94a3e394df9fc7cfa1139f22bbddcfc42959f542f1cfebf9371e98769570ee38

Sharing

Copy URL

Twitter E-mail

General

Target

94a3e394df9fc7cfa1139f22bbddcfc42959f542f1cfebf9371e98769570ee38
Size

418KB
MD5

8f9f7bf0041b46254d4fa0aab69df593
SHA1

69be5fe6b42b5379eac2621a7f0a9e57dbfa3912
SHA256

94a3e394df9fc7cfa1139f22bbddcfc42959f542f1cfebf9371e98769570ee38
SHA512

be8a343c8fd9fd441ae7c641fd94dc9ded6f2a828ea3fec3fa35ecf32b8cb17e2426227b3d4c9a4af5b574b1dca8a1e20be01bb800cde1e95ee7f1f4c17cbe05
SSDEEP

12288:fRSBLuHnaXlvGFl7RoM+r3uraLMIBhlI99mtFLYCB5:fTzaZBhlI9SVYC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94a3e394df9fc7cfa1139f22bbddcfc42959f542f1cfebf9371e98769570ee38

Files

94a3e394df9fc7cfa1139f22bbddcfc42959f542f1cfebf9371e98769570ee38
.exe windows:5 windows x86 arch:x86

be4e03996a22ac77c35de98896184dae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TransmitCommChar
GetCommConfig
SetCommConfig
SetCommBreak
ClearCommBreak
ClearCommError
GetDefaultCommConfigW
SetDefaultCommConfigW
GetCommState
SetCommState
EscapeCommFunction
GetCommProperties
GetCommModemStatus
SetCommMask
GetCommMask
FlushFileBuffers
PurgeComm
SetupComm
WaitCommEvent
GetTickCount
CreateEventW
WideCharToMultiByte
WaitForSingleObject
ResetEvent
SetEvent
LocalFree
FormatMessageW
CreateFileA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
ReadFileEx
GetConsoleMode
GetConsoleCP
SetFilePointer
InitializeCriticalSectionAndSpinCount
GetCurrentProcessId
QueryPerformanceCounter
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoA
GetFileType
SetHandleCount
GetModuleHandleA
GetModuleFileNameA
GetStdHandle
ExitProcess
Sleep
HeapCreate
WriteFileEx
GetOverlappedResult
WriteFile
ReadFile
CloseHandle
CreateFileW
GetCommTimeouts
SetCommTimeouts
LoadLibraryW
GetProcAddress
lstrcmpiW
LoadLibraryExW
FreeLibrary
InitializeCriticalSection
GetLastError
GetModuleHandleW
InterlockedIncrement
FindResourceExW
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
GetCurrentThreadId
OutputDebugStringW
GetLocalTime
GetModuleFileNameW
CreateDirectoryW
FindResourceW
RaiseException
SizeofResource
LoadResource
LockResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
MultiByteToWideChar
InterlockedDecrement
FindClose
lstrlenW
FindFirstFileW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualProtect
GetSystemTimeAsFileTime
lstrlenA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
GetFullPathNameW
SetLastError
SetStdHandle
HeapFree
HeapAlloc
HeapDestroy

user32

DrawTextW
EndDialog
CreateWindowExW
DestroyWindow
SetWindowLongW
MoveWindow
GetClientRect
SendMessageW
SetWindowPos
MapWindowPoints
GetMonitorInfoW
MonitorFromWindow
GetWindowLongW
GetWindowRect
GetWindow
GetParent
LoadImageW
GetDlgItem
GetClassInfoExW
LoadCursorW
RegisterClassExW
CharNextW
GetSysColor
DefWindowProcW
GetWindowTextW
GetWindowTextLengthW
InvalidateRect
SetWindowRgn
CopyRect
CallWindowProcW
GetIconInfo
SetWindowTextW
ScreenToClient
ShowWindow
EnableWindow
SetDlgItemTextW
LoadIconW
BeginPaint
EndPaint
IsWindowVisible
UnregisterClassA
PostMessageW
IsWindow
DrawFocusRect
GetSystemMetrics
GetActiveWindow
DialogBoxParamW
SetCursor
KillTimer
SetTimer

gdi32

ExcludeClipRect
GetDIBColorTable
CreateSolidBrush
CreateRoundRectRgn
TextOutW
StretchBlt
SetBkMode
DeleteObject
CreateCompatibleBitmap
SetViewportOrgEx
CreateCompatibleDC
SelectObject
SetDIBColorTable
CreateDIBSection
BitBlt
DeleteDC
CreateFontIndirectW
SetBkColor
ExtTextOutW
GetTextExtentPoint32W
RoundRect
Rectangle
Polyline
LineTo
MoveToEx
SetTextColor
RestoreDC
SaveDC
GetStockObject
GetObjectW
CreatePen

advapi32

RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW

ole32

OleRun
CoCreateInstance
CreateStreamOnHGlobal
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoUninitialize

oleaut32

SysFreeString
SysAllocString
VariantCopy
VariantClear
GetErrorInfo
SysStringByteLen
VariantInit
VarUI4FromStr
VariantChangeType
SysAllocStringByteLen

comctl32

_TrackMouseEvent
InitCommonControlsEx

msimg32

TransparentBlt

gdiplus

GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageI
GdiplusStartup
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipAlloc
GdipCloneImage
GdipFree
GdipDisposeImage
GdiplusShutdown
GdipBitmapGetPixel
GdipDrawImageRectRect
GdipDrawImageRectI
GdipCreateFromHDC
GdipSetImageAttributesRemapTable
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0

wininet

HttpOpenRequestW
InternetSetStatusCallbackW
InternetOpenW
InternetReadFileExW
InternetQueryDataAvailable
HttpQueryInfoW
InternetGetLastResponseInfoW
HttpSendRequestW
InternetSetOptionW
InternetConnectW
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCloseHandle

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be4e03996a22ac77c35de98896184dae

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

msimg32

gdiplus

wininet

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 206KB - Virtual size: 206KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 206KB - Virtual size: 206KB

.reloc
Size: 11KB - Virtual size: 10KB