38dbfc770f6718257e2372fb5ab3b0fe7baa47290c9e3c4e0543199aaf7adeba

Sharing

Copy URL Twitter E-mail

General

Target

38dbfc770f6718257e2372fb5ab3b0fe7baa47290c9e3c4e0543199aaf7adeba
Size

2.3MB
MD5

87d25524eda979aaccffa2dc0c38368d
SHA1

ac1239efd7d49d2eae4e607172e3513d0a8d8ff5
SHA256

38dbfc770f6718257e2372fb5ab3b0fe7baa47290c9e3c4e0543199aaf7adeba
SHA512

5c17ca4c4742b245d889d2d2313bd72bd20dee76fed5de9259fc2ac748f946e731dbe2e11897a0e24002b5b7cff9048fb216754ed4c61867640b543f0bfc6d93
SSDEEP

49152:CX0N37H/tKLxavrOKXebfdI1P7vfJB8dy1Xm4YbpPlToOvzVh:Ckh7H/t8xAOKXebfd+gdy1Xm4Yb3o6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38dbfc770f6718257e2372fb5ab3b0fe7baa47290c9e3c4e0543199aaf7adeba

Files

38dbfc770f6718257e2372fb5ab3b0fe7baa47290c9e3c4e0543199aaf7adeba
.exe windows:5 windows x86 arch:x86

d7c9a75e90fe8fe4928f021c6991efd9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceExW
IsDebuggerPresent
IsProcessorFeaturePresent
RtlUnwind
GetSystemTimeAsFileTime
ExitThread
GetCommandLineA
VirtualAlloc
VirtualQuery
ExitProcess
GetModuleHandleExW
HeapQueryInformation
SetStdHandle
GetFileType
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetTimeZoneInformation
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
LCMapStringW
OutputDebugStringW
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
VirtualProtect
SearchPathA
GetProfileIntA
GetTempFileNameA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
GetTickCount
SetErrorMode
GetWindowsDirectoryA
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
UnlockFile
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
GetCurrentDirectoryA
GetACP
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetThreadLocale
FileTimeToSystemTime
LocalAlloc
FileTimeToLocalFileTime
GetCurrentProcessId
WritePrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetCurrentThread
ResumeThread
SetThreadPriority
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
LoadLibraryW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
FreeResource
FreeLibrary
GetSystemDirectoryW
EncodePointer
OutputDebugStringA
CopyFileA
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
InitializeCriticalSectionAndSpinCount
RaiseException
GetProcessHeap
HeapSize
HeapReAlloc
DecodePointer
InterlockedIncrement
GetLastError
HeapFree
HeapAlloc
DeleteCriticalSection
InitializeCriticalSection
ResetEvent
SetEvent
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
CreateEventA
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetPrivateProfileStringA
FindResourceW
GetModuleHandleA
GetModuleFileNameA
lstrlenA
lstrcpyA
FormatMessageA
GetSystemInfo
SetFilePointer
SizeofResource
LoadResource
WaitForSingleObject
TerminateProcess
LocalFree
GetProcAddress
LockResource
CreateFileA
CreateDirectoryA
WinExec
CloseHandle
WriteFile
Sleep
IsValidCodePage
CreateThread

