9d43815caffb06deec1518b2528bf29bc5a0ff704d3428da18d9c9c2e2ac72ceN

Sharing

Copy URL Twitter E-mail

General

Target

9d43815caffb06deec1518b2528bf29bc5a0ff704d3428da18d9c9c2e2ac72ceN
Size

2.0MB
MD5

3358b51b0886888a01130fc333a34410
SHA1

78cbcea894b1a6872ee8a0ff23aec7970559b580
SHA256

9d43815caffb06deec1518b2528bf29bc5a0ff704d3428da18d9c9c2e2ac72ce
SHA512

75c1bcaaf20ca0b19c3d2d2a31b8c3f7a16df3faacbcb5e9224f4a7699611e4da146ee6cfb8c6f08144e5a5beb34c51ef7a4b04a657f710546f2a8a2e49fbfa0
SSDEEP

49152:9gVh1iCb/8yt06c0em9YiI9LNiXicJFFRGNzj3:y7/lu7wRGpj3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9d43815caffb06deec1518b2528bf29bc5a0ff704d3428da18d9c9c2e2ac72ceN

Files

9d43815caffb06deec1518b2528bf29bc5a0ff704d3428da18d9c9c2e2ac72ceN
.exe windows:5 windows x64 arch:x64

ca5ec8e7c521fd9480b9237484438973

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

setupapi

SetupDiCallClassInstaller
SetupDiOpenDeviceInfoA
SetupDiGetDeviceInstallParamsA

mpr

WNetCancelConnection2A
WNetGetConnectionA

shlwapi

SHDeleteKeyA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA

kernel32

GetModuleFileNameW
lstrcmpW
CompareStringA
GlobalFindAtomA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetThreadLocale
ReadFile
SetFilePointer
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetVolumeInformationA
GetFileAttributesExA
GetFileSizeEx
TlsGetValue
TlsAlloc
GlobalReAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
TlsFree
LoadLibraryExA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
SetThreadPriority
SuspendThread
GetModuleHandleW
GlobalFlags
GetCPInfo
GetOEMCP
SetErrorMode
RtlCaptureContext
RtlUnwindEx
RaiseException
RtlPcToFileHeader
IsDebuggerPresent
VirtualProtect
VirtualAlloc
VirtualQuery
ExitProcess
GetDateFormatA
GetTimeFormatA
HeapReAlloc
SetStdHandle
GetFileType
ExitThread
HeapQueryInformation
HeapSize
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStdHandle
HeapSetInformation
HeapCreate
GetStringTypeA
GetStringTypeW
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
ReleaseMutex
OpenMutexA
CreateThread
GetStartupInfoA
GetExitCodeProcess
CreateDirectoryA
FlushFileBuffers
GlobalFree
GetProcessHeap
HeapFree
HeapAlloc
GetFileTime
CompareFileTime
WritePrivateProfileStringA
GetSystemDefaultLCID
GetUserDefaultLCID
GetUserDefaultLangID
FormatMessageA
GetSystemInfo
GetVersionExA
InitializeCriticalSection
GetFileSize
DeleteCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
WriteFile
OutputDebugStringA
CreateFileA
CopyFileA
WritePrivateProfileSectionA
GetCommandLineA
SetFileAttributesA
MoveFileExA
CreateMutexA
lstrlenW
LocalFree
CreateProcessA
WaitForSingleObject
GlobalGetAtomNameA
ResumeThread
OpenProcess
TerminateProcess
GetLogicalDrives
GetDriveTypeA
FindResourceExA
Sleep
SetEvent
LocalAlloc
CreateEventA
GlobalAlloc
FreeResource
GlobalLock
GlobalUnlock
MulDiv
GetModuleFileNameA
GlobalAddAtomA
GlobalDeleteAtom
GetCurrentThreadId
GetTickCount
DeleteFileA
GetTempFileNameA
lstrlenA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
FreeLibrary
GetSystemDirectoryA
GetShortPathNameA
GetWindowsDirectoryA
GetEnvironmentVariableA
GetTempPathA
GetLocaleInfoA
GetCurrentDirectoryA
GetSystemDefaultLangID
GetLocalTime
GetLogicalDriveStringsA
RemoveDirectoryA
GetPrivateProfileStringA
FindFirstFileA
lstrcmpA
FindNextFileA
SetLastError
FindClose
GetFullPathNameA
GetFileAttributesA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetCurrentProcess
CloseHandle
GetModuleHandleA
GetLastError
EnterCriticalSection
LeaveCriticalSection

