fbdbb4e2daaf3c631af774c3a5cc3410e7b9c1fcad64eb88e78fce6d86e9e0b8

Sharing

Copy URL Twitter E-mail

General

Target

fbdbb4e2daaf3c631af774c3a5cc3410e7b9c1fcad64eb88e78fce6d86e9e0b8
Size

1.9MB
MD5

7952c296813544e2fd118f49c55bb193
SHA1

0047c90bdedaf6436e4f5cd972db21a4b3179912
SHA256

fbdbb4e2daaf3c631af774c3a5cc3410e7b9c1fcad64eb88e78fce6d86e9e0b8
SHA512

63fed612de030ef93ed91aa5d8de50ef6d5657e2573e7991d9da5005a45cd99889e41ef4944974a693151f6b435be5bb3e4b59040f2c7ac3ed6bcca720e47339
SSDEEP

49152:OkBvwaO7rr9FuxgPdnR2Icxfn14dkrKkLvFpSbfKOsnA:+r9A2JRsfnCdkrzvFpSbfKOs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbdbb4e2daaf3c631af774c3a5cc3410e7b9c1fcad64eb88e78fce6d86e9e0b8

Files

fbdbb4e2daaf3c631af774c3a5cc3410e7b9c1fcad64eb88e78fce6d86e9e0b8
.exe windows:6 windows x86 arch:x86

973ae70a99513f3c59446520670c3a1d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winhttp

WinHttpQueryDataAvailable
WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpAddRequestHeaders
WinHttpSetOption
WinHttpCloseHandle
WinHttpSetCredentials
WinHttpSetTimeouts
WinHttpOpenRequest
WinHttpConnect
WinHttpOpen
WinHttpCrackUrl
WinHttpReadData
WinHttpCheckPlatform

ole32

CoTaskMemFree
CoTaskMemAlloc
ReleaseStgMedium
CoDisconnectObject
CoInitializeEx
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleDuplicateData
CreateStreamOnHGlobal
OleRun
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoUninitialize
CoInitialize

kernel32

GlobalSize
GetCurrentProcessId
LocalFree
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
FindResourceW
GlobalFlags
GetSystemDirectoryW
LoadResource
ResumeThread
SetThreadPriority
GetCurrentThreadId
MulDiv
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
SetLastError
SetErrorMode
CopyFileA
lstrcmpA
CompareStringA
SizeofResource
FreeResource
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
FindResourceA
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
FileTimeToSystemTime
GetVersionExA
GetLocaleInfoW
EncodePointer
GetUserDefaultUILanguage
VirtualProtect
GetOEMCP
GetCPInfo
FindClose
FindFirstFileA
FlushFileBuffers
GetFileSize
GetFullPathNameA
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
GetCurrentProcess
lstrcmpiA
GetVolumeInformationA
GetACP
lstrcpyA
GetCurrentDirectoryA
FindResourceExW
FileTimeToLocalFileTime
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
WriteConsoleW
SystemTimeToTzSpecificLocalTime
GetWindowsDirectoryA
VerSetConditionMask
VerifyVersionInfoA
GetTempPathA
GetTickCount
GetProfileIntA
SearchPathA
GetTempFileNameA
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
SwitchToThread
CompareStringW
LCMapStringW
GetStringTypeW
RtlUnwind
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetSystemInfo
VirtualAlloc
LoadLibraryA
GetProcAddress
FreeLibrary
Sleep
GetStartupInfoA
CreateProcessA
WaitForSingleObject
SetCurrentDirectoryA
GetUserDefaultLCID
FormatMessageA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
CreateFileA
CloseHandle
GetModuleFileNameA
WriteFile
GetStdHandle
IsBadReadPtr
ExitProcess
GetModuleHandleA
DeleteCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
GetLastError
RaiseException
DecodePointer
GetCommandLineA
Process32Next
Process32First
CreateToolhelp32Snapshot
WideCharToMultiByte
MultiByteToWideChar
VirtualQuery
HeapQueryInformation
GetCommandLineW
QueryPerformanceFrequency
SetStdHandle
GetFileType
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
CreateFileW
LockResource

