84b73e6a6eb3cdb6cdc50a101ae82e53ff02905d411bdb75857aa026adf79523

Sharing

Copy URL Twitter E-mail

General

Target

84b73e6a6eb3cdb6cdc50a101ae82e53ff02905d411bdb75857aa026adf79523
Size

13.4MB
MD5

a9228056057b0915a522f51c01ee99cb
SHA1

24ee895bc3fd1b74872bee06a69d4de63ccc4e19
SHA256

84b73e6a6eb3cdb6cdc50a101ae82e53ff02905d411bdb75857aa026adf79523
SHA512

d50790ad8cc048da2571bbc6fa2d607a641e7bff17fef4b3208d6c3e20a0742b17cbeb1e1e781b7a4bba331f769ed5faa0eeadf9a1d284d80f7f44104e807e0b
SSDEEP

196608:8GafOCpGZpj3Bxl249aZM4mmuqsAESJ/c2IQ1J3DuZc9XdwavD9+icFZAc:LC2pjRxlroZM4mm2JOnR3DuZhsD9+ig9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84b73e6a6eb3cdb6cdc50a101ae82e53ff02905d411bdb75857aa026adf79523

Files

84b73e6a6eb3cdb6cdc50a101ae82e53ff02905d411bdb75857aa026adf79523
.exe windows:5 windows x86 arch:x86

cf2250dace9fbdc6e06f04fa6f753b50

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VerSetConditionMask
FindNextFileW
VerifyVersionInfoW
Process32NextW
Process32FirstW
Module32NextW
Module32FirstW
CreateToolhelp32Snapshot
DeleteCriticalSection
DecodePointer
RaiseException
InitializeCriticalSectionAndSpinCount
CreateProcessW
SizeofResource
LoadResource
FindResourceW
RemoveDirectoryW
Sleep
UnmapViewOfFile
FindClose
VirtualQuery
MapViewOfFile
OpenFileMappingW
CloseHandle
GetLastError
CreateMutexW
CreateDirectoryW
SetEndOfFile
SetFilePointerEx
GetConsoleCP
FlushFileBuffers
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
HeapSize
HeapReAlloc
ReadConsoleW
GetConsoleMode
GetStringTypeW
HeapAlloc
HeapFree
LCMapStringW
GetACP
ExitProcess
WriteConsoleW
GetFileType
GetStdHandle
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
LoadLibraryExW
FreeLibrary
EncodePointer
SetLastError
RtlUnwind
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
OutputDebugStringW
IsDebuggerPresent
GetModuleFileNameW
GetEnvironmentVariableW
GetCurrentProcessId
GetModuleHandleA
GetFileSize
WideCharToMultiByte
MultiByteToWideChar
SetFilePointer
GlobalSize
GetProcAddress
LoadLibraryW
MulDiv
GetTickCount
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
SystemTimeToFileTime
FileTimeToLocalFileTime
QueryPerformanceFrequency
FileTimeToSystemTime
LocalFileTimeToFileTime
lstrcmpW
CreateIoCompletionPort
PostQueuedCompletionStatus
GetQueuedCompletionStatus
GetModuleHandleW
InterlockedExchange
InterlockedCompareExchange
GetCommandLineW
ReadFile
WriteFile
CreateFileW
GetFileAttributesW
DeleteFileW
GetCurrentDirectoryW
TlsSetValue
TlsAlloc
TlsGetValue
TlsFree
WaitForSingleObject
CreateEventW
SetEvent
ResetEvent
SetThreadPriority
GetCurrentThreadId
TerminateThread
EnterCriticalSection
LeaveCriticalSection

user32

PostQuitMessage
PostThreadMessageW
IsWindowEnabled
MapWindowPoints
GetDesktopWindow
FindWindowW
UnionRect
UnregisterClassW
SetForegroundWindow
IsWindowVisible
MessageBoxW
SetWindowRgn
MonitorFromPoint
IsZoomed
SetClipboardData
EmptyClipboard
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
CharNextW
GetKeyState
GetAsyncKeyState
GetSysColor
ClientToScreen
SetCursor
OffsetRect
PtInRect
UpdateLayeredWindow
IntersectRect
IsRectEmpty
GetClientRect
GetUpdateRect
MoveWindow
EndPaint
BeginPaint
ReleaseCapture
SetCapture
GetFocus
GetCursorPos
ScreenToClient
InvalidateRect
SetWindowTextW
GetDC
GetPropW
SetPropW
CallWindowProcW
SendMessageW
GetSystemMetrics
LoadImageW
SetWindowPos
IsIconic
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
ShowWindow
SetFocus
EnableWindow
GetWindow
IsWindow
SetWindowLongW
GetClassInfoExW
RegisterClassW
LoadCursorW
ReleaseDC
GetParent
GetWindowLongW
DefWindowProcW
PostMessageW
DestroyWindow
CreateWindowExW
KillTimer
TranslateMessage
GetQueueStatus
CallMsgFilterW
MsgWaitForMultipleObjectsEx
PeekMessageW
SetTimer
DispatchMessageW
RegisterClassExW
WaitMessage