user32

GetMenuItemInfoA
UnregisterClassA
GetSysColorBrush
ShowOwnedPopups
ValidateRect
GetCursorPos
SetWindowRgn
DrawIcon
CharNextA
MessageBeep
GetNextDlgGroupItem
SetWindowContextHelpId
MapDialogRect
SetCapture
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharUpperA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
ShowWindow
MoveWindow
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetWindowLongPtrA
SetWindowLongPtrA
GetMessageTime
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
IsWindowVisible
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
GetWindow
UnhookWindowsHookEx
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
EndDialog
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
MsgWaitForMultipleObjects
PostQuitMessage
SetWindowTextA
GetSystemMetrics
MessageBoxA
EnumWindows
EnumChildWindows
GetWindowTextA
GetWindowModuleFileNameA
GetMessagePos
KillTimer
SetTimer
ScreenToClient
DrawFocusRect
InflateRect
SetRectEmpty
PtInRect
DestroyCursor
LoadCursorA
CopyIcon
SetCursor
GetMessageA
PostThreadMessageA
WaitForInputIdle
IsWindow
RedrawWindow
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
GetDesktopWindow
InvalidateRect
UpdateWindow
IsIconic
LoadBitmapA
GetDC
SetWindowLongA
ReleaseDC
PeekMessageA
TranslateMessage
DispatchMessageA
PostMessageA
RegisterWindowMessageA
GetSysColor
GetWindowLongA
GetParent
GetNextDlgTabItem
GetClientRect
ReleaseCapture
GetKeyState
ExitWindowsEx
GetWindowRect
LoadIconA
SendMessageA
EnableWindow
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorA
RegisterClipboardFormatA
GetClassInfoA
DestroyMenu
GetWindowPlacement

gdi32

GetRgnBox
GetBkColor
GetTextColor
CreateEllipticRgn
LPtoDP
Ellipse
GetMapMode
GetPixel
GetWindowExtEx
GetViewportExtEx
DeleteObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
GetTextExtentPoint32A
CreateFontIndirectA
GetStockObject
StretchBlt
BitBlt
GetObjectA
CreateFontA
GetLayout
SetLayout
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateRectRgnIndirect
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
PtVisible

comdlg32

GetFileTitleA

winspool.drv

EnumPrintersA
GetPrinterDriverA
GetPrinterA
SetPrinterA
DeletePrinterDriverA
ClosePrinter
DeletePortA
GetPrinterDataA
EnumMonitorsA
EnumPortsA
EnumPrinterDriversA
DocumentPropertiesA
OpenPrinterA
DeleteMonitorA
GetPrinterDriverDirectoryA
DeletePrinter

advapi32

RegQueryValueA
RegCloseKey
RegSetValueExA
GetTokenInformation
EqualSid
LookupAccountSidA
FreeSid
RegCreateKeyExA
RegOpenKeyA
RegDeleteKeyA
QueryServiceConfigA
QueryServiceStatus
ControlService
DeleteService
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegDeleteValueA
RegQueryInfoKeyA
RegEnumValueA
AllocateAndInitializeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExA
RegEnumKeyA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

oledlg

ord8

ole32

CoGetClassObject
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
OleUninitialize
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromProgID
CLSIDFromString
CoDisconnectObject
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize

oleaut32

LoadTypeLi
OleCreateFontIndirect
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
VariantChangeType
VariantInit
VariantCopy
SysFreeString
SysAllocStringByteLen
OleLoadPicturePath
SysAllocString
SysAllocStringLen
VariantClear
GetErrorInfo

Sections

.text
Size: 770KB - Virtual size: 770KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 944KB - Virtual size: 948KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ca5ec8e7c521fd9480b9237484438973

Headers

DLL Characteristics

File Characteristics

Imports

version

setupapi

mpr

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

oledlg

ole32

oleaut32

Sections

.text Size: 770KB - Virtual size: 770KB

.rdata Size: 260KB - Virtual size: 260KB

.data Size: 45KB - Virtual size: 136KB

.pdata Size: 49KB - Virtual size: 49KB

.rsrc Size: 944KB - Virtual size: 948KB

.text
Size: 770KB - Virtual size: 770KB

.rdata
Size: 260KB - Virtual size: 260KB

.data
Size: 45KB - Virtual size: 136KB

.pdata
Size: 49KB - Virtual size: 49KB

.rsrc
Size: 944KB - Virtual size: 948KB