c692b403c37b6e1627c1de6282e7244f8d22fe9422d0a98ed0e81b449486d5f2

Sharing

Copy URL

Twitter E-mail

General

Target

c692b403c37b6e1627c1de6282e7244f8d22fe9422d0a98ed0e81b449486d5f2
Size

7.3MB
MD5

c8684ee7ce9838120714f400b1a42021
SHA1

9a294842f4d34b59cfb074f36f3a2c261592a20e
SHA256

c692b403c37b6e1627c1de6282e7244f8d22fe9422d0a98ed0e81b449486d5f2
SHA512

613ee146df8dc41e7d93fe7948749c888a3a29ce3b4fb37961eda04e207d27924d4a89ba7ee543331e1abdbf778cb14686f18c85f18ed7d49be64bc4b8702dc3
SSDEEP

98304:qvu6o3Rsb0Bs9WZDPu1CESK2YwKRWi7VjlcQu:2sjmTRsQj1u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c692b403c37b6e1627c1de6282e7244f8d22fe9422d0a98ed0e81b449486d5f2

Files

c692b403c37b6e1627c1de6282e7244f8d22fe9422d0a98ed0e81b449486d5f2
.exe windows:6 windows x64 arch:x64

7892f3e2ce7206b06dd19b9d84179518

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

AcquireSRWLockExclusive
ActivateActCtx
CloseHandle
CompareStringW
CopyFileW
CreateActCtxW
CreateEventW
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
DeactivateActCtx
DecodePointer
DeleteCriticalSection
DuplicateHandle
EncodePointer
EnterCriticalSection
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindActCtxSectionStringW
FindClose
FindFirstFileW
FindResourceExW
FindResourceW
FlushFileBuffers
FreeLibrary
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
GetFileAttributesExW
GetFileAttributesW
GetFileSize
GetFileSizeEx
GetFileTime
GetFullPathNameW
GetLastError
GetLocalTime
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetProcAddress
GetProcessHeap
GetProfileIntW
GetQueuedCompletionStatus
GetStartupInfoW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathW
GetTickCount64
GetUserDefaultUILanguage
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFlags
GlobalFree
GlobalGetAtomNameW
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeConditionVariable
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LocalReAlloc
LockFile
LockResource
MapViewOfFileEx
MulDiv
MultiByteToWideChar
OutputDebugStringA
OutputDebugStringW
PostQueuedCompletionStatus
QueryActCtxW
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseSRWLockExclusive
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SearchPathW
SetEndOfFile
SetEvent
SetFilePointer
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SleepConditionVariableCS
SleepConditionVariableSRW
SwitchToThread
SystemTimeToTzSpecificLocalTime
TerminateProcess
TerminateThread
TlsAlloc
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoW
VirtualProtect
VirtualQuery
WaitForSingleObject
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteFile
lstrcmpA
lstrcmpW
lstrcmpiW
lstrcpyW
lstrlenW

user32

AdjustWindowRectEx
AppendMenuW
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcW
CharUpperBuffW
CharUpperW
CheckDlgButton
CheckMenuItem
ClientToScreen
CloseClipboard
CopyAcceleratorTableW
CopyIcon
CopyImage
CopyRect
CreateAcceleratorTableW
CreateDialogIndirectParamW
CreateMenu
CreatePopupMenu
CreateWindowExW
DefFrameProcW
DefMDIChildProcW
DefWindowProcW
DeferWindowPos
DeleteMenu
DestroyAcceleratorTable
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawStateW
DrawTextExW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndDeferWindowPos
EndDialog
EndPaint
EnumDisplayMonitors
EqualRect
FillRect
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetClassInfoExW
GetClassInfoW
GetClassLongPtrW
GetClassNameW
GetClientRect
GetComboBoxInfo
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyNameTextW
GetKeyState
GetKeyboardLayout
GetKeyboardState
GetLastActivePopup
GetMenu
GetMenuCheckMarkDimensions
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuState
GetMenuStringW
GetMessagePos
GetMessageTime
GetMessageW
GetMonitorInfoW
GetNextDlgGroupItem
GetNextDlgTabItem
GetParent
GetPropW
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetUpdateRect
GetWindow
GetWindowDC
GetWindowLongPtrW
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowRgn
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
GrayStringW
HideCaret
InflateRect
InsertMenuItemW
InsertMenuW
IntersectRect
InvalidateRect
InvertRect
IsCharLowerW
IsChild
IsClipboardFormatAvailable
IsDialogMessageW
IsIconic
IsMenu
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsW
LoadBitmapW
LoadCursorW
LoadIconW
LoadImageW
LoadMenuW
LockWindowUpdate
MapDialogRect
MapVirtualKeyExW
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxW
ModifyMenuW
MonitorFromPoint
MonitorFromWindow
MoveWindow
MsgWaitForMultipleObjects
NotifyWinEvent
OffsetRect
OpenClipboard
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RealChildWindowFromPoint
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropW
ReuseDDElParam
ScreenToClient
ScrollWindow
SendDlgItemMessageA
SendMessageW
SetActiveWindow
SetCapture
SetClassLongPtrW
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetLayeredWindowAttributes
SetMenu
SetMenuDefaultItem
SetMenuItemBitmaps
SetMenuItemInfoW
SetParent
SetPropW
SetRect
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongPtrW
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowOwnedPopups
ShowScrollBar
ShowWindow
SubtractRect
SystemParametersInfoW
TabbedTextOutW
ToUnicodeEx
TrackMouseEvent
TrackPopupMenu
TranslateAcceleratorW
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnpackDDElParam
UnregisterClassW
UpdateLayeredWindow
UpdateWindow
ValidateRect
WaitMessage
WinHelpW
WindowFromPoint

gdi32

BitBlt
CombineRgn
CopyMetaFileW
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateDIBitmap
CreateEllipticRgn
CreateFontIndirectW
CreateHatchBrush
CreatePalette
CreatePatternBrush
CreatePen
CreatePolygonRgn
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
DPtoLP
DeleteDC
DeleteObject
Ellipse
EnumFontFamiliesExW
EnumFontFamiliesW
Escape
ExcludeClipRect
ExtFloodFill
ExtSelectClipRgn
ExtTextOutW
FillRgn
FrameRgn
GetBkColor
GetBoundsRect
GetClipBox
GetDeviceCaps
GetLayout
GetNearestPaletteIndex
GetObjectType
GetObjectW
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextCharsetInfo
GetTextColor
GetTextExtentPoint32W
GetTextFaceW
GetTextMetricsW
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
IntersectClipRect
LPtoDP
LineTo
MoveToEx
OffsetRgn
OffsetViewportOrgEx
OffsetWindowOrgEx
PatBlt
Polygon
Polyline
PtInRegion
PtVisible
RealizePalette
RectVisible
Rectangle
RestoreDC
RoundRect
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetDIBColorTable
SetLayout
SetMapMode
SetPaletteEntries
SetPixel
SetPixelV
SetPolyFillMode
SetROP2
SetRectRgn
SetTextAlign
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StretchBlt
TextOutW

oleaut32

LoadTypeLi
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
SystemTimeToVariantTime
VarBstrFromDate
VariantChangeType
VariantClear
VariantCopy
VariantInit
VariantTimeToSystemTime

ws2_32

InetNtopW
InetPtonW
WSACleanup
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAGetLastError
WSAIoctl
WSARecv
WSARecvFrom
WSAResetEvent
WSASend
WSASendTo
WSASetLastError
WSAStartup
WSAStringToAddressW
WSAWaitForMultipleEvents
__WSAFDIsSet
bind
closesocket
connect
freeaddrinfo
getaddrinfo
getpeername
getsockname
getsockopt
htonl
htons
ioctlsocket
ntohl
ntohs
recv
select
send
sendto
setsockopt
shutdown
socket

gdiplus

GdipAlloc
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCloneImage
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateFromHDC
GdipDeleteGraphics
GdipDisposeImage
GdipDrawImageI
GdipDrawImageRectI
GdipFree
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageWidth
GdipSetInterpolationMode
GdiplusShutdown
GdiplusStartup

shlwapi

PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathRemoveFileSpecW
PathStripToRootW
StrChrW
StrFormatKBSizeW

