94e479ef08b0e546f4598efce8dfb237c3208ffa70a553b5519fd336a8f30f37

Sharing

Copy URL

Twitter E-mail

General

Target

94e479ef08b0e546f4598efce8dfb237c3208ffa70a553b5519fd336a8f30f37
Size

6.6MB
MD5

91ead0a1293d0a89b7b68a577f60271a
SHA1

0067540731ef0ad57f1054b9818eac126a997a29
SHA256

94e479ef08b0e546f4598efce8dfb237c3208ffa70a553b5519fd336a8f30f37
SHA512

744028cc472e052c3572a195f37b62d92f4e5d4810bcce893f288e2f1950f9354af6cf4f5157489ac8eaf349273f6f6b7f31981ad085db79953cb520dde3d44b
SSDEEP

98304:kZaa3ZILbpZcvrVoZr8UNb6TUk+zZ/7tdJf5d0kacIzM:/apuZcSNbmUR1fpaZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94e479ef08b0e546f4598efce8dfb237c3208ffa70a553b5519fd336a8f30f37

Files

94e479ef08b0e546f4598efce8dfb237c3208ffa70a553b5519fd336a8f30f37
.dll regsvr32 windows:5 windows x86 arch:x86

fc244cfa2e70ed3f400858f1cad05093

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime

wininet

FtpOpenFileW
HttpSendRequestW
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
HttpAddRequestHeadersW
FtpGetFileW
FtpPutFileW
InternetQueryDataAvailable
InternetQueryOptionW
InternetCanonicalizeUrlW
HttpOpenRequestW
InternetOpenW
InternetConnectW
InternetCloseHandle
InternetOpenUrlW
InternetReadFile
HttpQueryInfoW
InternetCrackUrlW
HttpSendRequestA

crypt32

CertFindCertificateInStore
CryptMsgGetParam
CryptQueryObject
PFXImportCertStore
CryptImportPublicKeyInfoEx
CryptMsgClose
CertGetCertificateContextProperty
CertOpenStore
CertEnumCertificatesInStore
CertCloseStore
CertCreateCertificateContext
CertFreeCertificateContext
CertNameToStrW
CertGetNameStringW
CertCompareCertificate
CryptImportPublicKeyInfo
PFXIsPFXBlob

kernel32

FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
IsDBCSLeadByte
FindFirstFileW
GlobalGetAtomNameW
lstrlenA
lstrcmpA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
GetVersionExA
FormatMessageW
FreeResource
GetFullPathNameW
GetShortPathNameW
InterlockedExchange
CompareStringA
GetLocaleInfoW
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
FileTimeToLocalFileTime
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetUserDefaultLCID
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GlobalFlags
GetFileAttributesW
GetFileSizeEx
GetFileTime
GetPrivateProfileIntW
WritePrivateProfileStringW
GetVersion
FindResourceExW
GetProfileIntW
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
ExitProcess
VirtualProtect
VirtualAlloc
VirtualQuery
HeapSize
SetStdHandle
GetFileType
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
SetHandleCount
GetStartupInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetProcessHeap
GetFullPathNameA
SetEnvironmentVariableA
GlobalMemoryStatus
FindNextFileA
lstrcpynA
FindFirstFileA
GetEnvironmentVariableA
SetLastError
WinExec
IsBadWritePtr
GetVolumeInformationW
GetComputerNameA
DeviceIoControl
IsBadReadPtr
GetCurrentThreadId
CreateProcessW
CopyFileW
InterlockedDecrement
SetLocalTime
WriteProfileStringW
GetProfileStringW
InterlockedIncrement
GetVersionExW
GetSystemInfo
GetACP
GetWindowsDirectoryW
GetModuleFileNameW
TerminateProcess
SetFilePointer
ExpandEnvironmentStringsW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
ReleaseMutex
CreateMutexW
LocalAlloc
ReadFile
LocalFree
GetTempPathW
TerminateThread
CreateEventW
OpenFileMappingA
SetEvent
ResetEvent
WaitForSingleObject
GetSystemTime
GetSystemTimeAsFileTime
lstrlenW
GetSystemDirectoryW
LoadLibraryW
FileTimeToSystemTime
GlobalSize
GetTickCount
WideCharToMultiByte
FindResourceW
DeleteFileW
SizeofResource
LoadResource
LockResource
CreateFileA
FindResourceA
LoadLibraryA
FreeLibrary
GetFileSize
GetWindowsDirectoryA
CreateThread
SetThreadPriority
Sleep
DeleteFileA
CreateFileMappingW
MapViewOfFile
MultiByteToWideChar
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
MulDiv
GetCurrentProcessId
UnmapViewOfFile
CloseHandle
GetModuleHandleW
GetProcAddress
WriteProfileStringA
GetSystemDirectoryA
GetLocalTime
WriteFile
FlushFileBuffers
CopyFileA
GetLastError
GetProfileStringA
CreateEventA
CreateFileMappingA
OpenProcess
CreateFileW
GetModuleHandleA