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyExW
RegDeleteValueW

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteW

ole32

OleInitialize
OleUninitialize
CoInitialize
CoCreateInstance
CoUninitialize
CoInitializeEx
CreateStreamOnHGlobal

oleaut32

SysAllocString
SysFreeString

shlwapi

PathIsRelativeW
PathIsDirectoryW
StrCmpW

winmm

timeGetTime
timeSetEvent
timeKillEvent

gdiplus

GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipImageSelectActiveFrame
GdipCreateHBITMAPFromBitmap
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateMatrix
GdipDeleteMatrix
GdipCreateBitmapFromStream
GdipImageGetFrameDimensionsCount
GdipRotateMatrix
GdipCreatePen1
GdipClonePen
GdipSetPenWidth
GdipGetPenWidth
GdipSetPenColor
GdipSetPenStartCap
GdipSetPenEndCap
GdipSetPenDashCap197819
GdipGetPenStartCap
GdipGetPenEndCap
GdipGetPenDashCap197819
GdipSetPenLineJoin
GdipGetPenLineJoin
GdipSetPenDashStyle
GdipGetPenDashStyle
GdipDeletePen
GdipCreateSolidFill
GdipDeleteBrush
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipCreateTexture
GdipCreatePath
GdipClonePath
GdipResetPath
GdipSetPathFillMode
GdipGetPathFillMode
GdipStartPathFigure
GdipClosePathFigure
GdipAddPathLineI
GdipAddPathLine2I
GdipAddPathBezierI
GdipAddPathCurveI
GdipAddPathRectangleI
GdipAddPathEllipseI
GdipAddPathArcI
GdipAddPathPieI
GdipAddPathPolygonI
GdipGetPathWorldBoundsI
GdipIsVisiblePathPointI
GdipIsOutlineVisiblePathPointI
GdipTransformPath
GdipDeletePath
GdipCreateFromHDC
GdipDeleteGraphics
GdipFillRectangle
GdipDrawLineI
GdipSetSmoothingMode
GdipDrawBezierI
GdipDrawRectangleI
GdipAlloc
GdipFree
GdipCreateBitmapFromFile
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdiplusShutdown
GdiplusStartup
GdipCloneBrush
GdipDeleteFont
GdipCloneStringFormat
GdipStringFormatGetGenericTypographic
GdipDeleteStringFormat
GdipSetStringFormatTrimming
GdipSetStringFormatFlags
GdipScaleMatrix
GdipTranslateMatrix
GdipMeasureString
GdipFillPath
GdipDrawPath
GdipCloneImage
GdipFillEllipseI
GdipDrawEllipseI
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipDrawString

comctl32

ord17
_TrackMouseEvent

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext

msimg32

AlphaBlend

gdi32

CreateRoundRectRgn
CreateDIBSection
StretchBlt
CreateCompatibleDC
DeleteDC
GetDeviceCaps
RestoreDC
GetWindowOrgEx
SetWindowOrgEx
SetStretchBltMode
GetObjectA
CreateRectRgnIndirect
ExtSelectClipRgn
BitBlt
DeleteObject
SelectObject
CreateFontIndirectW
GetStockObject
GetObjectW
SaveDC

Sections

.text
Size: 514KB - Virtual size: 514KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32.0MB - Virtual size: 31.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf2250dace9fbdc6e06f04fa6f753b50

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

winmm

gdiplus

comctl32

imm32

msimg32

gdi32

Sections

.text Size: 514KB - Virtual size: 514KB

.rdata Size: 120KB - Virtual size: 119KB

.data Size: 19KB - Virtual size: 23KB

.rsrc Size: 32.0MB - Virtual size: 31.9MB

.reloc Size: 31KB - Virtual size: 31KB

.text
Size: 514KB - Virtual size: 514KB

.rdata
Size: 120KB - Virtual size: 119KB

.data
Size: 19KB - Virtual size: 23KB

.rsrc
Size: 32.0MB - Virtual size: 31.9MB

.reloc
Size: 31KB - Virtual size: 31KB