bda54f31c55ea6bb289ab655cf0915e3387716c19e85647f46b8a021110dcc7cN

Sharing

Copy URL Twitter E-mail

General

Target

bda54f31c55ea6bb289ab655cf0915e3387716c19e85647f46b8a021110dcc7cN
Size

475KB
MD5

30e33978fbb81e62406c7431c94ff5f0
SHA1

ef5dae65d452dcf34d7fbd590d675bc851e13090
SHA256

bda54f31c55ea6bb289ab655cf0915e3387716c19e85647f46b8a021110dcc7c
SHA512

e23fccdece31ed061ed3d095c84d2339977549befd06b08c3644aff076a4540d0d047800d0f7f80c8d7a0133b9fe24993820da28a95ddc33d190890daff73994
SSDEEP

12288:IADPtHfCzK04uKG9z1obK1hx5Y0ZI8jMU:JDxfsK7uKG4u1H5Y0ZI8jMU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bda54f31c55ea6bb289ab655cf0915e3387716c19e85647f46b8a021110dcc7cN

Files

bda54f31c55ea6bb289ab655cf0915e3387716c19e85647f46b8a021110dcc7cN
.exe windows:4 windows x86 arch:x86

4cfd7047c152ae9bb0f3859a857ee57a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

__WSAFDIsSet
recv
send
socket
connect
closesocket
bind
select
accept
htons
sendto
recvfrom
ntohs
WSAGetLastError
ioctlsocket
WSACleanup
inet_addr
gethostbyname
WSAStartup
gethostname
listen

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

winmm

waveOutSetVolume
timeGetTime
mciSendStringA

comctl32

ImageList_Remove
ImageList_Destroy
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragMove
ImageList_DragEnter
ImageList_BeginDrag
ImageList_SetDragCursorImage
ImageList_ReplaceIcon
ImageList_Create
InitCommonControlsEx

mpr

WNetUseConnectionA
WNetGetConnectionA
WNetAddConnection2A
WNetCancelConnection2A

kernel32

QueryPerformanceFrequency
UnmapViewOfFile
OpenProcess
CreateFileMappingA
MapViewOfFile
WriteProcessMemory
ReadProcessMemory
SetFilePointer
TerminateProcess
WaitForSingleObject
SetFileTime
GetFileAttributesA
FindFirstFileA
FindClose
MultiByteToWideChar
DeleteFileA
FindNextFileA
lstrcmpiA
MoveFileA
CopyFileA
GetLastError
CreateDirectoryA
RemoveDirectoryA
SetSystemPowerState
FindResourceA
LoadResource
LockResource
SizeofResource
EnumResourceNamesA
OutputDebugStringA
GetLocalTime
WideCharToMultiByte
CompareStringA
InterlockedIncrement
InterlockedDecrement
FormatMessageA
GetExitCodeProcess
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileSectionA
WritePrivateProfileSectionA
GetPrivateProfileSectionNamesA
QueryPerformanceCounter
FileTimeToSystemTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetDriveTypeA
SetErrorMode
GetDiskFreeSpaceA
GetVolumeInformationA
SetVolumeLabelA
DeviceIoControl
SetFileAttributesA
GetShortPathNameA
GetEnvironmentVariableA
SetEnvironmentVariableA
SetProcessWorkingSetSize
GlobalMemoryStatus
Beep
GetComputerNameA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
GetCurrentProcessId
CreatePipe
DuplicateHandle
GetStdHandle
SetPriorityClass
WriteFile
GetFileType
PeekNamedPipe
SetLastError
GetTempFileNameA
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
DeleteCriticalSection
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetACP
GetModuleHandleA
GetSystemInfo
GetCurrentProcess
GetVersionExA
GlobalFindAtomA
LoadLibraryExA
GlobalFree
GlobalUnlock
ReadFile
GlobalLock
GlobalAlloc
GetFileSize
CreateFileA
CloseHandle
CreateProcessA
GetCurrentThreadId
Sleep
GetProcAddress
LoadLibraryA
GetOEMCP
GetCPInfo
UnhandledExceptionFilter
FreeLibrary
GetModuleFileNameA
GetFullPathNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
ResumeThread
CreateThread
HeapAlloc
HeapFree
ExitProcess
SetHandleCount
SetStdHandle
FlushFileBuffers
LCMapStringA
LCMapStringW
RaiseException
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
ExitThread
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
RtlUnwind
InitializeCriticalSection
InterlockedExchange
VirtualQuery
GetTickCount
VirtualProtect
SetEndOfFile
FileTimeToLocalFileTime
CompareStringW

