7d40964cc08a2a393d35334c9e2a161d858584b8e0ad5cd8cdc2807ff2e07620N

Sharing

Copy URL

Twitter E-mail

General

Target

7d40964cc08a2a393d35334c9e2a161d858584b8e0ad5cd8cdc2807ff2e07620N
Size

5.6MB
MD5

3f324634f614e1cc139eb25f5df478a0
SHA1

864cb782cb0f02446c058ac3891cace56baaca59
SHA256

7d40964cc08a2a393d35334c9e2a161d858584b8e0ad5cd8cdc2807ff2e07620
SHA512

bc6bd524fd28ed47a6d8b6dfe5e817bd79b4c7c2d9b20bec1bf2017f5668914dba0025f77d114c35957cd32857f909123f2723cd2d9a7f6455dca808653eab3d
SSDEEP

98304:kDZNdWK8wADYcS6Cpyu/Y2OQuuNH9NM2W0DEhczu0K6e3uCIDTHg6Y7sJbNZmNLT:kDNntAEMu/zOQu21rEhczgdtn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d40964cc08a2a393d35334c9e2a161d858584b8e0ad5cd8cdc2807ff2e07620N

Files

7d40964cc08a2a393d35334c9e2a161d858584b8e0ad5cd8cdc2807ff2e07620N
.exe windows:4 windows x86 arch:x86

b65b7f3608ec322d94c5de067550d43d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathStripToRootW
PathRemoveFileSpecW
PathIsUNCW
PathFindFileNameW

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

comctl32

InitCommonControlsEx

oleaut32

SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SysAllocStringLen
SysFreeString
VariantInit
VariantCopy
VariantClear
VariantChangeType
SysReAllocStringLen

ole32

OleFlushClipboard
CreateILockBytesOnHGlobal
OleInitialize
OleIsCurrentClipboard
OleRun
OleUninitialize
RegisterDragDrop
RevokeDragDrop
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateStreamOnHGlobal

shell32

ExtractIconW
ShellExecuteW
SHGetFileInfoW
DragQueryFileW

advapi32

RegQueryValueW
RegQueryValueExW
RegOpenKeyW
RegOpenKeyExW
RegEnumKeyW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
OpenThreadToken
OpenProcessToken
GetTokenInformation
EqualSid
AllocateAndInitializeSid
FreeSid
RegSetValueExW

gdi32

ScaleViewportExtEx
SaveDC
RoundRect
RestoreDC
RectVisible
Rectangle
PtVisible
PtInRegion
Polyline
Polygon
SelectObject
PatBlt
ScaleWindowExtEx
OffsetViewportOrgEx
MoveToEx
LineTo
IntersectClipRect
GetWindowOrgEx
GetWindowExtEx
GetViewportOrgEx
GetViewportExtEx
GetTextMetricsW
GetTextExtentPoint32W
GetTextExtentPoint32A
SetBkColor
OffsetWindowOrgEx
SelectClipRgn
SetBkMode
SetMapMode
SetPixel
SetRectRgn
SetStretchBltMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StretchDIBits
StrokeAndFillPath
StrokePath
PolyBezierTo
CreatePolygonRgn
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateFontIndirectW
CreateFontW
CreatePatternBrush
CreatePen
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteObject
DPtoLP
Ellipse
Escape
ExcludeClipRect
ExtCreateRegion
ExtSelectClipRgn
ExtTextOutW
FillPath
GetBitmapBits
GetBkColor
GetCharWidthW
GetClipBox
GetClipRgn
GetCurrentObject
GetCurrentPositionEx
GetDeviceCaps
GetDIBits
GetMapMode
GetObjectW
GetPixel
GetRgnBox
GetStockObject
GetTextAlign
GetTextColor

