65ff5d02a498ecc2e4030f14b2132d1b6ce163d3f6d415243da7ed75a6fc2434N

Sharing

Copy URL Twitter E-mail

General

Target

65ff5d02a498ecc2e4030f14b2132d1b6ce163d3f6d415243da7ed75a6fc2434N
Size

8.7MB
MD5

c15c3d6abcd7e698fcbc8e07bfd89360
SHA1

5f28a2f688e1b091888b6488dd096c500c19efb2
SHA256

65ff5d02a498ecc2e4030f14b2132d1b6ce163d3f6d415243da7ed75a6fc2434
SHA512

e96b94f74d9bc40e49708d763e0f61df9f3519bc2810569bcf26fd7b104a9ece1988a0d4ed40190d2e7c45093073935ca8af0756d5be99fa89b75b6254aa97aa
SSDEEP

196608:KBnScxe+Amjwccv0aUJTn4M2hzT9uXm7TbQMum4jdOXwTerV3JosL:WM+9Fn4M2hzT9uXm7TbQMum4jdOXwTef

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65ff5d02a498ecc2e4030f14b2132d1b6ce163d3f6d415243da7ed75a6fc2434N

Files

65ff5d02a498ecc2e4030f14b2132d1b6ce163d3f6d415243da7ed75a6fc2434N
.exe windows:4 windows x86 arch:x86

e3b7ea5b01fe9e86446bcb20113e4240

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetCompositionWindow
ImmGetContext

comctl32

ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_SetOverlayImage
ImageList_Write
ord17
InitializeFlatSB
FlatSB_SetScrollInfo
FlatSB_SetScrollPos
FlatSB_SetScrollProp
ImageList_Add
ImageList_BeginDrag
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_Read
ImageList_Remove
FlatSB_GetScrollPos
ImageList_Replace

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerLanguageNameW
VerQueryValueW

kernel32

GetStringTypeA
HeapReAlloc
HeapAlloc
GetOEMCP
HeapFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
TlsAlloc
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
GetCurrentProcess
TerminateProcess
GetModuleHandleA
RtlUnwind
GetStringTypeW
LCMapStringA
WritePrivateProfileStringW
WideCharToMultiByte
WaitForSingleObjectEx
WaitForMultipleObjectsEx
VirtualQueryEx
VirtualQuery
VirtualFreeEx
VirtualFree
VirtualAllocEx
VirtualAlloc
UnmapViewOfFile
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TerminateThread
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
SuspendThread
Sleep
SizeofResource
SetThreadPriority
SetThreadLocale
SetLastError
SetFilePointer
SetFileAttributesW
SetEvent
SetErrorMode
SetEnvironmentVariableW
SetEnvironmentVariableA
SetEndOfFile
SetCurrentDirectoryW
ResumeThread
ResetEvent
RemoveDirectoryW
ReleaseMutex
ReadProcessMemory
ReadFile
RaiseException
QueryPerformanceFrequency
QueryPerformanceCounter
OpenProcess
OpenMutexW
OpenFileMappingW
MultiByteToWideChar
MulDiv
MoveFileW
MapViewOfFile
lstrlenW
lstrlenA
lstrcpyW
lstrcpynW
lstrcmpW
lstrcmpiA
lstrcatA
LockResource
LocalUnlock
LocalLock
LocalFree
LocalAlloc
LoadResource
LoadLibraryW
LoadLibraryExW
IsValidLocale
InterlockedIncrement
InterlockedExchangeAdd
InterlockedDecrement
InterlockedCompareExchange
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalFree
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetWindowsDirectoryW
GetWindowsDirectoryA
GetVolumeInformationW
GetVersionExW
GetVersion
GetTimeZoneInformation
GetThreadPriority
GetThreadLocale
GetTempPathW
GetSystemInfo
GetStringTypeExW
GetStringTypeExA
GetStdHandle
GetStartupInfoA
GetProcAddress
GetPrivateProfileStringW
GetModuleHandleW
GetModuleFileNameW
GetLongPathNameW
GetLocalTime
GetLocaleInfoW
GetLastError
GetFullPathNameW
GetFileType
GetFileSize
GetFileAttributesW
GetFileAttributesA
GetExitCodeThread
GetEnvironmentVariableW
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentDirectoryW
GetCPInfo
GetComputerNameW
GetCommandLineW
GetACP
FreeResource
FreeLibrary
FormatMessageW
FindResourceW
FindResourceA
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExitThread
ExitProcess
EnumResourceTypesA
EnumResourceNamesA
EnumCalendarInfoW
DeleteFileW
DeleteCriticalSection
CreateThread
CreateMutexW
CreateFileW
CreateFileMappingW
CreateFileA
CreateProcessA
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
IsValidCodePage
LCMapStringW
WriteFile