user32

EnumThreadWindows
FindWindowExA
SetActiveWindow
ExitWindowsEx
mouse_event
CreateIconFromResourceEx
UnregisterHotKey
PeekMessageA
TranslateMessage
DispatchMessageA
GetMessageA
CharLowerBuffA
CharUpperA
OpenClipboard
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
CountClipboardFormats
EmptyClipboard
SetClipboardData
GetCursor
RegisterHotKey
IsCharAlphaA
IsCharAlphaNumericA
IsCharLowerA
IsCharUpperA
GetMenuStringA
GetSubMenu
GetCaretPos
IsZoomed
FlashWindow
DrawMenuBar
SetMenuItemInfoA
GetDC
SetWindowPos
SetWindowLongA
RedrawWindow
wsprintfA
CharNextA
IsMenu
GetActiveWindow
LockWindowUpdate
LoadImageA
DestroyWindow
SetClassLongA
AdjustWindowRectEx
CreateIcon
SystemParametersInfoA
GetSystemMetrics
ReleaseDC
GetWindowDC
SetCursor
GetAsyncKeyState
PtInRect
FillRect
DrawFrameControl
SetMenuDefaultItem
SendDlgItemMessageA
DrawFocusRect
InflateRect
GetSysColor
CheckMenuRadioItem
GetMenuItemID
GetMenuItemCount
GetMenuItemInfoA
SetWindowTextA
ReleaseCapture
SetCapture
ClientToScreen
GetKeyState
WindowFromPoint
GetClientRect
TrackPopupMenuEx
GetCursorPos
IsDialogMessageA
EnumWindows
GetDesktopWindow
IsWindow
IsWindowEnabled
IsWindowVisible
EnableWindow
ScreenToClient
InvalidateRect
GetWindowLongA
GetWindowThreadProcessId
AttachThreadInput
SendMessageTimeoutA
GetFocus
GetWindowTextA
EnumChildWindows
CharUpperBuffA
GetClassNameA
GetParent
GetDlgCtrlID
SetForegroundWindow
IsIconic
FindWindowA
SetKeyboardState
GetKeyboardState
keybd_event
VkKeyScanA
GetKeyboardLayoutNameA
MessageBoxA
LoadStringA
DialogBoxParamA
SetRect
EndDialog
SendMessageA
MapVirtualKeyA
PostMessageA
GetWindowRect
DefWindowProcA
MoveWindow
SetFocus
PostQuitMessage
KillTimer
CreatePopupMenu
RegisterWindowMessageA
SetTimer
ShowWindow
CreateWindowExA
RegisterClassExA
LoadIconA
LoadCursorA
GetSysColorBrush
GetForegroundWindow
DestroyIcon
SetMenu
CreateMenu
GetMenu
CopyRect
IsChild
GetWindow
GetNextDlgTabItem
GetClassWord
GetDlgItem
OffsetRect
SubtractRect
EndPaint
BeginPaint
InsertMenuItemA
CopyImage
DrawTextA
GetWindowTextLengthA
DeleteMenu
FrameRect
DestroyMenu
MessageBeep

gdi32

PolyBezierTo
ExtCreatePen
StrokeAndFillPath
StrokePath
EndPath
SetPixel
CloseFigure
LineTo
AngleArc
MoveToEx
GetTextExtentPoint32A
CreateDIBSection
BitBlt
GetDIBits
CreateCompatibleBitmap
CreateDCA
GetTextFaceA
Ellipse
PolyDraw
BeginPath
Rectangle
SetViewportOrgEx
GetObjectA
DeleteDC
CreateCompatibleDC
CreateFontA
GetDeviceCaps
GetStockObject
SetBkMode
GetPixel
RoundRect
SetBkColor
SelectObject
CreatePen
CreateSolidBrush
DeleteObject
SetTextColor

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegEnumValueA
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
GetUserNameA
RegConnectRegistryA
RegEnumKeyExA
CloseServiceHandle
UnlockServiceDatabase
LockServiceDatabase
OpenSCManagerA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

SHBrowseForFolderA
SHFileOperationA
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetMalloc
Shell_NotifyIconA
ExtractIconExA
DragFinish
DragQueryFileA
DragQueryPoint
ShellExecuteA
ShellExecuteExA

ole32

CreateStreamOnHGlobal
OleSetMenuDescriptor
MkParseDisplayName
OleSetContainedObject
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
IIDFromString
StringFromIID
CLSIDFromString
OleInitialize
CreateBindCtx
CLSIDFromProgID
CoInitializeSecurity
CoCreateInstanceEx
CoSetProxyBlanket
StringFromCLSID
OleUninitialize

oleaut32

LoadRegTypeLi
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayAllocData
SafeArrayAllocDescriptorEx
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
VarR4FromDec
VariantTimeToSystemTime
VariantClear
VariantCopy
VariantInit
OleLoadPicture
GetActiveObject

Sections

.text
Size: 342KB - Virtual size: 341KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4cfd7047c152ae9bb0f3859a857ee57a

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

version

winmm

comctl32

mpr

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 342KB - Virtual size: 341KB

.rdata Size: 37KB - Virtual size: 36KB

.data Size: 9KB - Virtual size: 72KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 342KB - Virtual size: 341KB

.rdata
Size: 37KB - Virtual size: 36KB

.data
Size: 9KB - Virtual size: 72KB

.rsrc
Size: 26KB - Virtual size: 26KB