050a67da72de0fe0a4c0d571b130baa354777ad6fc685c89ea20c7e1ccf38c42

Sharing

Copy URL Twitter E-mail

General

Target

050a67da72de0fe0a4c0d571b130baa354777ad6fc685c89ea20c7e1ccf38c42
Size

3.4MB
MD5

e819b3550c5ad82dc4bb290212c780d3
SHA1

53d24a77af62059833192cdaff4e4ecd09b150df
SHA256

050a67da72de0fe0a4c0d571b130baa354777ad6fc685c89ea20c7e1ccf38c42
SHA512

bc7350278ad9b562f799cc5a57045155084824c32c7c0c2b7c6cfad10412b06d8071a23e8badaa940de608b27a04c21ebcd7774d74d48d111345754b6a077d36
SSDEEP

98304:CUcX38p6Q61Eue2vWTA+iJwfhjvfs4LxO52eHGrPsAH41FWlKc:/4MpLQDWVOA2AH41i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
050a67da72de0fe0a4c0d571b130baa354777ad6fc685c89ea20c7e1ccf38c42

Files

050a67da72de0fe0a4c0d571b130baa354777ad6fc685c89ea20c7e1ccf38c42
.exe windows:5 windows x86 arch:x86

299019656d2e91ea660183b5a8e2d110

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

TransparentBlt
AlphaBlend

kernel32

GetFileInformationByHandle
GetDriveTypeA
GetVolumeInformationW
GetComputerNameW
SetPriorityClass
LocalFree
LocalAlloc
DeviceIoControl
GetVersionExW
FreeLibrary
ExpandEnvironmentStringsA
GetTempPathW
GetSystemDirectoryW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFileTime
MoveFileExW
MoveFileW
CopyFileW
DeleteFileW
FindNextFileW
RemoveDirectoryW
SetFileAttributesW
GetDriveTypeW
CreateProcessW
GetModuleFileNameW
GetCurrentProcessId
WaitForMultipleObjects
TerminateProcess
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileType
FindResourceW
FreeResource
GetFileSize
CreateMutexW
CreateNamedPipeA
ConnectNamedPipe
FlushFileBuffers
DisconnectNamedPipe
CreateEventW
LoadLibraryW
GetProcAddress
CreateFileA
SetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetExitCodeProcess
ExitProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
WriteFile
SetFileTime
GetCurrentDirectoryW
GetFileAttributesW
CreateDirectoryW
WideCharToMultiByte
MultiByteToWideChar
LocalFileTimeToFileTime
SystemTimeToFileTime
ReadFile
CloseHandle
CreateFileW
SetFilePointer
CreateThread
WaitForSingleObject
GetLocalTime
GetTickCount
GetLastError
GetModuleHandleW
LoadResource
LockResource
SizeofResource
InterlockedDecrement
InterlockedIncrement
OpenProcess
K32GetModuleFileNameExW
K32GetProcessImageFileNameW
GetLogicalDriveStringsW
GetModuleHandleA
GetSystemDirectoryA
VerSetConditionMask
VerifyVersionInfoA
PeekNamedPipe
SleepEx
DeleteFileA
AreFileApisANSI
GetSystemTime
GetTempPathA
GetVersionExA
GetDiskFreeSpaceA
CreateFileMappingW
CreateFileMappingA
QueryDosDeviceW
lstrlenW
OutputDebugStringA
Sleep
LockFileEx
HeapValidate
GetFileAttributesA
FormatMessageA
UnlockFileEx
OutputDebugStringW
WaitForSingleObjectEx
FlushViewOfFile
UnmapViewOfFile
MapViewOfFile
TryEnterCriticalSection
HeapCompact
GetFullPathNameA
InterlockedCompareExchange
SetEnvironmentVariableA
GetProcessHeap
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetTimeZoneInformation
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStringTypeW
SetHandleCount
LCMapStringW
HeapDestroy
HeapCreate
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapQueryInformation
HeapSize
GetStdHandle
WriteConsoleW
GetSystemTimeAsFileTime
MoveFileA
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapReAlloc
ExitThread
HeapAlloc
HeapFree
EncodePointer
DecodePointer
RtlUnwind
FindResourceExW
GetDiskFreeSpaceW
GetUserDefaultLCID
VirtualProtect
SearchPathW
GetProfileIntW
GetTempFileNameW
FindFirstFileExA
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileSizeEx
FileTimeToLocalFileTime
GetFileAttributesExW
lstrcpyW
InterlockedExchange
LoadLibraryA
RaiseException
MulDiv
FormatMessageW
GlobalSize
lstrcmpW
DeactivateActCtx
ActivateActCtx
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetCurrentThreadId
ReleaseActCtx
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalGetAtomNameW
lstrcmpA
lstrlenA
GlobalFlags
SetThreadPriority
ResumeThread
GetLocaleInfoW
GetUserDefaultUILanguage
lstrcmpiW
LockFile
UnlockFile
SetEndOfFile
GetFullPathNameW
GetWindowsDirectoryW
GetNumberFormatW

