b0ef741642eb187d07620d8e6182bff54d72743239821fc64699c188a7f4f8a6N

Sharing

Copy URL Twitter E-mail

General

Target

b0ef741642eb187d07620d8e6182bff54d72743239821fc64699c188a7f4f8a6N
Size

5.2MB
MD5

ac65568f4aa9b4df2207b51cff5f3a70
SHA1

5480c2c475622255c3b7a53a4b255922a0416e50
SHA256

b0ef741642eb187d07620d8e6182bff54d72743239821fc64699c188a7f4f8a6
SHA512

8ea0b985cfb591690fb678238a093b8507a11c8d7605442cbf59f091314c7a2d1bddecf08d44c1c13fd362ec120ee372966e1c16311a68f2457fdb07428215b4
SSDEEP

98304:1LOoNiNFNfDxNrEFphbt7POLWY/kk4IowLVOxD+PCff5u8THJrs:1UNC7bt7PCWY/krIoV+PCZu4pQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0ef741642eb187d07620d8e6182bff54d72743239821fc64699c188a7f4f8a6N

Files

b0ef741642eb187d07620d8e6182bff54d72743239821fc64699c188a7f4f8a6N
.exe windows:6 windows x86 arch:x86

250688eff7288e4d726e24e05c2ee7d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
FileTimeToSystemTime
ResetEvent
GetExitCodeProcess
GenerateConsoleCtrlEvent
VirtualQuery
IsBadReadPtr
WideCharToMultiByte
CopyFileW
GetModuleHandleW
CreateProcessW
SetCurrentDirectoryW
GetCurrentDirectoryW
GlobalFlags
GetFileAttributesExW
MultiByteToWideChar
GetSystemDirectoryW
GetVersionExW
GetFileAttributesW
FindClose
PeekNamedPipe
CreatePipe
GetModuleFileNameW
VirtualFree
GetCurrentProcess
FindNextFileW
GetCommandLineW
SetLastError
FindFirstFileW
CreateDirectoryW
FreeLibrary
GetProcAddress
LoadLibraryW
FindResourceW
LoadResource
LockResource
FreeResource
GetCurrentThreadId
SizeofResource
GlobalReAlloc
MulDiv
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GlobalSize
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
TerminateProcess
OpenProcess
GetCurrentProcessId
SetWaitableTimer
CreateWaitableTimerW
WriteFile
ReadFile
GetFileSize
MoveFileW
CreateFileW
IsDebuggerPresent
ResumeThread
GetVolumeInformationW
WritePrivateProfileStringW
GetLocalTime
GetTickCount
ReleaseSemaphore
WriteConsoleW
PostQueuedCompletionStatus
CreateEventW
CreateIoCompletionPort
CreateSemaphoreW
GetSystemInfo
OpenFileMappingW
UnmapViewOfFile
LoadLibraryA
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetConsoleOutputCP
LCMapStringW
ReadConsoleW
GetConsoleMode
SetFilePointerEx
GetStdHandle
GetFileType
SetStdHandle
HeapQueryInformation
QueryPerformanceFrequency
FreeLibraryAndExitThread
ExitThread
GetTimeZoneInformation
GetModuleHandleExW
GetCommandLineA
RtlUnwind
OutputDebugStringW
GetStartupInfoW
InitializeSListHead
QueryPerformanceCounter
CreateThread
GetQueuedCompletionStatus
SetEvent
SetThreadPriority
CloseHandle
WaitForSingleObject
Sleep
DeleteFileW
ExitProcess
TryEnterCriticalSection
InitializeCriticalSection
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
GetSystemTimeAsFileTime
VirtualAlloc
VirtualProtect
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
CreateFileMappingW
MapViewOfFile
GetPrivateProfileStringW
OutputDebugStringA
GetCurrentThread
GetModuleHandleA
LoadLibraryExW
GlobalDeleteAtom
lstrcmpA
lstrcmpW
CompareStringA
GetPrivateProfileIntW
GlobalAddAtomW
lstrcpyW
LocalFree
FormatMessageW
EncodePointer
GlobalFindAtomW
CompareStringW
GlobalGetAtomNameW
VerSetConditionMask
VerifyVersionInfoW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalAlloc
LocalReAlloc
GetThreadLocale
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
FlushFileBuffers
GetFullPathNameW
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
lstrcmpiW
SearchPathW
GetTempPathW
GetProfileIntW
SystemTimeToTzSpecificLocalTime
GetFileSizeEx
GetFileTime
SetErrorMode
FindResourceExW
GetTempFileNameW
GetWindowsDirectoryW
HeapFree

