74f0cbb12fe273fb36676eaae4003b99dc938d993c97f40c3e163e3b2ba77449

Sharing

Copy URL

Twitter E-mail

General

Target

74f0cbb12fe273fb36676eaae4003b99dc938d993c97f40c3e163e3b2ba77449
Size

3.6MB
MD5

09d497338ad42a80b7e2ee420c60b8c4
SHA1

7e9a4cc5a97dc03d7e6de7749550460b113345b4
SHA256

74f0cbb12fe273fb36676eaae4003b99dc938d993c97f40c3e163e3b2ba77449
SHA512

e75c253d7b82a034d5c8de9ff7d1490b2453c966dc48280f121c0946cf8a80d53282d7176ea18ff1214358a1b39eb52df999b9c8b7f6a11cd5e0e3dfe9cb51d7
SSDEEP

98304:t3bOA3GkgrA/+YGq7cMBYpOIop8PcecluJZwI:tLOATGqcop8PcY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74f0cbb12fe273fb36676eaae4003b99dc938d993c97f40c3e163e3b2ba77449

Files

74f0cbb12fe273fb36676eaae4003b99dc938d993c97f40c3e163e3b2ba77449
.exe windows:5 windows x86 arch:x86

95d16ecf6613938e17e99bd000e976bf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\MM\zz\VPN\VPN\src\openvpn-2.3.4_sms\bin\fg759p.pdb

Imports

kernel32

GetACP
ExitProcess
GetStdHandle
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
QueryPerformanceFrequency
HeapQueryInformation
GetTimeZoneInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
GetConsoleMode
RtlUnwind
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetExitCodeProcess
CreateProcessA
GetCommandLineW
GetStringTypeW
GetConsoleCP
SetFilePointerEx
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
GetUserDefaultLCID
SystemTimeToTzSpecificLocalTime
GetFileSizeEx
GetFileAttributesExW
SetErrorMode
GetProfileIntW
SearchPathW
FindResourceExW
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
GetCurrentDirectoryW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
VerifyVersionInfoW
VerSetConditionMask
GlobalFlags
GetThreadLocale
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetCurrentThread
lstrcmpA
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
SetEvent
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
EncodePointer
OutputDebugStringA
SetLastError
CopyFileW
MulDiv
GlobalSize
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
HeapFree
DeleteFileW
ReadFile
GetTempFileNameW
GetTempPathW
GetNativeSystemInfo
GetFileSize
GetTempPathA
GlobalFree
CreateFileA
GetTickCount
WaitForSingleObject
CreateProcessW
TerminateThread
CreateThread
LoadLibraryA
GetModuleHandleA
VirtualAlloc
VirtualFree
VirtualProtect
ExpandEnvironmentStringsW
OutputDebugStringW
LocalFree
FormatMessageW
SetFilePointer
GetModuleHandleW
GetProcAddress
SetUnhandledExceptionFilter
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLocalTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
IsBadCodePtr
IsBadReadPtr
lstrcpyW
WinExec
SizeofResource
lstrcatW
FreeLibrary
LoadLibraryW
GetWindowsDirectoryW
Sleep
GetFileAttributesW
CloseHandle
WriteFile
CreateFileW
GetPrivateProfileStringW
SetThreadLocale
GetPrivateProfileIntW
GetLastError
WideCharToMultiByte
GlobalUnlock
GlobalLock
GlobalAlloc
WritePrivateProfileStringW
lstrcmpiW
lstrlenW
GetCPInfo
GetVersionExW
GetVersion
FreeResource
MultiByteToWideChar
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
GetCommandLineA
WriteConsoleW

