717461736e1b9d4974e6a033b96b4dd22822fd2bfabe38992fba036a16a7a830

Sharing

Copy URL Twitter E-mail

General

Target

717461736e1b9d4974e6a033b96b4dd22822fd2bfabe38992fba036a16a7a830
Size

15.6MB
MD5

b21da3b17dbfc42f222da73883fd7240
SHA1

bccdb85a1431e453e7e8390ddb5801fc742ed0f3
SHA256

717461736e1b9d4974e6a033b96b4dd22822fd2bfabe38992fba036a16a7a830
SHA512

e19fedcde5f5f2757964686587b15ec573b9c23cbff5b7636f578805d3c21a756e70457510d78c09cd1e8f54ca0dcd20d14928c82bac0f802d070359f3734c9f
SSDEEP

196608:tug9LzJH0FTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTi:tucH60lwDQiBlg0MWQ2XGUeE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
717461736e1b9d4974e6a033b96b4dd22822fd2bfabe38992fba036a16a7a830

Files

717461736e1b9d4974e6a033b96b4dd22822fd2bfabe38992fba036a16a7a830
.exe windows:6 windows x64 arch:x64

512985200da25a0e94403959fa08eb12

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

FindNextFileW
FindFirstFileExW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
GetTimeZoneInformation
LCMapStringW
CompareStringW
GetStringTypeW
GetStdHandle
ExitProcess
GetEnvironmentStringsW
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
VirtualAlloc
GetSystemInfo
RtlPcToFileHeader
RtlUnwindEx
OutputDebugStringW
IsValidCodePage
FreeEnvironmentStringsW
SetEnvironmentVariableW
CreateFileW
WriteConsoleW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
CreateEventW
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
Sleep
SearchPathA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
GetWindowsDirectoryA
FindResourceExW
GetCurrentDirectoryA
SetErrorMode
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExA
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
GetACP
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
FileTimeToSystemTime
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
SystemTimeToFileTime
ReplaceFileA
SetFileTime
GetFileTime
GetDiskFreeSpaceA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetVersionExA
GetCurrentThread
ResumeThread
SetThreadPriority
WaitForSingleObject
GetStringTypeExA
GetThreadLocale
GetVolumeInformationA
lstrcmpiA
GetShortPathNameA
LoadLibraryExA
GetModuleHandleA
GetCurrentProcess
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcessId
lstrcmpA
GetProfileIntA
GetTickCount
CompareStringA
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryExW
GetModuleHandleExW
GetModuleHandleW
GetModuleFileNameW
FreeResource
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
MultiByteToWideChar
CopyFileA
FormatMessageA
LocalFree
GlobalFree
GlobalSize
SetLastError
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
GetLastError
RaiseException
DecodePointer
LoadLibraryA
GetProcAddress
GetModuleFileNameA
lstrcpynA
MulDiv
GlobalAlloc
MoveFileA
lstrlenA
lstrcatA
lstrcpyA
CloseHandle
GetTempFileNameA
WriteFile
ReadFile
GetFileAttributesA
FindFirstFileA
FindClose
DeleteFileA
CreateFileA
GlobalLock
GlobalUnlock
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
GetFileType
LoadResource

