0e0e721d2542cd1e4d32fc92694e05ed5d3cbd1a204166dca23fea7542a0b39c

Sharing

Copy URL Twitter E-mail

General

Target

0e0e721d2542cd1e4d32fc92694e05ed5d3cbd1a204166dca23fea7542a0b39c
Size

5.0MB
MD5

65274f1a7cecbf5330579e10b7f51876
SHA1

3c695570cbae411594a791af3968dfed95ebf5bf
SHA256

0e0e721d2542cd1e4d32fc92694e05ed5d3cbd1a204166dca23fea7542a0b39c
SHA512

5d7eae859ba4aa4225e1a9398a731154e59d2ada396f48f7e3ad64b942933011aa2933f6aa3a0409ae6c6803c2b7d433d1fd2a55ee0ffe97035f025ad6cd6df6
SSDEEP

98304:l42LXrJ4UIR3xEJpfShDI+iZ7q1zPPXNAjtVa/u:/LFs3KJVShDI+7NAjtVa/u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e0e721d2542cd1e4d32fc92694e05ed5d3cbd1a204166dca23fea7542a0b39c

Files

0e0e721d2542cd1e4d32fc92694e05ed5d3cbd1a204166dca23fea7542a0b39c
.exe windows:6 windows x64 arch:x64

4207f939c0d06db9fd9cf78a5da62b59

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntdll

RtlUnwindEx
RtlPcToFileHeader
RtlInitUnicodeString

ws2_32

recv
WSACleanup
WSAStartup
send
socket
inet_addr
connect
closesocket
htons

kernel32

FileTimeToSystemTime
GetTempPathA
VirtualProtect
GetOEMCP
GetCPInfo
GetTickCount64
GetProfileIntA
SearchPathA
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
GetFileTime
GetACP
SystemTimeToTzSpecificLocalTime
GetWindowsDirectoryA
GetTempFileNameA
DuplicateHandle
GetVolumeInformationA
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetThreadLocale
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
GlobalFlags
OutputDebugStringW
RaiseException
GetCommandLineA
GetCommandLineW
GetStdHandle
CreateThread
ExitThread
FreeLibraryAndExitThread
GetSystemInfo
VirtualQuery
IsValidCodePage
QueryPerformanceFrequency
HeapQueryInformation
SetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
GetStringTypeW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetTimeZoneInformation
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryA
GetFileSize
GetFileAttributesA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
EncodePointer
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
CopyFileA
MulDiv
GlobalSize
FindResourceA
GlobalFree
GlobalUnlock
GlobalAddAtomA
GetPrivateProfileIntA
CompareStringA
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
GetVersionExA
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
LoadLibraryW
GetModuleHandleExW
GetModuleFileNameW
SetLastError
OutputDebugStringA
ResumeThread
WaitForSingleObject
lstrcmpiA
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
MultiByteToWideChar
GetFileInformationByHandleEx
GetModuleHandleW
AreFileApisANSI
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
FindFirstFileW
FindClose
GetLocaleInfoEx
FormatMessageA
LocalFree
FreeLibrary
Sleep
ExpandEnvironmentStringsA
LoadLibraryExA
VirtualAlloc
ExitProcess
GetCurrentThread
CreateFileW
SetThreadPriority
DeviceIoControl
SetPriorityClass
GetModuleFileNameA
WideCharToMultiByte
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
FindResourceW
LoadResource
HeapReAlloc
LockResource
GetLastError
HeapSize
InitializeCriticalSectionEx
HeapFree
SizeofResource
GetProcAddress
CloseHandle
DeleteFileA
CreateFileA
GetModuleHandleA
WriteFile
GetCurrentProcess
GetComputerNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
WriteConsoleW
FindResourceExW