user32

SetWindowRgn
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRect
SetPropW
SetParent
SetMenuItemInfoW
SetKeyboardState
SetForegroundWindow
SetFocus
SetCursorPos
SetClipboardData
SetClassLongW
SetCaretPos
SetCapture
SetActiveWindow
SendMessageW
SendMessageA
SendDlgItemMessageW
ScrollWindowEx
ScreenToClient
RemovePropW
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
RedrawWindow
PtInRect
PostQuitMessage
PostMessageW
PeekMessageW
PeekMessageA
OpenClipboard
OffsetRect
MsgWaitForMultipleObjectsEx
MoveWindow
MessageBoxW
MessageBoxIndirectW
MessageBeep
MapWindowPoints
MapVirtualKeyW
LockWindowUpdate
LoadStringW
LoadKeyboardLayoutW
LoadImageA
LoadIconW
LoadCursorW
LoadBitmapW
KillTimer
IsZoomed
IsWindowVisible
IsWindowEnabled
IsRectEmpty
IsIconic
IsDialogMessageW
IsDialogMessageA
IsClipboardFormatAvailable
IsChild
IsCharAlphaW
IsCharAlphaNumericW
InvalidateRgn
InvalidateRect
IntersectRect
InsertMenuW
InsertMenuItemW
InflateRect
HideCaret
GetWindowTextW
SetWindowsHookExW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowLongA
GetWindowDC
WindowFromDC
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropW
GetParent
GetMessageW
GetMessageTime
GetMessagePos
GetMessageExtraInfo
GetMenuStringW
GetMenuState
GetMenuItemRect
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetLastActivePopup
GetKeyState
GetKeyNameTextW
GetKeyboardState
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetIconInfo
GetFocus
GetDoubleClickTime
GetDlgItemTextW
GetDlgItemTextA
GetDlgCtrlID
GetDesktopWindow
GetDCEx
GetCursorPos
GetClipboardFormatNameW
GetClipboardData
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetCaretPos
GetCapture
GetAsyncKeyState
GetWindowThreadProcessId
GetForegroundWindow
MessageBoxA
CallWindowProcW
CharLowerBuffA
CharLowerBuffW
CharLowerW
CharNextW
CharUpperBuffA
CharUpperBuffW
CheckMenuItem
ClientToScreen
GetActiveWindow
FrameRect
FindWindowW
FindWindowExW
FillRect
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EnumChildWindows
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
SetWindowTextW
wvsprintfA
GetWindowTextLengthW
WindowFromPoint
CloseClipboard
CopyIcon
CopyImage
CopyRect
CountClipboardFormats
CreateAcceleratorTableW
CreateCaret
CreateIconIndirect
CreateMenu
CreatePopupMenu
CreateWindowExW
DefFrameProcW
WaitMessage
ValidateRect
UpdateWindow
UnregisterClassW
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
ToAscii
SystemParametersInfoW
ShowWindow
ShowScrollBar
ShowOwnedPopups
GetUpdateRect
ShowCaret
DrawTextW
DrawTextExW
DrawMenuBar
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DestroyCaret
DeleteMenu
DefWindowProcW
DefMDIChildProcW
IsWindowUnicode

