193f1960d1c97f9cdb010d95bf8d4dac6d20f5037c3e66bc527629cec810b72a

Sharing

Copy URL Twitter E-mail

General

Target

193f1960d1c97f9cdb010d95bf8d4dac6d20f5037c3e66bc527629cec810b72a
Size

1.1MB
MD5

f528774400372176ae217cca3d4de88f
SHA1

0bb89610257dd0f1d5678f5914adf62a36789f11
SHA256

193f1960d1c97f9cdb010d95bf8d4dac6d20f5037c3e66bc527629cec810b72a
SHA512

87e08d28069e47e84b14038348b6768e90d92f94cce91424a3dc7984c4949c945131a0d8442623b26ad7d3b52221539c8c5f65c9e109469262a35c16abba5f68
SSDEEP

24576:Sip82P9cfyyLPc2HR19vU75Im9qlylHlv:S+9aySPIR9qIL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
193f1960d1c97f9cdb010d95bf8d4dac6d20f5037c3e66bc527629cec810b72a

Files

193f1960d1c97f9cdb010d95bf8d4dac6d20f5037c3e66bc527629cec810b72a
.exe windows:4 windows x86 arch:x86

fe657decee2d477915d6d67e253a8f70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostbyname
gethostname
WSAStartup
WSACleanup

winmm

sndPlaySoundA

kernel32

RtlUnwind
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
HeapReAlloc
GetStartupInfoA
ExitProcess
CreateThread
ExitThread
TerminateProcess
HeapSize
GetACP
SetStdHandle
GetFileType
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalUnlock
GlobalLock
GetLocalTime
GetLastError
CopyFileA
OpenFile
CloseHandle
GetFileSize
CreateFileA
FreeLibrary
GetProcAddress
LoadLibraryA
MultiByteToWideChar
lstrcpyA
lstrlenA
GetFullPathNameA
FindClose
FindNextFileA
lstrcmpiA
lstrcmpA
FindFirstFileA
CreateDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetPrivateProfileStringA
DeleteFileA
MoveFileA
SetErrorMode
GetFileAttributesA
GetOEMCP
GetCPInfo
GetProcessVersion
SizeofResource
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
TlsAlloc
GetCurrentThread
GetThreadLocale
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
DuplicateHandle
lstrcpynA
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
SetLastError
FormatMessageA
GetTickCount
FileTimeToDosDateTime
GetModuleFileNameA
lstrlenW
QueryPerformanceCounter
WritePrivateProfileStringA
GetPrivateProfileIntA
GetProfileStringA
GetProfileIntA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
LockResource
FindResourceA
LoadResource
RaiseException
InterlockedExchange
MulDiv
GetVersion
GetEnvironmentStrings
CreateProcessA
GlobalMemoryStatus
GetVersionExA
GetPrivateProfileSectionA
GetTempPathA
LocalAlloc
LocalFree
GetWindowsDirectoryA
UnmapViewOfFile
GetCurrentProcessId
OpenProcess
ExpandEnvironmentStringsA
WritePrivateProfileSectionA
WriteFile
Sleep
GetCurrentProcess
GlobalAlloc
SetProcessWorkingSetSize
QueryPerformanceFrequency
lstrcatA
GetShortPathNameA
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThreadId
GetCommandLineA
DeleteCriticalSection
HeapDestroy
CreateSemaphoreA
CreateMutexA
WaitForSingleObject
CreateFileMappingA
MapViewOfFile
ReleaseMutex
WideCharToMultiByte
GlobalFree
GlobalSize

