap

comctl32

_TrackMouseEvent
ord17

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext

Sections

.text
Size: 778KB - Virtual size: 778KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94d8bbeeb6f00fff2b0da527a3b46834

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

gdiplus

comctl32

imm32

Sections

.text Size: 778KB - Virtual size: 778KB

.rdata Size: 182KB - Virtual size: 182KB

.data Size: 12KB - Virtual size: 45KB

.gfids Size: 512B - Virtual size: 396B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 2.8MB - Virtual size: 2.8MB

.reloc Size: 46KB - Virtual size: 45KB

.text
Size: 778KB - Virtual size: 778KB

.rdata
Size: 182KB - Virtual size: 182KB

.data
Size: 12KB - Virtual size: 45KB

.gfids
Size: 512B - Virtual size: 396B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 2.8MB - Virtual size: 2.8MB

.reloc
Size: 46KB - Virtual size: 45KB