9791070858038e5c8fd2682a7a7e6c42424544f0c30786fb3aedd6819b464a15

Sharing

Copy URL

Twitter E-mail

General

Target

9791070858038e5c8fd2682a7a7e6c42424544f0c30786fb3aedd6819b464a15
Size

1.5MB
MD5

09ddebc5c9c28ec403be237b3bf2a4f5
SHA1

ec0577c7556485aaaf80c09dd8610d6dc3624524
SHA256

9791070858038e5c8fd2682a7a7e6c42424544f0c30786fb3aedd6819b464a15
SHA512

fa6481193ef612346899ab4c4a591b2e977edf803695fafb6222176165f8a24cfa5d40714e21069ce90c2f74efb9f1056e2ad3b76ba1fea5f3084de67112ecc6
SSDEEP

49152:gxNaCZM89ZT1zsi9OlfMP4rJLsxzLb9rKe:gxNhS8lsaOlfkuxsxzPZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9791070858038e5c8fd2682a7a7e6c42424544f0c30786fb3aedd6819b464a15

Files

9791070858038e5c8fd2682a7a7e6c42424544f0c30786fb3aedd6819b464a15
.exe windows:5 windows x86 arch:x86

8179c9e3c79e89cf234ef0a11276ddac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

MD5Init
MD5Update
MD5Final
LookupPrivilegeValueW
OpenProcessToken
AdjustTokenPrivileges

comctl32

_TrackMouseEvent
ord17

ws2_32

inet_addr

wininet

InternetReadFile
HttpQueryInfoW
InternetOpenUrlW
InternetOpenW
InternetCloseHandle

user32

ShowCaret
HideCaret
CreateCaret
SetRect
CharPrevW
DrawTextW
CharNextW
MoveWindow
CreateAcceleratorTableW
IntersectRect
InvalidateRgn
FillRect
wvsprintfW
SetCursor
SetCaretPos
OffsetRect
IsZoomed
GetCursorPos
GetUpdateRect
BeginPaint
EndPaint
IsRectEmpty
MapWindowPoints
ClientToScreen
GetWindowRect
GetClientRect
ScreenToClient
SetWindowRgn
GetSystemMenu
AppendMenuW
GetSysColor
SetWindowTextW
InflateRect
MessageBoxW
PostQuitMessage
wsprintfW
ShowWindow
FindWindowA
IsWindow
GetWindowThreadProcessId
GetWindowLongW
SetWindowLongW
IsIconic
DialogBoxParamW
EndDialog
GetDesktopWindow
GetWindow
GetWindowTextLengthW
GetWindowTextW
wsprintfA
DefWindowProcW
DispatchMessageW
GetFocus
ReleaseCapture
ReleaseDC
PtInRect
DestroyWindow
SetCapture
KillTimer
SetTimer
InvalidateRect
GetDC
GetKeyState
CreateWindowExW
GetClassInfoExW
RegisterClassExW
LoadCursorW
RegisterClassW
PostMessageW
SetPropW
GetPropW
CallWindowProcW
GetSystemMetrics
LoadImageW
SendMessageW
GetParent
MonitorFromWindow
GetMonitorInfoW
SetWindowPos
EnableWindow
GetMessageW
SetFocus
TranslateMessage

shell32

ShellExecuteW

gdi32

SetBkMode
SetTextColor
RoundRect
GetObjectA
TextOutW
GetTextExtentPoint32W
GetCharABCWidthsW
CreatePenIndirect
MoveToEx
LineTo
CreateSolidBrush
SetBkColor
ExtTextOutW
SetStretchBltMode
CreateDIBSection
StretchBlt
CombineRgn
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
SelectClipRgn
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
SaveDC
BitBlt
RestoreDC
Rectangle
SetWindowOrgEx
DeleteDC
CreatePen
GetStockObject
GetObjectW
CreateFontIndirectW
SelectObject
GetTextMetricsW
CreateRoundRectRgn
DeleteObject

oleaut32

VariantInit
SysAllocString
VariantClear
SysFreeString

kernel32

FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
SetLastError
RtlUnwind
OutputDebugStringW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
LeaveCriticalSection
EnterCriticalSection
LoadLibraryExW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLocalTime
InterlockedDecrement
InterlockedIncrement
WriteFile
SetFileTime
DosDateTimeToFileTime
SystemTimeToFileTime
DuplicateHandle
GetFileType
SetFilePointer
CreateFileW
GetFileSize
ReadFile
MulDiv
GetACP
LoadLibraryW
Process32NextW
Module32NextW
Module32FirstW
Process32FirstW
CreateToolhelp32Snapshot
FindResourceExW
MultiByteToWideChar
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
FreeResource
WritePrivateProfileStringW
GetPrivateProfileStringA
GetCommandLineA
GetCommandLineW
GetModuleHandleExW
GetStdHandle
CompareStringW
LCMapStringW
GetStringTypeW
GetFileAttributesExW
GetExitCodeProcess
CreateProcessA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointerEx
ReadConsoleW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
WriteConsoleW
IsProcessorFeaturePresent
GetPrivateProfileStringW
GetPrivateProfileIntW
MoveFileExW
GetTempPathW
ExitProcess
WideCharToMultiByte
RaiseException
GetLastError
GetModuleHandleW
GetProcAddress
DecodePointer
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LoadResource
LockResource
SizeofResource
FindResourceW
CloseHandle
DeleteFileW
SetFileAttributesW
CreateThread
WaitForSingleObject
GetModuleFileNameW
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetFileAttributesW
CreateDirectoryW
GetCurrentProcess
GetVersionExW
CreateRemoteThread
OpenProcess
VirtualAllocEx
WriteProcessMemory
VirtualFreeEx
CreateProcessW
CopyFileW
GetTickCount
lstrlenW
lstrcatW
TerminateProcess
ResumeThread
Sleep
GetCurrentDirectoryW
SetEndOfFile

ole32

OleLockRunning
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoUninitialize
CoInitialize

psapi

GetModuleBaseNameW
EnumProcessModules

gdiplus

GdipCreateLineBrushI
GdiplusStartup
GdipDeleteFont
GdipDeleteGraphics
GdipSetStringFormatAlign
GdipCreateStringFormat
GdipAlloc
GdipFree
GdipDeleteBrush
GdiplusShutdown
GdipCreateFromHDC
GdipSetStringFormatLineAlign
GdipSetTextRenderingHint
GdipDrawString
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCloneBrush
GdipDeleteStringFormat

Sections

.text
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8179c9e3c79e89cf234ef0a11276ddac

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comctl32

ws2_32

wininet

user32

shell32

gdi32

oleaut32

kernel32

ole32

psapi

gdiplus

Sections

.text Size: 332KB - Virtual size: 331KB

.rdata Size: 102KB - Virtual size: 101KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.reloc Size: 21KB - Virtual size: 21KB

.text
Size: 332KB - Virtual size: 331KB

.rdata
Size: 102KB - Virtual size: 101KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

.reloc
Size: 21KB - Virtual size: 21KB