user32

GetMessagePos
GetMessageTime
GetClassInfoExW
IsMenu
IsChild
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsIconic
GetDlgItem
GetDlgCtrlID
GetCapture
GetMenu
SetMenu
TrackPopupMenu
UpdateWindow
GetForegroundWindow
BeginPaint
EndPaint
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
GetWindowTextW
GetWindowTextLengthW
AdjustWindowRectEx
MapWindowPoints
EqualRect
PtInRect
GetClassLongW
GetClassNameW
GetTopWindow
SetScrollInfo
GetScrollInfo
WinHelpW
ShowWindow
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
LoadMenuW
CreatePopupMenu
DestroyMenu
InsertMenuItemW
InvalidateRect
SetRectEmpty
IntersectRect
DestroyIcon
UnpackDDElParam
ReuseDDElParam
SetParent
SetLayeredWindowAttributes
GetSysColorBrush
EnumDisplayMonitors
DrawStateW
IsRectEmpty
TrackMouseEvent
CharUpperW
GetAsyncKeyState
KillTimer
GetSystemMenu
DeleteMenu
SetWindowRgn
WindowFromPoint
NotifyWinEvent
ModifyMenuW
PostThreadMessageW
WaitMessage
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyW
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
EnumChildWindows
LockWindowUpdate
SetClassLongW
InflateRect
RemoveMenu
CopyRect
SetWindowTextW
IsDialogMessageW
CharNextW
InvalidateRgn
SetRect
GetNextDlgGroupItem
GetNextDlgTabItem
RealChildWindowFromPoint
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
DrawEdge
DrawFrameControl
DrawFocusRect
DrawIconEx
UnionRect
GetIconInfo
GetMenuItemInfoW
SendDlgItemMessageA
CreateDialogIndirectParamW
EndDialog
GetKeyNameTextW
SetCursorPos
CharUpperBuffW
UpdateLayeredWindow
EnableScrollBar
GetMenuDefaultItem
SetMenuDefaultItem
CopyIcon
FrameRect
IsClipboardFormatAvailable
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsCharLowerW
MapVirtualKeyExW
SubtractRect
GetUpdateRect
GetDoubleClickTime
CreateMenu
DestroyCursor
GetComboBoxInfo
DrawIcon
GetWindowRgn
HideCaret
InvertRect
FillRect
GetSysColor
ScreenToClient
RegisterWindowMessageW
GetLastActivePopup
IsWindowEnabled
EnableWindow
SetCursor
ShowOwnedPopups
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
ValidateRect
IsWindowVisible
PostQuitMessage
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
RegisterClipboardFormatW
SystemParametersInfoW
OffsetRect
MessageBeep
RedrawWindow
IsZoomed
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
CheckDlgButton
MonitorFromPoint
MessageBoxA
CallWindowProcW
CallNextHookEx
IsWindow
ClientToScreen
UnhookWindowsHookEx
SetFocus
SetCapture
SetWindowsHookExW
SetWindowLongW
ReleaseCapture
GetCursorPos
wsprintfW
GetKeyState
GetWindowThreadProcessId
MonitorFromWindow
SetActiveWindow
WaitForInputIdle
OpenClipboard
GetMonitorInfoW
CloseClipboard
EmptyClipboard
MoveWindow
SetClipboardData
SetForegroundWindow
CopyImage
GetWindowLongW
DefWindowProcW
PostMessageW
DestroyWindow
CreateWindowExW
SendMessageW
RemovePropW
LoadStringW
GetActiveWindow
GetClassInfoW
SetTimer
RegisterClassW
SetPropW
LoadIconW
LoadCursorW
GetDesktopWindow
GetParent
LoadImageW
GetWindowRect
GetDC
GetSystemMetrics
GetWindowDC
GetClientRect
ReleaseDC
MsgWaitForMultipleObjects
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
MessageBoxW
GetPropW
UnregisterClassW