user32

GetDC
ReleaseDC
AppendMenuW
GetMenuItemCount
ClientToScreen
MessageBoxW
IsWindow
TrackMouseEvent
GetClassLongW
BeginDeferWindowPos
EndDeferWindowPos
wsprintfW
SendMessageTimeoutW
EnableWindow
SetWindowTextW
CreatePopupMenu
GetWindowTextW
GetWindowTextLengthW
GetClientRect
OffsetRect
FillRect
InvalidateRect
GetWindow
GetSystemMetrics
CallWindowProcA
WindowFromDC
SetPropA
CreateWindowExA
RemovePropA
GetWindowLongA
SetWindowLongA
EnableScrollBar
SendMessageA
GetPropA
MessageBoxA
GetProcessWindowStation
GetUserObjectInformationW
GetTabbedTextExtentA
GetDialogBaseUnits
UnregisterClassW
TranslateMDISysAccel
DefMDIChildProcW
GetDCEx
FrameRect
IsDlgButtonChecked
GetDlgItem
CheckDlgButton
SetDlgItemTextW
SetDlgItemTextA
SetCursorPos
ShowScrollBar
SetActiveWindow
LoadImageW
GetQueueStatus
GetClipboardData
CreateIconIndirect
FindWindowExW
EnableMenuItem
GetClassInfoW
GetIconInfo
GetAsyncKeyState
RegisterWindowMessageW
SetWindowsHookExW
CallNextHookEx
UnhookWindowsHookEx
IsMenu
SetMenuItemInfoW
CallWindowProcW
GetMenuItemRect
DestroyIcon
LoadBitmapW
GetPropW
SetPropW
RemovePropW
GetForegroundWindow
GetSystemMenu
GetMenuItemInfoW
DrawStateW
EnumWindows
UpdateWindow
ShowWindow
FindWindowW
GetDesktopWindow
GetWindowThreadProcessId
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
LockWindowUpdate
MoveWindow
IntersectRect
EnumChildWindows
GetClassNameW
DestroyCursor
MonitorFromPoint
MonitorFromWindow
GetWindowDC
GrayStringW
DrawTextExW
TabbedTextOutW
GetDlgCtrlID
IsChild
WindowFromPoint
GetMessageW
LoadIconW
EqualRect
MessageBeep
DrawTextA
InvertRect
DrawTextW
PeekMessageW
TranslateMessage
DispatchMessageW
SetWindowRgn
ValidateRect
GetMessagePos
ReleaseCapture
SetCapture
DrawFrameControl
DrawEdge
SetRect
DrawFocusRect
InflateRect
TrackPopupMenu
DefWindowProcW
GetMonitorInfoW
SystemParametersInfoW
SetWindowPos
DestroyMenu
SetMenuInfo
PostMessageW
SetWindowLongW
GetMenu
SetMenu
GetParent
RedrawWindow
BringWindowToTop
DrawMenuBar
LoadMenuW
GetMenuItemID
CheckMenuItem
GetMenuStringW
GetSubMenu
RemoveMenu
InsertMenuItemW
SetCursor
RegisterHotKey
UnregisterHotKey
BeginPaint
EndPaint
GetSysColorBrush
LoadCursorW
GetSysColor
DrawIconEx
GetKeyState
GetWindowLongW
GetCursorPos
SetParent
GetFocus
GetCapture
KillTimer
SetTimer
IsWindowVisible
ScreenToClient
SendMessageW
SetRectEmpty
PtInRect
IsRectEmpty
CopyRect
GetWindowRect
EndDialog
GetNextDlgTabItem
IsWindowEnabled
DestroyWindow
CreateDialogIndirectParamW
GetActiveWindow
SendDlgItemMessageW
IsDialogMessageW
SetFocus
InsertMenuW
GetMenuState
SetScrollPos
GetWindowPlacement
IsIconic
SystemParametersInfoA
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
AdjustWindowRectEx
RegisterClassW
GetClassInfoExW
CreateWindowExW
SetForegroundWindow
MapWindowPoints
GetMessageTime
GetTopWindow
GetLastActivePopup
WinHelpW
SendDlgItemMessageA
ModifyMenuW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
TranslateAcceleratorW
LoadAcceleratorsW
ReuseDDElParam
UnpackDDElParam
DeleteMenu
CharUpperW
PostQuitMessage
ShowOwnedPopups
PostThreadMessageW
RegisterClipboardFormatW
CreateMenu
DefFrameProcW

