222e57a63039658a79f08170cb290555b570a6466863fdcf7fda7a2fd753093bN

Sharing

Copy URL Twitter E-mail

General

Target

222e57a63039658a79f08170cb290555b570a6466863fdcf7fda7a2fd753093bN
Size

2.4MB
MD5

4027d191e20b874471dec0f8833f5910
SHA1

e0f2a962816877ec1ebf47c703d7fe82d026808d
SHA256

222e57a63039658a79f08170cb290555b570a6466863fdcf7fda7a2fd753093b
SHA512

442d02b9f9a46e5745add5006733e079f4b4d07e6694398efdc07c94fd0fb413d25ac24f5ed42d40b2597f60276825f5e252133340e9aed6801e4a9d66b30b6f
SSDEEP

49152:WLAnQtMjurnR4pp4lic+if8O7/MbdCMLnljn:WLLt9nipp4lic+ifP8dCMLn5n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
222e57a63039658a79f08170cb290555b570a6466863fdcf7fda7a2fd753093bN

Files

222e57a63039658a79f08170cb290555b570a6466863fdcf7fda7a2fd753093bN
.exe windows:4 windows x86 arch:x86

81641326c6e71ccf7a5649facabea011

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msacm32

acmStreamUnprepareHeader
acmFormatSuggest
acmStreamPrepareHeader
acmStreamConvert
acmStreamSize
acmStreamClose
acmStreamOpen

winmm

waveInStart
waveInReset
waveInPrepareHeader
waveInOpen
waveInGetNumDevs
waveInGetDevCapsA
waveInClose
waveInAddBuffer
timeSetEvent
timeKillEvent
timeGetTime
timeGetDevCaps
timeEndPeriod
waveInUnprepareHeader
sndPlaySoundA
mixerSetControlDetails
mixerOpen
mixerGetNumDevs
mixerGetLineInfoA
mixerGetLineControlsA
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
mciGetErrorStringA
mciSendCommandA
mixerClose
mixerGetControlDetailsA
waveOutClose
waveOutGetDevCapsA
waveOutGetNumDevs
timeBeginPeriod
waveOutWrite
waveOutGetPosition

imm32

ImmGetContext

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Destroy
ImageList_Draw
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

GetModuleHandleA
GetOEMCP
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetProcessHeap
GetProcessVersion
GetProfileIntA
GetProfileStringA
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeExA
GetStringTypeW
GetSystemDefaultLangID
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetThreadLocale
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFlags
GetLocalTime
GlobalGetAtomNameA
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadCodePtr
IsBadReadPtr
IsBadStringPtrA
IsBadWritePtr
IsDBCSLeadByte
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LoadLibraryExA
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LocalLock
LocalReAlloc
LocalUnlock
LockFile
LockResource
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
lstrlenW
MoveFileA
MoveFileExA
MulDiv
MultiByteToWideChar
OpenFile
OpenProcess
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
RemoveDirectoryA
ResetEvent
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
GetModuleFileNameA
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SetVolumeLabelA
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnlockFile
VirtualAlloc
VirtualFree
VirtualLock
VirtualProtect
VirtualUnlock
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringA
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFullPathNameA
GetFileType
GetFileTime
GetFileSize
GetFileAttributesA
GetExitCodeThread
GetExitCodeProcess
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
GetDriveTypeA
GetDiskFreeSpaceA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryA
GetCPInfo
GetComputerNameA
GetACP
FreeResource
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageA
FlushFileBuffers
FindResourceA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsA
ExitProcess
EnumSystemLocalesA
DuplicateHandle
DosDateTimeToFileTime
DeviceIoControl
DeleteFileA
DeleteCriticalSection
CreateThread
CreateProcessA
CreateFileA
CreateEventA
CreateDirectoryA
CopyFileA
CompareStringW
CompareStringA
CloseHandle
GetStartupInfoW
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
FreeLibrary
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
SetErrorMode
GetLogicalDriveStringsA
RtlUnwind
UnhandledExceptionFilter
SetHandleCount
GlobalFree