user32

GetUpdateRect
SubtractRect
CreateMenu
DestroyCursor
GetWindowRgn
InvalidateRgn
CopyAcceleratorTableA
LoadCursorW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
CharUpperA
DestroyIcon
InvalidateRect
KillTimer
SetTimer
DeleteMenu
CopyImage
SystemParametersInfoA
InflateRect
GetMenuItemInfoA
DestroyMenu
RealChildWindowFromPoint
LoadCursorA
GetSysColorBrush
OffsetRect
CharNextA
FillRect
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
MapDialogRect
SetWindowContextHelpId
SetCursor
ShowOwnedPopups
PostQuitMessage
GetCursorPos
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetLastActivePopup
GetTopWindow
GetClassLongA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxA
AdjustWindowRectEx
GetWindowRect
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetMenuDefaultItem
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
IsClipboardFormatAvailable
SetMenu
GetMenu
GetCapture
GetKeyState
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
IsDialogMessageA
GetWindow
SetWindowLongA
GetWindowLongA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
IsWindowEnabled
SetFocus
GetDlgCtrlID
SendDlgItemMessageA
CheckDlgButton
GetDlgItem
SetWindowPos
MoveWindow
ShowWindow
IsWindow
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
CopyIcon
GetDoubleClickTime
SetClassLongA
GetMessageA
TranslateMessage
DispatchMessageA
SetCursorPos
DestroyAcceleratorTable
GetMenuState
GetMenuStringA
UnregisterClassA
PeekMessageA
GetWindowThreadProcessId
GetClassNameA
GetParent
PostMessageA
GetClientRect
DrawIcon
GetSystemMetrics
EnableWindow
IsIconic
SendMessageA
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
LockWindowUpdate
MapVirtualKeyExA
IntersectRect
IsCharLowerA
GetKeyboardLayout
IsZoomed
GetComboBoxInfo
LoadMenuW
TrackMouseEvent
TranslateMDISysAccel
SetRect
DefFrameProcA
DrawMenuBar
FrameRect
CharUpperBuffA
TrackPopupMenu
ModifyMenuA
MonitorFromPoint
UpdateLayeredWindow
IsMenu
SetWindowRgn
DrawFrameControl
DrawEdge
LoadImageW
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
PostThreadMessageA
SetParent
GetSystemMenu
UnionRect
GetKeyNameTextA
MapVirtualKeyA
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
GetIconInfo
DrawIconEx
DrawFocusRect
RegisterClipboardFormatA
ReuseDDElParam
UnpackDDElParam
LoadImageA
SetRectEmpty
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
GetMenuDefaultItem
CreatePopupMenu
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
SetScrollPos
DefMDIChildProcA

gdi32

DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
CreateFontIndirectA
GetTextExtentPoint32A
DeleteDC
CreateRectRgnIndirect
GetRgnBox
CombineRgn
GetMapMode
PatBlt
SetRectRgn
DPtoLP
CreateCompatibleBitmap
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExA
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceA
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
GetObjectA
SetTextColor
SetBkColor
CreateBitmap
GetDeviceCaps
CreateDCA
GetTextMetricsA
CopyMetaFileA

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey

shell32

DragQueryFileA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteA
SHBrowseForFolderA
SHAppBarMessage
DragFinish
SHGetDesktopFolder

shlwapi

StrFormatKBSizeA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW

uxtheme

DrawThemeText
DrawThemeBackground
GetWindowTheme
GetThemeSysColor
IsAppThemed
GetThemePartSize
GetCurrentThemeName
GetThemeColor
CloseThemeData
OpenThemeData
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleGetClipboard
OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
CoRegisterMessageFilter
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoRevokeClassObject
OleUninitialize
OleInitialize
OleIsCurrentClipboard
OleFlushClipboard
CoFreeUnusedLibraries
CoInitializeEx
CreateILockBytesOnHGlobal
CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
ReleaseStgMedium
CoUninitialize
CoCreateGuid
CoCreateInstance
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes

oleaut32

OleCreateFontIndirect
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantChangeType
VariantCopy
VarBstrFromDate
SysAllocString
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysFreeString

oledlg

ord8

wininet

HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetReadFile
InternetOpenUrlA
InternetConnectA
InternetCloseHandle
InternetOpenA
InternetCrackUrlA

winmm

PlaySoundA

ws2_32

connect
recv
send
shutdown
socket
WSAGetLastError
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAResetEvent
WSAWaitForMultipleEvents
getsockname
htons
inet_addr
WSACleanup
WSAStartup
inet_ntoa
WSAIoctl
gethostbyname
ntohs
closesocket

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipBitmapLockBits

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 318KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 493KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7c9a75e90fe8fe4928f021c6991efd9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

wininet

winmm

ws2_32

oleacc

gdiplus

imm32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 318KB - Virtual size: 318KB

.data Size: 26KB - Virtual size: 55KB

.rsrc Size: 493KB - Virtual size: 496KB

.reloc Size: 120KB - Virtual size: 120KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 318KB - Virtual size: 318KB

.data
Size: 26KB - Virtual size: 55KB

.rsrc
Size: 493KB - Virtual size: 496KB

.reloc
Size: 120KB - Virtual size: 120KB