gdi32

CreateFontA
GetTextExtentPoint32A
GetObjectA
UnrealizeObject
DeleteMetaFile
AddFontResourceW
GetTextFaceW
GetFontData
GdiFlush
GetEnhMetaFileBits
CreateDCA
StartDocW
StartPage
EndPage
ResetDCW
EndDoc
PlayMetaFile
CreateHatchBrush
FrameRgn
FillRgn
OffsetRgn
CombineRgn
CreateRoundRectRgn
CreatePolygonRgn
GetPath
CreateBitmap
PatBlt
SetDIBits
GetDIBits
CloseFigure
GetTextExtentPointW
EnumFontsW
RemoveFontResourceW
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
GetMapMode
StretchBlt
SetPixelV
Ellipse
RoundRect
Arc
Chord
OffsetViewportOrgEx
SelectClipRgn
IntersectClipRect
ExcludeClipRect
CreateRectRgnIndirect
CreateDCW
CopyMetaFileW
Pie
PolyBezier
Polyline
PolyBezierTo
PolylineTo
PolyPolyline
PolyPolygon
PolyDraw
BeginPath
EndPath
FillPath
StrokeAndFillPath
SetEnhMetaFileBits
PlayEnhMetaFile
GetBrushOrgEx
GetArcDirection
SetArcDirection
GetBkMode
GetPolyFillMode
SetPolyFillMode
GetROP2
SetROP2
GetBkColor
ExtCreatePen
CreateBrushIndirect
CreatePatternBrush
ScaleViewportExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
GetTextAlign
CreatePenIndirect
GetTextMetricsW
Escape
RectVisible
PtVisible
SetPixel
GetPixel
GetTextColor
TextOutA
TextOutW
Polygon
CreateRectRgn
RealizePalette
CreatePalette
GetStretchBltMode
SetStretchBltMode
SetBrushOrgEx
CreateEnhMetaFileW
CloseEnhMetaFile
GetStockObject
GetClipBox
GetTextExtentPoint32W
Rectangle
CreateCompatibleBitmap
CreateFontW
SetTextColor
CreateSolidBrush
SetBkColor
LPtoDP
SetMapMode
SetWindowExtEx
SetViewportExtEx
SetWindowOrgEx
SetViewportOrgEx
GetObjectType
DPtoLP
MoveToEx
LineTo
CreatePen
SaveDC
EnumEnhMetaFile
RestoreDC
ExtTextOutW
ExtTextOutA
StretchDIBits
DeleteEnhMetaFile
BitBlt
GetTextExtentExPointW
EnumFontFamiliesExW
CreateFontIndirectW
GetOutlineTextMetricsW
GetDeviceCaps
SelectObject
DeleteObject
DeleteDC
CreateCompatibleDC
CreateDIBSection
SetBkMode
SetTextAlign
GetCurrentObject
GetObjectW
PlayEnhMetaFileRecord
CloseMetaFile
CreateMetaFileW
GetCharWidthW
SetRectRgn
SelectPalette