user32

DefMDIChildProcA
DefFrameProcA
DrawMenuBar
IsRectEmpty
ReuseDDElParam
UnpackDDElParam
LoadImageA
DestroyIcon
SetRectEmpty
InsertMenuItemA
DestroyMenu
CreatePopupMenu
LoadMenuA
BringWindowToTop
SetCursorPos
GetWindowThreadProcessId
DestroyCursor
LoadCursorW
SetRect
MapVirtualKeyA
GetKeyNameTextA
IntersectRect
FillRect
ClientToScreen
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
InflateRect
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
SendDlgItemMessageA
CheckDlgButton
SetDlgItemTextA
MoveWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongPtrA
GetClassLongA
SetWindowLongPtrA
GetWindowLongPtrA
SetWindowLongA
GetWindowLongA
PtInRect
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
TranslateMDISysAccel
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
GetMessageA
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
IsIconic
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
TranslateMessage
PostQuitMessage
ShowOwnedPopups
SendMessageA
EnableWindow
GetAsyncKeyState
UpdateWindow
GetClientRect
CallWindowProcA
DefWindowProcA
PostMessageA
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
LoadBitmapW
GetParent
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
LoadAcceleratorsW
LoadMenuW
RegisterClipboardFormatA
GetSysColorBrush
RealChildWindowFromPoint
GetMenuItemInfoA
CopyImage
MapDialogRect
DrawIcon
SetWindowRgn
GetTabbedTextExtentW
CreateMenu
WindowFromPoint
RemoveMenu
AppendMenuA
GetSystemMenu
DeleteMenu
SetParent
SystemParametersInfoA
IsZoomed
GetSystemMetrics
RemovePropA
CharUpperA
CreateCaret
HideCaret
ShowCaret
SetCaretPos
IsWindow
GetDlgItem
ReleaseCapture
KillTimer
LoadAcceleratorsA
TranslateAcceleratorA
GetDC
ReleaseDC
InvalidateRect
EnableScrollBar
SetCursor
GetCursorPos
ScreenToClient
GetSysColor
OffsetRect
LoadCursorA
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
IsClipboardFormatAvailable
GetKeyState
SetCapture
SetTimer
ShowWindow
MessageBoxA
UnregisterClassA
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
PostThreadMessageA
CopyAcceleratorTableA
SubtractRect
GetUpdateRect
CharUpperBuffA
ModifyMenuA
GetDoubleClickTime
SetMenuDefaultItem
DestroyAcceleratorTable
CreateAcceleratorTableA
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
FrameRect
CopyIcon
DrawFrameControl
DrawEdge
DrawStateA
SetClassLongPtrA
EnumDisplayMonitors
SetLayeredWindowAttributes
NotifyWinEvent
InvertRect
MessageBeep
GetIconInfo
DrawIconEx
DrawFocusRect
GetNextDlgGroupItem
WaitMessage
GetMenuDefaultItem
LoadImageW
TrackMouseEvent
LockWindowUpdate
GetDCEx
UnionRect
ValidateRect
GetWindowRgn

gdi32

DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetCurrentPositionEx
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
StartDocA
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateRectRgnIndirect
DeleteDC
PatBlt
SetRectRgn
DPtoLP
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetViewportOrgEx
Rectangle
GetBkColor
GetTextMetricsA
CreateFontA
GetCharWidthA
StretchDIBits
CreateEllipticRgn
Ellipse
CreateDIBSection
LPtoDP
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextColor
GetTextExtentPointA
GetTextExtentPoint32W
GetWindowOrgEx
GetTextFaceA
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
SetDIBColorTable
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
SetTextColor
SetBkColor
CreateBitmap
CreateDCA
CopyMetaFileA
GetObjectA
GetTextExtentPoint32A
GetDeviceCaps
CreateFontIndirectA
CreateCompatibleDC
GetMapMode
BitBlt
CreateCompatibleBitmap

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterA
GetJobA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteValueA
RegOpenKeyExA
RegEnumKeyExA
RegEnumValueA
GetFileSecurityA
SetFileSecurityA
RegEnumKeyA
RegSetValueExA
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExW
RegSetValueA
RegQueryValueA

shell32

SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ExtractIconA
SHAddToRecentDocs
DragFinish
DragQueryFileA
ShellExecuteA
DragAcceptFiles
SHGetFileInfoA
SHBrowseForFolderA
SHAppBarMessage

comctl32

ImageList_Draw

shlwapi

PathFindFileNameA
PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
StrFormatKBSizeA

uxtheme

GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeParentBackground

ole32

OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CoInitializeEx
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRevokeClassObject
CoRegisterMessageFilter
CoDisconnectObject
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleLockRunning

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
LoadTypeLi
VariantCopy
VarBstrFromDate
SysAllocString
SysAllocStringByteLen
VariantChangeType
VariantClear
VariantInit
SysFreeString

oledlg

ord8

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 697KB - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12.8MB - Virtual size: 12.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gehcont
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

512985200da25a0e94403959fa08eb12

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 697KB - Virtual size: 696KB

.data Size: 12.8MB - Virtual size: 12.8MB

.pdata Size: 98KB - Virtual size: 97KB

.gehcont Size: 512B - Virtual size: 20B

.rsrc Size: 79KB - Virtual size: 79KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 697KB - Virtual size: 696KB

.data
Size: 12.8MB - Virtual size: 12.8MB

.pdata
Size: 98KB - Virtual size: 97KB

.gehcont
Size: 512B - Virtual size: 20B

.rsrc
Size: 79KB - Virtual size: 79KB