user32

MessageBoxW
SetWindowLongW
DestroyWindow
IsIconic
GetMonitorInfoW
MonitorFromWindow
IsZoomed
MonitorFromPoint
ClientToScreen
SetRect
EnableWindow
PostMessageW
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuW
GetMenuItemID
GetMenuStringW
GetMenuState
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
GetWindowDC
BeginPaint
EndPaint
GetSysColor
EndDialog
GetNextDlgTabItem
IsWindowEnabled
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
RegisterWindowMessageW
GetWindow
GetMenu
CallWindowProcW
DefWindowProcW
GetDlgCtrlID
GetWindowPlacement
SetWindowPlacement
CopyRect
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
AdjustWindowRectEx
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
UpdateWindow
IsWindowVisible
ShowScrollBar
SetForegroundWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
GetKeyState
ScrollWindow
MapWindowPoints
PeekMessageW
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
DispatchMessageW
GetLastActivePopup
GetForegroundWindow
GetWindowTextW
GetWindowTextLengthW
GetFocus
RemovePropW
GetPropW
SetPropW
GetSystemMetrics
GetClassLongW
CallNextHookEx
SetWindowsHookExW
GetCapture
IsChild
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
LoadIconW
CheckMenuItem
EnableMenuItem
ModifyMenuW
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckDlgButton
GetDC
ShowWindow
GetWindowThreadProcessId
GetSysColorBrush
RealChildWindowFromPoint
InflateRect
ValidateRect
TranslateMessage
LoadCursorW
GetMenuItemInfoW
SystemParametersInfoW
CharUpperW
DestroyIcon
RedrawWindow
GetMenuDefaultItem
IsRectEmpty
SetRectEmpty
MapVirtualKeyW
SetCapture
ReleaseCapture
InvertRect
DrawFocusRect
HideCaret
EnableScrollBar
NotifyWinEvent
MessageBeep
OffsetRect
GetIconInfo
CopyImage
GetNextDlgGroupItem
DrawIconEx
EnumDisplayMonitors
SetLayeredWindowAttributes
ShowOwnedPopups
DeleteMenu
GetKeyNameTextW
DrawStateW
LoadMenuW
IsCharLowerW
MapVirtualKeyExW
GetKeyboardLayout
DrawEdge
DrawFrameControl
UnionRect
UpdateLayeredWindow
IsMenu
TranslateAcceleratorW
BringWindowToTop
InsertMenuItemW
LoadAcceleratorsW
ReuseDDElParam
UnpackDDElParam
WindowFromPoint
PostThreadMessageW
WaitMessage
GetSystemMenu
SetParent
DestroyAcceleratorTable
SetClassLongW
CopyAcceleratorTableW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
SetCursorPos
LockWindowUpdate
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
FrameRect
CharUpperBuffW
DefFrameProcW
DefMDIChildProcW
SetWindowRgn
DrawMenuBar
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
SubtractRect
MapDialogRect
DestroyCursor
DrawIcon
GetWindowRgn
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
RegisterClipboardFormatW
LoadImageW
SetWindowTextW
GetDlgItem
GetParent
GetAsyncKeyState
InvalidateRect
MessageBoxA
TrackPopupMenu
DestroyMenu
CharNextW
FillRect
ReleaseDC
KillTimer
SetTimer
wsprintfW
IsWindow
PostQuitMessage
GetClientRect
SendMessageW
GetCursorPos
ScreenToClient
GetWindowRect
SetCursor
SetWindowPos
EnumWindows
CreatePopupMenu
AppendMenuW
IntersectRect
GetDesktopWindow
GetWindowLongW
GetMessageW
PtInRect
IsDialogMessageW
MoveWindow
SetFocus
GetClassNameW
TranslateMDISysAccel