user32

GetIconInfo
DrawIconEx
LoadImageA
IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
KillTimer
SetTimer
DeleteMenu
SetCursor
ShowOwnedPopups
LoadMenuW
GetSystemMenu
BringWindowToTop
SetCursorPos
wsprintfA
MessageBoxA
GetMessageA
LoadImageW
InvalidateRect
CopyIcon
CharUpperA
DestroyIcon
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
PostQuitMessage
OffsetRect
SetRectEmpty
CopyImage
SystemParametersInfoA
GetMenuItemInfoA
GetKeyNameTextA
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongA
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
DrawEdge
DrawFrameControl
IsZoomed
EnableScrollBar
HideCaret
InvertRect
LoadCursorW
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
MessageBeep
TranslateMessage
DispatchMessageA
PeekMessageA
UnhookWindowsHookEx
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetDC
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
DestroyMenu
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageA
WaitMessage
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
MapVirtualKeyA
ClientToScreen
ScreenToClient
TrackMouseEvent
GetSysColor
FillRect
SendMessageA
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
EnableWindow
IsWindowEnabled
GetWindowLongA
GetParent
GetWindowThreadProcessId
GetLastActivePopup
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
CopyRect
InflateRect
GetClientRect
LoadCursorA
GetSysColorBrush
GetSystemMetrics
IntersectRect
IsWindow
ShowWindow
MoveWindow
SetWindowPos
GetDlgItem
CheckDlgButton
SendDlgItemMessageA
GetDlgCtrlID
SetFocus
GetFocus
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
SetWindowLongA
GetWindow
IsDialogMessageA
GetWindowRect
PtInRect
GetDesktopWindow
GetClassNameA
RealChildWindowFromPoint
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
LoadBitmapW
RegisterWindowMessageA
GetMessagePos
GetMessageTime
PostMessageA
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsMenu
IsChild
DestroyWindow
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsIconic
GetCapture
GetMenu
SetMenu
TrackPopupMenu
UpdateWindow
SetActiveWindow
GetForegroundWindow
SetForegroundWindow
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropA
GetPropA
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
GetTopWindow
GetClassLongA
EqualRect
MapWindowPoints
AdjustWindowRectEx
RemovePropA

gdi32

SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetDeviceCaps
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
GetObjectA
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CopyMetaFileA
CreateDCA
CombineRgn
CreateFontIndirectA
CreateRectRgnIndirect
SetBkColor
PatBlt
SetRectRgn
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
CreatePolygonRgn

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegEnumKeyExA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey

shell32

SHAppBarMessage
SHBrowseForFolderA
DragFinish
DragQueryFileA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA
SHGetFileInfoA

shlwapi

PathRemoveFileSpecW
StrFormatKBSizeA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA

uxtheme

GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText
GetThemePartSize

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringLen
SysAllocStringByteLen
VariantInit
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayAllocData
SafeArrayAllocDescriptor
RegisterTypeLi
LoadTypeLi
VarR8FromBool
VarR8FromCy
VariantChangeType
VariantCopy
VariantClear
SafeArrayDestroy
SafeArrayCreate
SysFreeString
SysAllocString
LHashValOfNameSys
VarBstrFromDate
SafeArrayUnaccessData

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdiplusShutdown
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImagePalette
GdipGetImagePaletteSize

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 320KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

973ae70a99513f3c59446520670c3a1d

Headers

DLL Characteristics

File Characteristics

Imports

winhttp

ole32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

oleaut32

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 320KB - Virtual size: 319KB

.data Size: 24KB - Virtual size: 89KB

.rsrc Size: 1024B - Virtual size: 664B

.reloc Size: 134KB - Virtual size: 133KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 320KB - Virtual size: 319KB

.data
Size: 24KB - Virtual size: 89KB

.rsrc
Size: 1024B - Virtual size: 664B

.reloc
Size: 134KB - Virtual size: 133KB