winspool.drv

GetPrinterA
GetJobW
EnumMonitorsA
DeleteMonitorA
AddMonitorA
SetPrinterA
EnumPrintersW
OpenPrinterW
EnumPortsW
DocumentPropertiesW
EnumPrintProcessorDatatypesA
EnumPortsA
DeletePortA
AddPortA
AddPrinterDriverA
AddPrinterA
SetPrinterW
OpenPrinterA
ClosePrinter
DeletePrinter
EnumPrinterDriversA
DeletePrinterDriverA
GetPrinterW

advapi32

CryptDecrypt
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegDeleteValueW
RegCreateKeyW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegSetValueW
RegSetValueExA
RegCreateKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetUserNameW
GetLengthSid
RegCreateKeyExW
RegSetValueExW
RegQueryValueExA
CryptSetProvParam
CryptSignHashW
CryptGetKeyParam
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptVerifySignatureW
CryptEncrypt
CryptAcquireContextW
CryptGetProvParam
CryptGetUserKey
CryptDestroyKey
CryptGenKey
CryptAcquireContextA
CryptReleaseContext
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteW
ShellExecuteExW
ExtractIconW
DragQueryFileW
DragFinish
SHGetFolderPathW

ole32

OleDuplicateData
CreateDataCache
CoRegisterClassObject
CoRevokeClassObject
StringFromGUID2
CoRegisterMessageFilter
OleUninitialize
CoFreeUnusedLibraries
OleSaveToStream
CreateOleAdviseHolder
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CreateDataAdviseHolder
CoDisconnectObject
CreateStreamOnHGlobal
ReadClassStm
OleIsCurrentClipboard
OleFlushClipboard
OleLoadFromStream
StgOpenStorage
CoGetMalloc
ProgIDFromCLSID
CoSetProxyBlanket
CLSIDFromProgID
CoInitialize
CoUninitialize
CoCreateInstance
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
ReadFmtUserTypeStg
StgIsStorageFile
GetHGlobalFromILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
StgOpenStorageOnILockBytes
CoInitializeEx
CoCreateGuid

oleaut32

LoadTypeLi
RegisterTypeLi
OleCreatePropertyFrame
CreateErrorInfo
GetErrorInfo
OleCreatePictureIndirect
OleCreateFontIndirect
OleLoadPicture
VariantTimeToSystemTime
SystemTimeToVariantTime
VarUdateFromDate
VariantChangeType
VariantClear
VarDateFromStr
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantCopy
VariantInit
SysAllocStringLen
LoadRegTypeLi
SafeArrayPutElement
SafeArrayCreateVector
SysStringLen
GetActiveObject

comctl32

ImageList_GetIcon
ImageList_Draw
_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathFindFileNameW
UrlUnescapeW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ws2_32

recv
select
send
inet_addr
connect
socket
gethostbyname
htons
WSASetLastError
WSACleanup
WSAStartup
closesocket

oleacc

CreateStdAccessibleObject
LresultFromObject

comdlg32

GetFileTitleW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetErrorMsg
GetSealCount
InternalCmd
IsUKIn
ReadSealData

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 230KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 861KB - Virtual size: 861KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 253KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc244cfa2e70ed3f400858f1cad05093

Headers

File Characteristics

Imports

winmm

wininet

crypt32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

oledlg

ws2_32

oleacc

comdlg32

Exports

Exports

Sections

.text Size: 3.2MB - Virtual size: 3.2MB

.rdata Size: 2.1MB - Virtual size: 2.1MB

.data Size: 230KB - Virtual size: 440KB

.rsrc Size: 861KB - Virtual size: 861KB

.reloc Size: 253KB - Virtual size: 252KB

.text
Size: 3.2MB - Virtual size: 3.2MB

.rdata
Size: 2.1MB - Virtual size: 2.1MB

.data
Size: 230KB - Virtual size: 440KB

.rsrc
Size: 861KB - Virtual size: 861KB

.reloc
Size: 253KB - Virtual size: 252KB