gdi32

ExtSelectClipRgn
CreatePatternBrush
CreateBitmap
GetObjectType
CreateHatchBrush
DPtoLP
CreateFontIndirectW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
PatBlt
GetTextExtentPoint32W
GetTextMetricsW
GetBkColor
GetPaletteEntries
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
ScaleWindowExtEx
SetWindowExtEx
GetTextFaceW
GetBoundsRect
FillRgn
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
SetPaletteEntries
ExtFloodFill
SetPixelV
FrameRgn
PtInRegion
EnumFontFamiliesExW
GetRgnBox
OffsetRgn
Polygon
Ellipse
Polyline
GetTextColor
CreatePolygonRgn
CreateEllipticRgn
SetPixel
SetDIBColorTable
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetSystemPaletteEntries
GetNearestPaletteIndex
DeleteDC
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
LineTo
MoveToEx
CreatePen
Rectangle
CreateSolidBrush
TextOutW
SetTextColor
SetBkMode
StretchBlt
GetPixel
GetObjectW
GetDeviceCaps
CreateRoundRectRgn
GetDIBits
RealizePalette
SelectPalette
GetStockObject
CreateDCW
CreatePalette
SetStretchBltMode
CreateDIBSection
StretchDIBits
OffsetWindowOrgEx
SetWindowOrgEx
SetBkColor
CopyMetaFileW
RestoreDC
SaveDC
ScaleViewportExtEx

comdlg32

GetOpenFileNameW
GetSaveFileNameW
GetFileTitleW

advapi32

GetSecurityDescriptorSacl
AdjustTokenPrivileges
LookupPrivilegeValueW
LookupAccountSidW
GetTokenInformation
OpenProcessToken
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityDescriptorSacl
CryptDestroyKey
CryptEncrypt
CryptReleaseContext
CryptImportKey
CryptAcquireContextA
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
LookupAccountNameW
ConvertSidToStringSidW
GetUserNameW

shell32

SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFileInfoW
SHGetPathFromIDListW
ShellExecuteW
DragQueryFileW
DragFinish
DragAcceptFiles
SHFileOperationW
ShellExecuteExW
SHAppBarMessage
SHBrowseForFolderW

ole32

RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
DoDragDrop
CoInitializeEx
CoTaskMemFree
CoTaskMemAlloc
ReleaseStgMedium
OleInitialize
OleUninitialize
CreateStreamOnHGlobal
CoInitialize
CoCreateInstance
CoUninitialize
CoInitializeSecurity
CoSetProxyBlanket
OleDuplicateData

oleaut32

VariantInit
SysAllocString
VariantClear
VarBstrFromDate
SysFreeString
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantChangeType
SysAllocStringLen

comctl32

ImageList_GetIconSize

shlwapi

StrRChrW
PathFindFileNameW
PathFileExistsA
PathRemoveFileSpecW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFileExistsW

gdiplus

GdipDeletePen
GdipDeleteGraphics
GdipSetPenMode
GdipCreateFromHDC
GdipDrawRectangleI
GdipFree
GdipAlloc
GdipDisposeImage
GdipSaveImageToFile
GdipCreateBitmapFromHBITMAP
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipSetInterpolationMode
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipDrawImageRectI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCloneImage
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipDrawImageRectRect
GdipReleaseDC
GdipGetPropertyItem
GdipLoadImageFromStream
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipCreatePen1

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

wininet

InternetOpenW
InternetConnectW
InternetOpenUrlW
HttpQueryInfoA
InternetReadFile
InternetCloseHandle

winhttp

WinHttpCloseHandle
WinHttpWriteData
WinHttpOpen
WinHttpCrackUrl
WinHttpConnect
WinHttpOpenRequest
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpQueryDataAvailable
WinHttpReadData

ws2_32

gethostname
ioctlsocket
listen
accept
recvfrom
sendto
getaddrinfo
freeaddrinfo
WSAIoctl
send
recv
select
WSAGetLastError
__WSAFDIsSet
connect
socket
closesocket
getpeername
getsockopt
WSASetLastError
WSAStartup
WSACleanup
htons
bind
ntohs
getsockname
setsockopt

wldap32

ord143
ord211
ord32
ord60
ord50
ord26
ord30
ord200
ord22
ord35
ord79
ord33
ord301
ord46
ord41
ord27

psapi

GetModuleFileNameExW

iphlpapi

GetAdaptersInfo

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

winmm

PlaySoundW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 457KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 32KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 371KB - Virtual size: 370KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 284KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

299019656d2e91ea660183b5a8e2d110

Headers

DLL Characteristics

File Characteristics

Imports

msimg32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

gdiplus

imm32

wininet

winhttp

ws2_32

wldap32

psapi

iphlpapi

oleacc

winmm

winspool.drv

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 457KB - Virtual size: 456KB

.data Size: 32KB - Virtual size: 66KB

.rsrc Size: 371KB - Virtual size: 370KB

.reloc Size: 284KB - Virtual size: 288KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 457KB - Virtual size: 456KB

.data
Size: 32KB - Virtual size: 66KB

.rsrc
Size: 371KB - Virtual size: 370KB

.reloc
Size: 284KB - Virtual size: 288KB