user32

LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
CharUpperBuffA
RegisterClipboardFormatA
SubtractRect
GetKeyNameTextA
CreateAcceleratorTableA
LoadAcceleratorsW
MapVirtualKeyA
ToAsciiEx
GetKeyboardState
GetKeyboardLayout
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
CharNextA
UpdateLayeredWindow
WaitMessage
RealChildWindowFromPoint
GetUpdateRect
SetClassLongPtrA
DestroyAcceleratorTable
ModifyMenuA
SetMenuDefaultItem
GetMenuDefaultItem
GetMenuItemInfoA
CopyIcon
GetIconInfo
GetDoubleClickTime
EnableScrollBar
DestroyMenu
LockWindowUpdate
CreatePopupMenu
BringWindowToTop
UnionRect
SetRect
SetCursorPos
NotifyWinEvent
WindowFromPoint
MessageBeep
DeleteMenu
GetSystemMenu
LoadMenuW
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetAsyncKeyState
CharUpperA
IsZoomed
TrackMouseEvent
MonitorFromPoint
SetParent
CopyImage
LoadImageW
LoadImageA
DestroyIcon
EmptyClipboard
SetClipboardData
CloseClipboard
IntersectRect
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
InsertMenuItemA
GetScrollInfo
SetScrollInfo
LoadIconA
GetTopWindow
GetClassLongPtrA
GetClassLongA
SetWindowLongPtrA
GetWindowLongPtrA
SetWindowLongA
EqualRect
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
InvertRect
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
RegisterClassA
CallWindowProcA
GetMessageTime
GetMessagePos
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
SetFocus
GetClassNameA
InvalidateRect
UpdateWindow
EnumDisplayMonitors
GetMonitorInfoA
SystemParametersInfoA
LoadCursorW
LoadCursorA
CopyRect
SetRectEmpty
SetLayeredWindowAttributes
GetClassInfoA
DefWindowProcA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
UnpackDDElParam
ReuseDDElParam
FrameRect
IsClipboardFormatAvailable
PostThreadMessageA
IsCharLowerA
MapVirtualKeyExA
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
GetMenuItemID
GetSubMenu
GetComboBoxInfo
CreateMenu
DestroyCursor
GetWindowRgn
WinHelpA
GetMenuState
GetMenuStringA
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
UnhookWindowsHookEx
PtInRect
ScreenToClient
ClientToScreen
GetDesktopWindow
SetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetLastActivePopup
GetWindowThreadProcessId
GetWindowLongA
IsWindowEnabled
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageA
DrawIconEx
GetParent
IsRectEmpty
OffsetRect
InflateRect
FillRect
DrawFocusRect
GetSysColorBrush
GetSysColor
MapWindowPoints
GetWindowRect
RedrawWindow
SetWindowRgn
DrawStateA
GetFocus
DrawFrameControl
DrawEdge
RegisterWindowMessageA
CallNextHookEx
SetWindowsHookExA
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
GetSystemMetrics
DrawIcon
LoadIconW
SendMessageA
GetClientRect
IsIconic
EnableWindow
HideCaret
GetWindowPlacement
UnregisterClassA
MessageBoxA
OpenClipboard

gdi32

GetObjectA
MoveToEx
TextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateCompatibleBitmap
SelectObject
CreateDIBitmap
CreateFontIndirectA
EnumFontFamiliesA
GetTextCharsetInfo
GetMapMode
SetRectRgn
DPtoLP
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
GetRgnBox
OffsetRgn
RoundRect
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExA
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
SetPixelV
GetTextFaceA
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
Polygon
CreatePolygonRgn
ExtTextOutA
PatBlt
GetTextExtentPoint32A
GetTextColor
GetBkColor
Ellipse
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
CreateEllipticRgn
CombineRgn
SetBkColor
CreatePalette
DeleteDC
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreatePatternBrush
CreatePen
CreateCompatibleDC
CreateBitmap
BitBlt
GetDeviceCaps
CreateDCA
CopyMetaFileA
GetTextMetricsA
Polyline
SelectPalette

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
OpenProcessToken
GetTokenInformation
RegCreateKeyA
RegCloseKey
RegOpenKeyA
RegDeleteKeyA
LookupPrivilegeValueA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetDesktopFolder
SHAppBarMessage
DragFinish
DragQueryFileA
SHGetFileInfoA
ShellExecuteA

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionA
PathStripToRootA
PathRemoveFileSpecW
StrFormatKBSizeA
PathIsUNCA
PathFindFileNameA

uxtheme

GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground
IsAppThemed
GetWindowTheme
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
CloseThemeData
OpenThemeData
DrawThemeBackground
DrawThemeText

ole32

CoUninitialize
CoRegisterMessageFilter
CoRevokeClassObject
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoInitializeEx
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CreateStreamOnHGlobal
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid

oleaut32

SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
VariantChangeType
VariantClear
VariantInit
SysStringLen
SysAllocStringByteLen
SysFreeString
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
LoadTypeLi
SysAllocStringLen

oledlg

ord8

gdiplus

GdiplusStartup
GdipBitmapUnlockBits
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipFree
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipCloneImage
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipAlloc
GdipGetImageGraphicsContext
GdipDisposeImage
GdiplusShutdown

dbghelp

SymGetTypeInfo
SymLoadModuleEx
ImageNtHeader
SymCleanup
SymInitialize
SymGetTypeFromNameW

rpcrt4

UuidToStringA
RpcStringFreeA

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 550KB - Virtual size: 549KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nXf
Size: 771KB - Virtual size: 770KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4207f939c0d06db9fd9cf78a5da62b59

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

ws2_32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

dbghelp

rpcrt4

oleacc

imm32

winmm

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 550KB - Virtual size: 549KB

.data Size: 77KB - Virtual size: 106KB

.pdata Size: 88KB - Virtual size: 88KB

_RDATA Size: 512B - Virtual size: 500B

.nXf Size: 771KB - Virtual size: 770KB

.reloc Size: 65KB - Virtual size: 65KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 550KB - Virtual size: 549KB

.data
Size: 77KB - Virtual size: 106KB

.pdata
Size: 88KB - Virtual size: 88KB

_RDATA
Size: 512B - Virtual size: 500B

.nXf
Size: 771KB - Virtual size: 770KB

.reloc
Size: 65KB - Virtual size: 65KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB