fadf9f2082a6ee8d0776737ff6cdf9f0N

Sharing

Copy URL Twitter E-mail

General

Target

fadf9f2082a6ee8d0776737ff6cdf9f0N
Size

924KB
MD5

fadf9f2082a6ee8d0776737ff6cdf9f0
SHA1

b7af9646f8855a26c81347da31ddbb1d33618468
SHA256

1039346de3c240d618bf28e2063978910423a0d7e7ddff03e12dc29c90702cb3
SHA512

ed92597cd6d9a765bfa6fbbaa8671276fc24d93346249ba918ecca1d2c20b98a2611be68e351473d2b46c894d0664f184bfc3d506f4071af9ecc2ba59223881f
SSDEEP

12288:mKr+KZtctrmTrxwgU1Zk+oPw8uT7ztT5JcC166z38hgF2yrGk:Hr+ZrmpmY+yIT7R5JcC16c2yS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fadf9f2082a6ee8d0776737ff6cdf9f0N

Files

fadf9f2082a6ee8d0776737ff6cdf9f0N
.exe windows:4 windows x86 arch:x86

2ccb954fa1a77ac78926e62d7c907262

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
CompareFileTime
WinExec
FindResourceA
LoadResource
LockResource
FreeResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
WaitForSingleObject
GetModuleFileNameA
SuspendThread
TerminateThread
Sleep
CreateThread
InterlockedDecrement
LoadLibraryA
GetProcAddress
FreeLibrary
FileTimeToSystemTime
GetLogicalDriveStringsA
GetVolumeInformationA
GetACP
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
RaiseException
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
InterlockedIncrement
HeapAlloc
FlushFileBuffers
HeapFree
GetLocalTime
GetSystemTime
GetTimeZoneInformation
IsBadReadPtr
RtlUnwind
LocalFree
WideCharToMultiByte
lstrlenW
FatalAppExitA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetStdHandle
GetFileType
SetHandleCount
GetStdHandle
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
GetDriveTypeA
GetOEMCP
SetUnhandledExceptionFilter
IsBadWritePtr
IsBadCodePtr
SetFilePointer
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetStringTypeA
GetStringTypeW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
SetEndOfFile
GetLocaleInfoW
GetFileAttributesA
_lclose
DeleteFileA
MultiByteToWideChar
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetTickCount
FindClose
FindNextFileA
FindFirstFileA
GetVersionExA
GetModuleHandleA
RemoveDirectoryA
CopyFileA
WriteFile
CreateFileA
CloseHandle
GetLastError
lstrcpyA
lstrlenA
ReadFile
CreateDirectoryA
MoveFileA
LeaveCriticalSection

user32

SetWindowTextA
DestroyMenu
ShowWindow
SendMessageA
SetDlgItemTextA
DialogBoxParamA
IsWindow
LoadMenuA
GetSubMenu
MessageBoxA
PostMessageA
EndDialog
GetDlgItem
DrawIcon
GetFocus
CheckRadioButton
LoadCursorA
SetCapture
SetCursor
ReleaseCapture
EnumWindows
wsprintfA
SetWindowLongA
CreateWindowExA
ReleaseDC
GetDC
EndPaint
DrawTextA
FillRect
LoadBitmapA
GetClientRect
BeginPaint
SetTimer
KillTimer
InvalidateRect
GetSysColor
EnableMenuItem
PostQuitMessage
SendDlgItemMessageA
LoadImageA
GetCursor
GetWindowTextA
IsDlgButtonChecked
CheckDlgButton
EnableWindow
SetFocus
GetDlgItemTextA
WinHelpA
PtInRect
GetWindowLongA
DispatchMessageA
TranslateMessage
PeekMessageA
ScreenToClient
MoveWindow
GetCursorPos
DrawEdge
CopyImage
SetForegroundWindow
IsDialogMessageA
MapWindowPoints
DrawFocusRect
MessageBeep
SetMenuItemInfoA
GetDesktopWindow
ShowCursor
TrackPopupMenuEx
GetWindowRect
ClientToScreen
UpdateWindow
TrackPopupMenu
IsWindowEnabled
ClipCursor
InflateRect
CopyRect
GetCapture
BringWindowToTop
GetSystemMetrics
SetClassLongA
SetMenu
GetMessageA
DestroyWindow
SetWindowPos
GetAsyncKeyState
DefWindowProcA
UnregisterClassA
LoadIconA
GetParent
CreateMenu
GetMenu
GetMenuItemCount
RegisterClassA
SetScrollPos
IsWindowVisible
GetScrollPos
GetScrollInfo
CreatePopupMenu
InsertMenuItemA
ShowScrollBar
SetScrollInfo