user32

GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowRgn
GetWindowTextA
GetWindowTextLengthA
GetWindowThreadProcessId
GrayStringA
HideCaret
InflateRect
InsertMenuA
IntersectRect
InvalidateRect
InvalidateRgn
InvertRect
IsChild
IsClipboardFormatAvailable
IsDialogMessageA
IsIconic
IsMenu
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
KillTimer
LoadAcceleratorsA
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
LoadMenuA
LoadStringA
MapDialogRect
MapWindowPoints
MessageBeep
MessageBoxA
ModifyMenuA
MoveWindow
MsgWaitForMultipleObjects
OemToCharA
OemToCharBuffA
OffsetRect
PeekMessageA
PostMessageA
PostQuitMessage
PostThreadMessageA
PtInRect
RedrawWindow
RegisterClassA
RegisterClipboardFormatA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
SendDlgItemMessageA
SendMessageA
SetActiveWindow
SetCapture
SetCursor
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetMenu
SetMenuDefaultItem
SetMenuItemBitmaps
SetParent
SetPropA
SetRect
SetRectEmpty
SetScrollInfo
SetTimer
SetWindowContextHelpId
SetWindowLongA
SetWindowPos
SetWindowRgn
SetWindowsHookExA
SetWindowTextA
ShowCaret
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
TabbedTextOutA
TrackPopupMenu
GetWindow
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassA
UpdateWindow
ValidateRect
WaitForInputIdle
WindowFromPoint
WinHelpA
wsprintfA
GetMenuItemCount
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyState
GetIconInfo
GetFocus
GetDoubleClickTime
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameA
GetClassLongA
GetClassInfoA
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowA
FillRect
ExitWindowsEx
ExcludeUpdateRgn
EqualRect
EnumWindows
EnumChildWindows
EndPaint
EndDialog
EndDeferWindowPos
EnableWindow
EnableMenuItem
DrawTextExA
DrawTextA
DrawStateA
DrawMenuBar
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
DrawAnimatedRects
DispatchMessageA
DialogBoxParamA
DestroyWindow
DestroyMenu
DestroyCursor
DeleteMenu
DefWindowProcA
DefDlgProcA
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateDialogIndirectParamA
CopyRect
CopyAcceleratorTableA
CloseWindow
ClipCursor
ClientToScreen
CheckRadioButton
CheckMenuItem
CharUpperBuffA
CharUpperA
CharToOemA
CharPrevA
CharNextA
CharLowerBuffA
CharLowerA
CallWindowProcA
CallNextHookEx
BringWindowToTop
BeginPaint
BeginDeferWindowPos
AppendMenuA
AdjustWindowRectEx
ReuseDDElParam
UnpackDDElParam
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollPos
GetScrollInfo
GetPropA
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetMessageTime
GetMessagePos
GetMessageA
GetMenuStringA
GetMenuState
GetMenuItemInfoA
TranslateAcceleratorA
GetMenuItemID
GetForegroundWindow

gdi32

CreateScalableFontResourceA
CreateRoundRectRgn
StretchDIBits
CreateSolidBrush
DeleteDC
CreateRectRgnIndirect
CreateRectRgn
CreatePatternBrush
CreatePalette
CreateHalftonePalette
CreateFontIndirectA
CreateFontA
CreateDIBSection
CreateDIBitmap
CreateDCA
StartPage
SetWinMetaFileBits
SetWindowOrgEx
SetWindowExtEx
DeleteEnhMetaFile
DeleteMetaFile
DeleteObject
DPtoLP
EndDoc
EndPage
EnumFontFamiliesExA
Escape
ExtCreateRegion
ExtSelectClipRgn
ExtTextOutA
GdiFlush
GetBkColor
GetBkMode
GetClipBox
GetCurrentObject
GetDeviceCaps
GetDIBits
GetEnhMetaFileA
GetEnhMetaFileHeader
GetMapMode
GetMetaFileA
GetMetaFileBitsEx
GetObjectA
GetPaletteEntries
GetStockObject
GetStretchBltMode
GetSystemPaletteEntries
GetTextColor
GetTextExtentPoint32A
GetTextExtentPointA
GetTextMetricsA
GetViewportExtEx
GetWindowExtEx
GetWindowOrgEx
IntersectClipRect
LineTo
LPtoDP
MoveToEx
OffsetViewportOrgEx
OffsetWindowOrgEx
PatBlt
PlayEnhMetaFile
PtInRegion
PtVisible
RealizePalette
Rectangle
RectVisible
RemoveFontResourceA
RestoreDC
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetStretchBltMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
CreatePen

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError
PrintDlgA

advapi32

RegCreateKeyA
FreeSid
GetFileSecurityA
GetTokenInformation
GetUserNameA
LookupAccountSidA
LookupPrivilegeValueA
OpenProcessToken
OpenThreadToken
RegCloseKey
AdjustTokenPrivileges
AllocateAndInitializeSid
SetFileSecurityA
RegSetValueExA
RegSetValueA
RegQueryValueExA
RegQueryValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyA
RegEnumValueA
RegEnumKeyExA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegConnectRegistryA
EqualSid

shell32

ShellExecuteExA
ShellExecuteA
Shell_NotifyIconA
ExtractIconA
DragFinish
DragQueryFileA

ole32

StgOpenStorageOnILockBytes
CoLockObjectExternal
CoInitialize
CoGetClassObject
CoFreeUnusedLibraries
CoCreateInstance
CLSIDFromString
StgCreateDocfileOnILockBytes
RevokeDragDrop
ReleaseStgMedium
RegisterDragDrop
OleUninitialize
OleSetClipboard
OleIsCurrentClipboard
OleInitialize
OleGetClipboard
OleFlushClipboard
OleDuplicateData
CoRegisterMessageFilter
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
CoUninitialize
CLSIDFromProgID
CoTaskMemFree
CoTaskMemAlloc
CoRevokeClassObject
DoDragDrop

oleaut32

SysAllocStringByteLen
VariantTimeToSystemTime
VariantInit
VariantCopy
VariantClear
VariantChangeType
LoadTypeLi
RegisterTypeLi
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen

ws2_32

WSACancelAsyncRequest
WSAAsyncGetHostByName
WSAGetLastError
WSACleanup
WSAStartup
send
select
recv
inet_addr
htons
ioctlsocket
connect
closesocket
inet_ntoa

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81641326c6e71ccf7a5649facabea011

Headers

File Characteristics

Imports

msacm32

winmm

imm32

comctl32

version

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 12KB - Virtual size: 21KB

.rsrc Size: 232KB - Virtual size: 232KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 12KB - Virtual size: 21KB

.rsrc
Size: 232KB - Virtual size: 232KB