gdi32

GetTextFaceW
CreateBitmap
CopyMetaFileW
CreateDCW
SetBkColor
SetTextColor
CreateDIBitmap
CreatePen
CreatePatternBrush
CreateSolidBrush
EnumFontFamiliesW
GetTextCharsetInfo
GetTextMetricsW
CombineRgn
CreateRectRgn
GetPixel
PatBlt
SetPixel
CreateRoundRectRgn
GetRgnBox
OffsetRgn
GetTextColor
GetBkColor
CreateHatchBrush
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
SetPixelV
CreateRectRgnIndirect
GetTextExtentPoint32W
CreateFontIndirectW
BitBlt
CreateCompatibleBitmap
SelectObject
CreateDIBSection
SetDIBColorTable
CreateCompatibleDC
StretchBlt
RealizePalette
GetStockObject
GetDIBits
GetDeviceCaps
GetSystemPaletteEntries
SelectPalette
CreatePalette
GetObjectW
DeleteObject
DeleteDC
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
GetNearestPaletteIndex
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
SetPaletteEntries
ExtFloodFill
GetPaletteEntries
RoundRect
EnumFontFamiliesExW
Rectangle
Polyline
Polygon
CreatePolygonRgn
Ellipse
CreateEllipticRgn
DPtoLP
SetRectRgn
GetMapMode
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
SetTextAlign

advapi32

RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegCloseKey
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW

shell32

ShellExecuteW
SHAppBarMessage
SHGetMalloc
SHGetPathFromIDListW
SHGetFileInfoW
SHGetDesktopFolder
SHBrowseForFolderW
SHGetSpecialFolderLocation
DragQueryFileW
DragFinish

ole32

CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoDisconnectObject
DoDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoUninitialize
CoGetClassObject
OleDestroyMenuDescriptor
CoInitializeEx
CoSetProxyBlanket
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CreateStreamOnHGlobal
CoInitialize
OleGetClipboard

oleaut32

VariantTimeToSystemTime
VariantInit
LoadTypeLi
SysAllocStringLen
SysStringLen
SafeArrayDestroy
SysFreeString
OleCreateFontIndirect
VariantCopy
SystemTimeToVariantTime
VarBstrFromDate
VariantClear
VariantChangeType
SysAllocString

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Destroy
InitCommonControlsEx

hpsocket_u

HP_Destroy_TcpPackClient
HP_Create_TcpPackClient

unrar

RAROpenArchiveEx
RARProcessFileW
RARReadHeaderEx
RARCloseArchive

shlwapi

PathFindExtensionW
PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
StrFormatKBSizeW

winmm

timeKillEvent
timeSetEvent
PlaySoundW

msimg32

AlphaBlend
TransparentBlt

uxtheme

GetThemeSysColor
GetThemePartSize
IsAppThemed
OpenThemeData
DrawThemeBackground
CloseThemeData
GetWindowTheme
DrawThemeParentBackground
DrawThemeText
GetThemeColor
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName

oledlg

OleUIBusyW

gdiplus

GdipGetImageWidth
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipSetCompositingMode
GdipGetImagePalette
GdipDeleteGraphics
GdipDrawImageI
GdiplusStartup
GdipGetImageHeight
GdipGetImagePaletteSize
GdipCloneImage
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdipDrawImageRectI
GdipDisposeImage
GdipGetImagePixelFormat
GdipFree
GdipBitmapLockBits
GdipSetInterpolationMode
GdipGetImageGraphicsContext

ws2_32

WSACleanup

iphlpapi

GetAdaptersInfo

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

Exports

Exports

?get_active_implementation@simdutf@@YAAAV?$atomic_ptr@$$CBVimplementation@simdutf@@@internal@1@XZ
?get_available_implementations@simdutf@@YAABVavailable_implementation_list@internal@1@XZ

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 818KB - Virtual size: 818KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

250688eff7288e4d726e24e05c2ee7d2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

hpsocket_u

unrar

shlwapi

winmm

msimg32

uxtheme

oledlg

gdiplus

ws2_32

iphlpapi

oleacc

imm32

winspool.drv

Exports

Exports

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 2.2MB - Virtual size: 2.2MB

.data Size: 27KB - Virtual size: 47KB

.rsrc Size: 818KB - Virtual size: 818KB

.reloc Size: 175KB - Virtual size: 174KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 2.2MB - Virtual size: 2.2MB

.data
Size: 27KB - Virtual size: 47KB

.rsrc
Size: 818KB - Virtual size: 818KB

.reloc
Size: 175KB - Virtual size: 174KB