f41cdeca4a63cd8901a6e668fa9b6c08b44d890d4e89da65dd74e0714b8f87f7N

Sharing

Copy URL Twitter E-mail

General

Target

f41cdeca4a63cd8901a6e668fa9b6c08b44d890d4e89da65dd74e0714b8f87f7N
Size

7.4MB
MD5

f82f0311e232e6744ff74c4b05cb56c0
SHA1

b5f9899f8f8c07b5c60defb6151988270f29e29e
SHA256

f41cdeca4a63cd8901a6e668fa9b6c08b44d890d4e89da65dd74e0714b8f87f7
SHA512

aee3636ba29eefef640a0454696a114b71f6835aed41b618c31aea922d77a61b79711301e52fc30ab7f2ae51c0cda31e69f217f02b4bbea35003d0cb12d3e2e5
SSDEEP

196608:AkyEpqSwoq8uolhKt99EtnKphzgJJc3J:A5EptwovuGi96tnKphzgXc3J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f41cdeca4a63cd8901a6e668fa9b6c08b44d890d4e89da65dd74e0714b8f87f7N

Files

f41cdeca4a63cd8901a6e668fa9b6c08b44d890d4e89da65dd74e0714b8f87f7N
.exe windows:4 windows x86 arch:x86

76450fd8761ef790a7c6119723c84c55

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveInGetDevCapsW
waveInAddBuffer
waveInMessage
waveInOpen
waveInPrepareHeader
waveInGetNumDevs
waveInClose
waveOutPause
waveOutWrite
waveOutUnprepareHeader
waveOutSetVolume
waveOutReset
waveOutPrepareHeader
mixerGetLineInfoW
waveOutOpen
waveOutGetNumDevs
waveOutGetDevCapsW
waveOutClose
waveInUnprepareHeader
waveInStop
waveInStart
waveInReset

imm32

ImmGetContext

comctl32

CreatePropertySheetPageW
ImageList_AddMasked
ImageList_Create
ImageList_Destroy
PropertySheetW
CreateToolbarEx

wininet

InternetQueryOptionW

kernel32

GetEnvironmentVariableW
GetFileAttributesW
GetFileTime
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetPrivateProfileIntW
GetPrivateProfileSectionNamesW
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemTimeAsFileTime
GetTempPathW
GetThreadPriority
GetTimeZoneInformation
GetVersionExA
GetVersionExW
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
GetCurrentProcessId
HeapFree
HeapReAlloc
HeapSize
InterlockedDecrement
InterlockedIncrement
LCMapStringA
LCMapStringW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LockResource
lstrlenA
MoveFileExW
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReleaseMutex
RemoveDirectoryW
ResetEvent
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetFileAttributesW
SetFilePointer
GetEnvironmentStringsW
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetCPInfo
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetCommandLineW
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FlushFileBuffers
FindResourceW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitProcess
DeleteFileW
DeleteCriticalSection
CreateThread
CreateProcessW
CreateMutexW
CreateFileW
CreateFileA
CreateEventW
CreateDirectoryW
CopyFileW
CompareStringW
CompareStringA
CloseHandle
CreateProcessA
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
IsValidCodePage
SetHandleCount
GetCurrentThreadId
RtlUnwind
GetVersion
GetCurrentProcess
GetEnvironmentStrings
GetEnvironmentVariableA
HeapDestroy

user32

InvalidateRect
IsDialogMessageW
IsDlgButtonChecked
IsIconic
IsWindow
IsWindowVisible
IsZoomed
KillTimer
LoadCursorW
LoadIconW
LoadImageW
MapDialogRect
MapVirtualKeyW
MessageBoxW
MoveWindow
MsgWaitForMultipleObjects
PeekMessageW
PostMessageW
PostQuitMessage
RegisterClassW
ReleaseDC
RemovePropW
ScreenToClient
ScrollWindowEx
SendDlgItemMessageW
SendMessageW
SetActiveWindow
SetCursor
SetDlgItemInt
SetDlgItemTextW
SetFocus
SetMenuDefaultItem
SetMenuItemInfoW
SetPropW
SetScrollInfo
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowsHookExW
SetWindowTextW
ShowWindow
TrackPopupMenu
TranslateMessage
UnhookWindowsHookEx
UpdateWindow
WaitForInputIdle
WindowFromDC
wsprintfW
InsertMenuW
InsertMenuItemW
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollInfo
GetPropW
GetParent
GetMessageW
GetMenu
GetKeyState
GetKeyNameTextW
GetFocus
GetDlgItemTextW
GetDlgItemInt
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursor
GetClientRect
GetClassNameA
FrameRect
FindWindowW
FillRect
EndPaint
EndDialog
EnableWindow
EnableMenuItem
DrawTextW
DrawIconEx
DispatchMessageW
DialogBoxParamW
DialogBoxIndirectParamW
DestroyWindow
DestroyMenu
DestroyIcon
DeleteMenu
DefWindowProcW
CreateWindowExW
CreatePopupMenu
CreateDialogParamW
CreateDialogIndirectParamW
CopyImage
ClientToScreen
CheckDlgButton
CallWindowProcW
CallNextHookEx
BeginPaint
AttachThreadInput
MessageBoxA
GetWindowThreadProcessId
GetForegroundWindow

gdi32

CreateFontIndirectW
CreateDIBSection
TextOutW
SetWindowExtEx
SetBkMode
SetTextColor
SetBkColor
SetStretchBltMode
Polygon
SetViewportExtEx
MoveToEx
LineTo
GetWindowExtEx
GetViewportExtEx
GetTextExtentPoint32W
GetStockObject
GetObjectW
GetCurrentObject
DeleteObject
DeleteDC
CreateSolidBrush
CreatePen
CreatePatternBrush
SelectObject
CreateCompatibleBitmap
CreateDIBitmap
CreateCompatibleDC
CreateFontW

winspool.drv

OpenPrinterW
DocumentPropertiesW
EnumPrintersW

advapi32

SetFileSecurityW
RegSetValueExW
RegSetKeySecurity
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
OpenProcessToken
InitializeSid
InitializeSecurityDescriptor
InitializeAcl
GetUserNameW
GetSidSubAuthority
GetSidLengthRequired
GetAce
SetSecurityDescriptorDacl

shell32

ShellExecuteExW
Shell_NotifyIconW
ShellExecuteW

ole32

CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal

avifil32

AVIMakeCompressedStream
AVIStreamGetFrameClose
AVIStreamGetFrameOpen
AVIStreamWrite
AVIStreamSetFormat
AVIStreamInfoW
AVIStreamRelease
AVIFileInit
AVIFileOpenW
AVIFileRelease
AVIFileGetStream
AVIFileExit
AVISaveOptionsFree

Sections

.text
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_aess_1
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_afss_1
Size: 12KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76450fd8761ef790a7c6119723c84c55

Headers

File Characteristics

Imports

winmm

imm32

comctl32

wininet

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

avifil32

Sections

.text Size: 3.8MB - Virtual size: 3.8MB

_aess_1 Size: 11KB - Virtual size: 10KB

_afss_1 Size: 12KB - Virtual size: 4.0MB

.rsrc Size: 3.6MB - Virtual size: 3.6MB

.text
Size: 3.8MB - Virtual size: 3.8MB

_aess_1
Size: 11KB - Virtual size: 10KB

_afss_1
Size: 12KB - Virtual size: 4.0MB

.rsrc
Size: 3.6MB - Virtual size: 3.6MB