gdi32

Ellipse
EndDoc
EndPage
EnumFontFamiliesExW
EnumFontFamiliesW
EnumFontsW
Escape
ExcludeClipRect
ExtCreatePen
ExtCreateRegion
ExtFloodFill
ExtSelectClipRgn
ExtTextOutW
FrameRgn
GdiFlush
GetBitmapBits
GetBitmapDimensionEx
GetBrushOrgEx
GetClipBox
GetClipRgn
GetCurrentObject
GetCurrentPositionEx
GetDCOrgEx
GetDeviceCaps
GetDIBColorTable
GetDIBits
GetEnhMetaFileBits
GetEnhMetaFileDescriptionW
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetGlyphOutlineW
GetGraphicsMode
GetMapMode
DeleteObject
GetNearestPaletteIndex
GetObjectW
GetOutlineTextMetricsW
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextExtentExPointW
GetTextExtentPoint32W
GetTextExtentPointW
GetTextMetricsW
DeleteEnhMetaFile
GetWindowOrgEx
GetWinMetaFileBits
IntersectClipRect
LineDDA
LineTo
LPtoDP
MaskBlt
ModifyWorldTransform
MoveToEx
PatBlt
Pie
PlayEnhMetaFile
PolyBezierTo
Polygon
Polyline
PolyPolyline
RealizePalette
Rectangle
RectVisible
RemoveFontResourceW
ResizePalette
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetAbortProc
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetDIBits
SetEnhMetaFileBits
SetGraphicsMode
SetMapMode
SetPaletteEntries
SetPixelFormat
SetPixelV
SetROP2
SetStretchBltMode
SetTextAlign
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetWinMetaFileBits
SetWorldTransform
StartDocW
StartPage
StretchBlt
StretchDIBits
TextOutW
UnrealizeObject
DeleteDC
CreateSolidBrush
CreateRoundRectRgn
CreateRectRgn
CreatePolygonRgn
CreatePenIndirect
CreatePatternBrush
CreatePalette
CreateICW
CreateHalftonePalette
CreateFontIndirectW
CreateFontIndirectA
CreateEnhMetaFileW
CreateEllipticRgn
CreateDIBSection
CreateDIBitmap
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileW
GetViewportOrgEx
GetNearestColor
CombineRgn

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter
EnumPrintersW

comdlg32

GetOpenFileNameA
PrintDlgW
ChooseFontW
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW

advapi32

RegEnumValueW
RegFlushKey
RegLoadKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegReplaceKeyW
RegRestoreKeyW
RegSaveKeyW
RegSetValueExW
RegUnLoadKeyW
RegEnumKeyExW

shell32

ExtractIconW
DragQueryFileW
DragFinish
ShellExecuteW

ole32

CoCreateGuid
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
FreePropVariantArray
OleInitialize
OleUninitialize
StgCreateDocfile
StringFromCLSID

oleaut32

VariantCopyInd
VariantClear
VariantChangeType
SysReAllocStringLen
SysFreeString
SysAllocStringLen
SetErrorInfo
SafeArrayUnaccessData
SafeArrayRedim
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
VariantInit

avifil32

AVIFileInit
AVIFileExit
AVIFileRelease
AVIFileOpenW
AVIFileGetStream
AVIStreamRelease
AVIStreamInfoW
AVIStreamSetFormat
AVIStreamWrite
AVIStreamGetFrameOpen
AVIMakeCompressedStream
AVISaveOptionsFree
AVIStreamGetFrameClose

Sections

.text
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_aess_6
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_afss_6
Size: 12KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3b7ea5b01fe9e86446bcb20113e4240

Headers

File Characteristics

Imports

imm32

comctl32

version

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

avifil32

Sections

.text Size: 3.8MB - Virtual size: 3.8MB

_aess_6 Size: 17KB - Virtual size: 16KB

_afss_6 Size: 12KB - Virtual size: 4.0MB

.rsrc Size: 4.9MB - Virtual size: 4.9MB

.text
Size: 3.8MB - Virtual size: 3.8MB

_aess_6
Size: 17KB - Virtual size: 16KB

_afss_6
Size: 12KB - Virtual size: 4.0MB

.rsrc
Size: 4.9MB - Virtual size: 4.9MB