user32

ReuseDDElParam
UnpackDDElParam
LoadStringA
DefFrameProcA
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
CharUpperA
PostQuitMessage
ShowOwnedPopups
MessageBeep
SetWindowContextHelpId
MapDialogRect
CopyAcceleratorTableA
InvertRect
PostThreadMessageA
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
AdjustWindowRectEx
EqualRect
DeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetWindowTextLengthA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetWindowPos
IntersectRect
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
TranslateAcceleratorA
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
SetRect
DrawEdge
DrawIconEx
GrayStringA
DrawTextA
TabbedTextOutA
GetSystemMenu
SetParent
GetDCEx
GetClassLongA
FillRect
BeginDeferWindowPos
EndDeferWindowPos
GetSysColorBrush
wsprintfA
OffsetRect
InflateRect
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
MapVirtualKeyA
InsertMenuA
SetFocus
GetWindowTextA
FindWindowA
BringWindowToTop
DeleteMenu
EnumWindows
GetWindowThreadProcessId
SetMenuDefaultItem
IsChild
SetPropA
RegisterWindowMessageA
GetDC
ReleaseDC
FindWindowExA
EnumChildWindows
WindowFromPoint
IsZoomed
DefDlgProcA
IsWindowUnicode
GetFocus
UnregisterHotKey
RegisterHotKey
CharNextA
GetPropA
GetLastActivePopup
IsIconic
SetForegroundWindow
SetMenu
UpdateWindow
keybd_event
VkKeyScanA
SetMenuItemInfoA
GetNextDlgGroupItem
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetClassNameA
PtInRect
GetDesktopWindow
LoadMenuA
LoadAcceleratorsA
GetMessageA
TranslateMessage
ValidateRect
EndPaint
BeginPaint
GetWindowDC
wvsprintfA
GetMenuCheckMarkDimensions
SetActiveWindow
SetMenuItemBitmaps
ModifyMenuA
GetCursorPos
ScreenToClient
LockWindowUpdate
TrackPopupMenu
TrackPopupMenuEx
DestroyMenu
SystemParametersInfoA
LoadImageA
SetWindowLongA
LoadBitmapA
KillTimer
SetTimer
GetWindow
LoadIconA
GetMenuItemCount
GetMenuItemInfoA
GetMenuState
GetMenuItemID
CheckMenuItem
EnableMenuItem
GetParent
UnionRect
IsRectEmpty
SetRectEmpty
GetWindowLongA
ShowWindow
CreatePopupMenu
GetWindowRect
ClientToScreen
IsMenu
AppendMenuA
GetSubMenu
GetMenuStringA
CopyRect
GetClientRect
DestroyIcon
ReleaseCapture
SetCapture
InvalidateRect
PostMessageA
GetCursor
SetCursor
LoadCursorA
GetSysColor
RegisterClipboardFormatA
GetKeyState
GetSystemMetrics
SendMessageA
IsWindow
IsWindowVisible
EnableWindow
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
RedrawWindow

gdi32

RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
SaveDC
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
LPtoDP
GetBkColor
GetTextMetricsA
CopyMetaFileA
CreateRectRgnIndirect
CreateFontA
GetCharWidthA
StretchDIBits
SetBkColor
SetTextColor
GetClipBox
GetBkMode
Ellipse
CreatePen
CreateDIBSection
CreateSolidBrush
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateRectRgn
PatBlt
CreateCompatibleBitmap
BitBlt
GetTextColor
EnumFontFamiliesA
GetTextExtentPoint32A
CreateDCA
GetObjectA
GetStockObject
SelectPalette
RealizePalette
GetDIBits
CreateCompatibleDC
GetDeviceCaps
CreateBitmap
SelectObject
DeleteDC
CreateFontIndirectA
GetTextExtentPointA
CreateDIBitmap
DeleteObject

comdlg32

GetFileTitleA
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

IsTextUnicode
RegEnumKeyA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyA
RegDeleteValueA
RegCreateKeyA
RegOpenKeyExA
RegDeleteKeyA

shell32

DragAcceptFiles
Shell_NotifyIconA
DragFinish
SHGetFileInfoA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteExA
ShellExecuteA
SHGetMalloc
SHGetDesktopFolder
DragQueryFileA

comctl32

ImageList_EndDrag
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragLeave
ImageList_Draw
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_AddMasked
ImageList_DragEnter
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_GetIconSize
ord17
ImageList_Destroy
ImageList_Create
ImageList_BeginDrag
ImageList_Duplicate

oledlg

ord8

ole32

CoRegisterMessageFilter
CoInitialize
CoUninitialize
CoRevokeClassObject
CoRegisterClassObject
CoCreateInstance
CoGetClassObject
CoTaskMemFree
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
ReleaseStgMedium
OleGetClipboard
CLSIDFromProgID
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
OleDuplicateData
CLSIDFromString
CoTaskMemAlloc
OleIsCurrentClipboard
OleFlushClipboard

olepro32

ord253

oleaut32

SysStringLen
VariantTimeToSystemTime
SysAllocStringLen
VariantChangeType
SysAllocStringByteLen
VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
RegisterTypeLi
LoadTypeLi
VariantClear
SysAllocString
SysFreeString

urlmon

CoInternetGetSession

wininet

FindCloseUrlCache
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
DeleteUrlCacheEntry
InternetSetOptionA
GetUrlCacheEntryInfoExA
GetUrlCacheEntryInfoA
InternetGetLastResponseInfoA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenUrlA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetOpenA
InternetCloseHandle
InternetQueryOptionA

Exports

Exports

?interfaceMap@CCustomControlSite@@1UAFX_INTERFACEMAP@@B

Sections

.text
Size: 772KB - Virtual size: 772KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 20KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fe657decee2d477915d6d67e253a8f70

Headers

File Characteristics

Imports

wsock32

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

wininet

Exports

Exports

Sections

.text Size: 772KB - Virtual size: 772KB

.rdata Size: 172KB - Virtual size: 172KB

.data Size: 56KB - Virtual size: 56KB

.rsrc Size: 136KB - Virtual size: 136KB

.aspack Size: 20KB - Virtual size: 54KB

.text
Size: 772KB - Virtual size: 772KB

.rdata
Size: 172KB - Virtual size: 172KB

.data
Size: 56KB - Virtual size: 56KB

.rsrc
Size: 136KB - Virtual size: 136KB

.aspack
Size: 20KB - Virtual size: 54KB