user32

SetWindowPos
SetWindowRgn
SetWindowsHookExW
SetWindowTextW
ShowCaret
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
TabbedTextOutW
ToUnicodeEx
TrackPopupMenu
TranslateAcceleratorW
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassW
UpdateWindow
ValidateRect
WaitMessage
WindowFromPoint
WinHelpW
wsprintfW
MessageBoxA
SetWindowLongW
SetWindowLongA
SetWindowContextHelpId
SetTimer
SetScrollPos
SetScrollInfo
SetRectEmpty
SetRect
SetPropW
SetParent
SetMenuItemBitmaps
SetForegroundWindow
SetFocus
SetDlgItemTextW
SetCursorPos
SetCapture
SetActiveWindow
SendNotifyMessageW
SendMessageW
SendMessageTimeoutW
SendDlgItemMessageW
SendDlgItemMessageA
ScrollWindow
ScreenToClient
RemovePropW
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
RedrawWindow
PtInRect
PostThreadMessageW
PostQuitMessage
PostMessageW
PeekMessageW
OffsetRect
MoveWindow
ModifyMenuW
MessageBoxW
MessageBeep
MapWindowPoints
MapVirtualKeyW
MapDialogRect
LookupIconIdFromDirectoryEx
LockWindowUpdate
LoadMenuW
LoadMenuIndirectW
LoadImageW
LoadIconW
LoadCursorW
LoadBitmapW
LoadAcceleratorsW
KillTimer
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsRectEmpty
IsMenu
IsIconic
IsDialogMessageW
IsClipboardFormatAvailable
IsChild
IsCharAlphaW
InvertRect
InvalidateRgn
InvalidateRect
IntersectRect
InsertMenuW
InsertMenuItemW
InflateRect
HideCaret
GrayStringW
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
GetWindowRgn
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowLongA
GetWindowDC
GetTopWindow
GetTabbedTextExtentA
GetSystemMenu
GetSysColorBrush
GetSubMenu
GetScrollPos
GetScrollInfo
GetPropW
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetMessageW
GetMessageTime
GetMessagePos
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyState
GetKeyboardState
GetKeyboardLayoutList
GetIconInfo
GetForegroundWindow
GetFocus
GetDoubleClickTime
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDCEx
GetCursorPos
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetClassInfoExW
GetCapture
GetAsyncKeyState
GetActiveWindow
FillRect
EqualRect
EndPaint
EndDialog
EndDeferWindowPos
EnableWindow
EnableMenuItem
DrawTextW
DrawTextExW
DrawTextA
DrawStateW
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcW
DefFrameProcW
DeferWindowPos
CreateWindowExW
CreatePopupMenu
CreateIconIndirect
CreateIconFromResourceEx
CreateDialogIndirectParamW
CopyRect
CopyIcon
CopyAcceleratorTableW
ClientToScreen
CheckMenuItem
CharUpperW
CharNextW
CallWindowProcW
CallNextHookEx
BringWindowToTop
BeginPaint
BeginDeferWindowPos
GetSystemMetrics
FindWindowW
LoadStringW

kernel32

DeleteFileW
DeleteCriticalSection
DebugBreak
CreateThread
CreateProcessW
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WinExec
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileStringW
RtlUnwind
GetVersion
CreateMutexW
CreateFileW
CreateFileMappingW
CreateFileA
CreateEventW
CreateDirectoryW
ConvertDefaultLocale
CompareStringW
CompareStringA
CreateProcessA
GetCommandLineA
GetCurrentProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
VirtualProtect
VirtualFree
VirtualAlloc
UnmapViewOfFile
UnlockFile
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
TerminateThread
TerminateProcess
SystemTimeToFileTime
Sleep
SizeofResource
SetUnhandledExceptionFilter
SetThreadPriority
SetThreadLocale
SetStdHandle
SetLastError
SetHandleCount
SetFileTime
SetFilePointer
SetFileAttributesW
SetEvent
SetErrorMode
SetEnvironmentVariableA
SetEndOfFile
SetCurrentDirectoryW
ResumeThread
ResetEvent
ReleaseMutex
ReadFile
RaiseException
QueryPerformanceCounter
QueryDosDeviceW
OutputDebugStringA
OpenFileMappingW
MultiByteToWideChar
MulDiv
MapViewOfFile
lstrlenW
lstrlenA
lstrcpyW
lstrcpynW
lstrcmpW
lstrcmpiW
lstrcmpA
LockResource
LockFile
LocalReAlloc
LocalFree
LocalAlloc
LoadResource
LoadLibraryW
LCMapStringW
LCMapStringA
IsValidLocale
IsValidCodePage
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapFree
HeapCreate
HeapAlloc
GlobalUnlock
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalGetAtomNameW
GlobalFree
GlobalFlags
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetWindowsDirectoryW
GetVolumeInformationW
GetUserDefaultLCID
GetTimeZoneInformation
GetTimeFormatA
GetThreadLocale
GetSystemTimeAsFileTime
GetSystemTime
GetSystemInfo
GetSystemDefaultLangID
GetStringTypeW
GetStringTypeExW
GetStringTypeA
GetStdHandle
GetStartupInfoW
GetStartupInfoA
GetProfileIntW
GetProcessHeap
GetProcAddress
GetPrivateProfileIntW
GetOEMCP
GetNumberFormatW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLogicalDrives
GetLocalTime
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFullPathNameW
GetFileType
GetFileTime
GetFileInformationByHandle
GetFileAttributesW
GetExitCodeThread
GetEnvironmentStringsW
GetDriveTypeW
GetDiskFreeSpaceExW
GetDateFormatA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentDirectoryW
GetCPInfo
DeviceIoControl
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetCommandLineW
GetACP
FreeResource
FreeEnvironmentStringsW
FormatMessageW
FlushFileBuffers
FindResourceW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsW
ExitThread
ExitProcess
EnumSystemLocalesA
EnumResourceTypesW
EnumResourceNamesW
EnumResourceLanguagesW
DuplicateHandle
DosDateTimeToFileTime
LoadLibraryA

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_kss_2
Size: 12KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_lss_2
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b65b7f3608ec322d94c5de067550d43d

Headers

File Characteristics

Imports

shlwapi

comdlg32

winspool.drv

version

comctl32

oleaut32

ole32

shell32

advapi32

gdi32

user32

kernel32

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 16KB - Virtual size: 15KB

_kss_2 Size: 12KB - Virtual size: 4.0MB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

_lss_2 Size: 1.9MB - Virtual size: 1.9MB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 16KB - Virtual size: 15KB

_kss_2
Size: 12KB - Virtual size: 4.0MB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

_lss_2
Size: 1.9MB - Virtual size: 1.9MB