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

ole32

CoCreateInstance
CoDisconnectObject
CoInitialize
CoInitializeEx
CoLockObjectExternal
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateStreamOnHGlobal
DoDragDrop
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleDuplicateData
OleGetClipboard
OleLockRunning
OleTranslateAccelerator
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop

winmm

PlaySoundW
timeBeginPeriod
timeEndPeriod
timeGetDevCaps
timeGetTime

shell32

DragFinish
DragQueryFileW
SHAppBarMessage
SHBrowseForFolderW
SHGetDesktopFolder
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

uxtheme

CloseThemeData
DrawThemeBackground
DrawThemeParentBackground
DrawThemeText
GetCurrentThemeName
GetThemeColor
GetThemePartSize
GetThemeSysColor
GetWindowTheme
IsAppThemed
IsThemeBackgroundPartiallyTransparent
OpenThemeData

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

msimg32

AlphaBlend
TransparentBlt

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

msvcrt

?_set_new_mode@@YAHH@Z
?terminate@@YAXXZ
_CxxThrowException
_XcptFilter
__C_specific_handler
__CxxFrameHandler3
__DestructExceptionObject
___lc_codepage_func
___mb_cur_max_func
__getmainargs
__pctype_func
__set_app_type
_acmdln
_amsg_exit
_beginthread
_beginthreadex
_callnewh
_clearfp
_commode
_endthread
_errno
_expand
_fileno
_initterm
_initterm_e
_iob
_isatty
_ismbblead
_local_unwind
_localtime64_s
_lock
_mbtowc_l
_mktime64
_msize
_resetstkoflw
_set_fmode
_unlock
_wcsicmp
_wcsicoll
_wcslwr_s
_wcstoui64
_wcsupr_s
_wmakepath_s
_wsplitpath_s
_wtoi
_wtol
abort
abs
atan2
calloc
ceil
ceilf
clock
cos
exp
fflush
floor
free
isalnum
iswalnum
iswalpha
iswctype
iswdigit
iswprint
iswspace
labs
ldiv
log10
malloc
memcmp
memcpy
memmove
memset
rand_s
realloc
sin
sqrt
strcpy_s
strerror
strlen
strnlen
strrchr
strtol
tolower
toupper
towlower
towupper
wcscat_s
wcschr
wcscmp
wcscoll
wcscpy_s
wcscspn
wcslen
wcsncmp
wcsncpy_s
wcsnlen
wcspbrk
wcsrchr
wcsstr
wcstol
wctomb_s

Sections

.text
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 507KB - Virtual size: 507KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 937KB - Virtual size: 965KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 216B

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7892f3e2ce7206b06dd19b9d84179518

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

oleaut32

ws2_32

gdiplus

shlwapi

advapi32

ole32

winmm

shell32

winspool.drv

uxtheme

oleacc

msimg32

imm32

msvcrt

Sections

.text Size: 5.6MB - Virtual size: 5.6MB

.rdata Size: 507KB - Virtual size: 507KB

.data Size: 937KB - Virtual size: 965KB

.pdata Size: 98KB - Virtual size: 98KB

.retplne Size: 512B - Virtual size: 216B

.tls Size: 1KB - Virtual size: 1KB

.reloc Size: 284KB - Virtual size: 284KB

.text
Size: 5.6MB - Virtual size: 5.6MB

.rdata
Size: 507KB - Virtual size: 507KB

.data
Size: 937KB - Virtual size: 965KB

.pdata
Size: 98KB - Virtual size: 98KB

.retplne
Size: 512B - Virtual size: 216B

.tls
Size: 1KB - Virtual size: 1KB

.reloc
Size: 284KB - Virtual size: 284KB