gdi32

StretchBlt
GetTextColor
CreateDIBitmap
GetTextExtentPoint32A
SelectObject
CreateFontIndirectA
DeleteObject
SetBkMode
CreatePatternBrush
CreateSolidBrush
GetObjectA
LineTo
MoveToEx
CreatePen
DeleteDC
SetBkColor
SetTextColor
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetCurrentPositionEx
GetDeviceCaps
CreateBitmap
SetStretchBltMode
GetDIBits
SelectPalette
RealizePalette
CreatePalette
GetStockObject

comdlg32

GetOpenFileNameA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA

shell32

ExtractIconA

ole32

RegisterDragDrop
CoCreateInstance
CoInitialize
CoRegisterClassObject
RevokeDragDrop
CoRevokeClassObject
CoUninitialize
OleUninitialize
OleInitialize
DoDragDrop

oleaut32

VariantChangeType
SysFreeString
SysAllocString
VariantCopy
SysAllocStringByteLen
SysStringByteLen
VariantInit
SetErrorInfo
CreateErrorInfo
VariantClear
GetErrorInfo

comctl32

PropertySheetA
ImageList_Draw
ImageList_EndDrag
CreatePropertySheetPageA
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_LoadImageA
ImageList_BeginDrag
ImageList_DragEnter
ord17
ImageList_SetBkColor
ImageList_Add
ImageList_Create
ImageList_DragMove
ImageList_DragLeave

wininet

InternetCanonicalizeUrlA
InternetReadFile
FtpFindFirstFileA
InternetFindNextFileA
InternetConnectA
FtpGetFileA
FtpPutFileA
FtpDeleteFileA
FtpRemoveDirectoryA
FtpSetCurrentDirectoryA
FtpRenameFileA
FtpCreateDirectoryA
InternetCrackUrlA
InternetGetLastResponseInfoA
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

winmm

PlaySoundA

mpr

WNetGetConnectionA

vic32

loadgif
viewimageex
freeimage
gifinfo
allocimage
loadjpg
jpeginfo

wt_ui

WTUI_GetBitmapHandleFromCache
WTUI_GetChildClientPosition
WTUI_GetLocalDirectory
WTUI_WritePrivateProfileInt
WTUI_ConstructFullFilename
WTUI_IsolateFilename
WTUI_MyPeekMessage
WTUI_MyFree
WTUI_MyRealloc
WTUI_SubclassFancyBitmap
WTUI_MyAlloc
WTUI_FtpBrowseDirectory
WTUI_KillTimerEx
WTUI_UnsubclassWindow
WTUI_CenterDialog
WTUI_GetBoldFaceFont
WTUI_SetTimerEx
WTUI_GetBitmapSize
WTUI_ShowHTMDocument
WTUI_FtpBrowse
WTUI_IsolateDirectory
WTUI_GetFilename
WTUI_DrawSubliminal
WTUI_DestroyDlgBmp
WTUI_DrawTransparentBitmap
WTUI_CreateModeless
WTUI_DestroyModeless
WTUI_GetString
WTUI_MyFree2
IsPropertySheetMessage
WTUI_PropertySheet

wtm_link

PSL_GenerateReport
WTLA_GetDynamicData
WTLA_ReadDatabaseItem
WTLA_ReadReferenceList
WTLA_ConstructFullURL
WTLA_GetPageTitle
WTLA_GetErrorString
WTLA_CreateSiteMgrEvent
OnCreateOptionDialog
OnCloseOptionDialog
WTLA_DestroyMutexEx
WTLA_GetLinkAnalysisDataStruct
WTLA_GetProfileFileList
WTLA_DoLinkAnalysis
WTLA_CreateMutexEx
WTLA_CheckDatabaseVersion
WTLA_DoLinkAnalysisWizard
WTLA_GenerateReport

rpcrt4

UuidCreate
UuidToStringA

coolbar

Coolbar_SetINIFilename
Coolbar_EnableButton
Coolbar_Command
Coolbar_Initmenu
Coolbar_Resize
Coolbar_AddButton
Coolbar_GetToolbarHWND
Coolbar_CreateSubsetCoolbar
Coolbar_Palette

Sections

.text
Size: 381KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 423KB - Virtual size: 422KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ccb954fa1a77ac78926e62d7c907262

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

wininet

winmm

mpr

vic32

wt_ui

wtm_link

rpcrt4

coolbar

Sections

.text Size: 381KB - Virtual size: 380KB

.rdata Size: 33KB - Virtual size: 32KB

.data Size: 45KB - Virtual size: 212KB

.idata Size: 13KB - Virtual size: 12KB

.rsrc Size: 423KB - Virtual size: 422KB

.reloc Size: 28KB - Virtual size: 27KB

.text
Size: 381KB - Virtual size: 380KB

.rdata
Size: 33KB - Virtual size: 32KB

.data
Size: 45KB - Virtual size: 212KB

.idata
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 423KB - Virtual size: 422KB

.reloc
Size: 28KB - Virtual size: 27KB