user32

CheckDlgButton
MoveWindow
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassLongW
SetWindowLongW
EqualRect
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
GetForegroundWindow
SetMenu
GetCapture
GetKeyState
GetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
PeekMessageW
DispatchMessageW
UpdateWindow
SetActiveWindow
IsWindowEnabled
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
SetRectEmpty
SendDlgItemMessageA
GetWindow
GetWindowTextLengthW
GetWindowTextW
GetScrollPos
SetScrollPos
SetFocus
GetMenuStringW
TrackPopupMenu
GetCursorPos
SetForegroundWindow
SetWindowPos
ShowWindow
DestroyMenu
GetDoubleClickTime
UpdateLayeredWindow
IsCharLowerW
EnableWindow
CopyRect
InvalidateRect
LoadImageW
GetClientRect
UnregisterClassW
MessageBoxW
wsprintfW
ScreenToClient
GetMessagePos
IsWindow
CopyIcon
SetCapture
ReleaseCapture
PtInRect
IsWindowVisible
EnumWindows
GetClassNameW
SetWindowRgn
RegisterHotKey
LoadCursorW
DrawIcon
IsIconic
GetSystemMenu
GetMenu
SetWindowTextW
IsDialogMessageW
GetWindowThreadProcessId
GetWindowDC
GetKeyNameTextW
MapVirtualKeyW
IntersectRect
GetMessageW
TranslateMessage
PostQuitMessage
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
RealChildWindowFromPoint
LoadIconW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
KillTimer
SetTimer
MessageBeep
LoadMenuW
TrackMouseEvent
SetLayeredWindowAttributes
EnumDisplayMonitors
CopyImage
GetAsyncKeyState
IsZoomed
CharUpperW
NotifyWinEvent
GetMenuDefaultItem
SetMenuDefaultItem
RegisterWindowMessageW
IsRectEmpty
GetSysColor
FillRect
DrawEdge
SetRect
GetMenuItemInfoW
DrawTextW
SystemParametersInfoW
DrawIconEx
DestroyIcon
GetSystemMetrics
GetDesktopWindow
GetDC
GetComboBoxInfo
ReleaseDC
AppendMenuW
GetMenuItemCount
InsertMenuW
ModifyMenuW
GetMenuState
GetMenuItemID
CreateMenu
CreatePopupMenu
GetSysColorBrush
LoadBitmapW
RemoveMenu
DeleteMenu
GetSubMenu
TabbedTextOutW
DrawTextExW
GrayStringW
DestroyCursor
GetWindowLongW
SendMessageW
IsMenu
GetNextDlgTabItem
GetParent
SetCursor
ClientToScreen
WindowFromPoint
GetActiveWindow
GetWindowRect
PostMessageW
FrameRect
InflateRect
OffsetRect
DrawFocusRect
EnableScrollBar
UnionRect
MonitorFromPoint
BringWindowToTop
DrawStateW
GetIconInfo
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
SetParent
WaitMessage
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
HideCaret
InvertRect
SetClassLongW
DrawFrameControl
SetCursorPos
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
LockWindowUpdate
RegisterClipboardFormatW
CharUpperBuffW
PostThreadMessageW
GetWindowRgn
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetUpdateRect
MapVirtualKeyExW
IsClipboardFormatAvailable

gdi32

CreateRoundRectRgn
CreateRectRgn
OffsetRgn
CombineRgn
SetPixelV
CreatePatternBrush
GetBkColor
GetTextColor
CopyMetaFileW
CreateDCW
ExcludeClipRect
GetClipBox
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
MoveToEx
SetTextColor
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
GetMapMode
SetRectRgn
DPtoLP
GetTextMetricsW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetRgnBox
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
SetDIBColorTable
CreateEllipticRgn
CreatePolygonRgn
Polygon
Polyline
LPtoDP
EnumFontFamiliesExW
RoundRect
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
SetBkColor
CreateBitmap
GetStockObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
Rectangle
CreateHatchBrush
SetPixel
GetPixel
DeleteDC
CreateDIBSection
Ellipse
GetTextExtentPoint32W
CreateFontIndirectW
CreatePen
CreateSolidBrush
GetDeviceCaps
CreateCompatibleBitmap
StretchBlt
SelectObject
PatBlt
DeleteObject
BitBlt
GetObjectW
SetViewportExtEx
CreateFontW
CreateCompatibleDC

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegDeleteKeyW
RegQueryValueExW
RegCloseKey
RegQueryValueW
RegQueryInfoKeyA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExW
RegEnumValueW
RegEnumKeyW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegOpenKeyW
RegEnumValueA

shell32

SHGetFileInfoW
ShellExecuteW
ExtractIconW
ord680
Shell_NotifyIconW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
DragQueryFileW
DragFinish
SHAppBarMessage

comctl32

ImageList_Draw
_TrackMouseEvent
InitCommonControlsEx

shlwapi

SHGetValueW
SHSetValueW
SHGetValueA
SHSetValueA
StrStrIA
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW

uxtheme

GetThemeSysColor
GetCurrentThemeName
GetThemeColor
DrawThemeText
DrawThemeParentBackground
IsAppThemed
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetWindowTheme

ole32

RevokeDragDrop
RegisterDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRevokeClassObject
CoRegisterMessageFilter
CoLockObjectExternal
OleGetClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitializeEx
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VariantClear
VariantChangeType
SysAllocString
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysFreeString
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
VariantInit
SysAllocStringLen

oledlg

OleUIBusyW

gdiplus

GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdiplusShutdown

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetQueryOptionW
InternetSetOptionW
InternetOpenA

iphlpapi

GetAdaptersInfo
GetIpForwardTable

ws2_32

connect
gethostbyname
inet_addr
ioctlsocket
send
recv
__WSAFDIsSet
select
inet_ntoa
accept
listen
closesocket
bind
htons
htonl
socket
WSACleanup
WSAStartup
ntohs
ntohl
getaddrinfo
freeaddrinfo
setsockopt
getpeername

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 366KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95d16ecf6613938e17e99bd000e976bf

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

wininet

iphlpapi

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 366KB - Virtual size: 365KB

.data Size: 24KB - Virtual size: 71KB

.gfids Size: 106KB - Virtual size: 106KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 132KB - Virtual size: 131KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 366KB - Virtual size: 365KB

.data
Size: 24KB - Virtual size: 71KB

.gfids
Size: 106KB - Virtual size: 106KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 132KB - Virtual size: 131KB