37089ba27d1da2b5c5f82a279b7e788812fe08e949cacb57ffd36787e272a564

Sharing

Copy URL

Twitter E-mail

General

Target

37089ba27d1da2b5c5f82a279b7e788812fe08e949cacb57ffd36787e272a564
Size

2.1MB
MD5

1243e5e81cb21ddf683f72e127626112
SHA1

0c7690034493e4f4256ca5c1b19cada401835155
SHA256

37089ba27d1da2b5c5f82a279b7e788812fe08e949cacb57ffd36787e272a564
SHA512

4a4e04bb6e432341d008df2f6c697ccfb2ed4163bc9b6f37f81df0595dcc07526c162952cb7ab9627fad277ce3ce75632f66cfd7c5c97b53f40367a65aa9d19a
SSDEEP

49152:i7atwtvTih43KsVr+mI2KsfxwZVEYv+JsDb0RTABgee6Hs:i7FtvT046st+KPxwZFv+JsMEOb6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37089ba27d1da2b5c5f82a279b7e788812fe08e949cacb57ffd36787e272a564

Files

37089ba27d1da2b5c5f82a279b7e788812fe08e949cacb57ffd36787e272a564
.exe windows:5 windows x86 arch:x86

f77c28ba73364a378bad9a475af32a03

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeExA
lstrcmpiA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetShortPathNameA
GetTempPathA
GetModuleHandleW
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
VirtualProtect
SetErrorMode
FindResourceExA
HeapFree
HeapAlloc
GetCommandLineA
GetStartupInfoA
RtlUnwind
RaiseException
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
CreateThread
GetSystemTimeAsFileTime
HeapReAlloc
ExitProcess
HeapSize
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStdHandle
HeapCreate
VirtualFree
GetACP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CompareStringW
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MoveFileA
GetProcessHeap
SetEnvironmentVariableA
SleepEx
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
GetSystemDirectoryA
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
LocalAlloc
GlobalFlags
FileTimeToSystemTime
GetThreadLocale
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetTickCount
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
CopyFileA
FormatMessageA
LocalFree
lstrlenW
MulDiv
WaitForSingleObject
ResumeThread
SetThreadPriority
InterlockedDecrement
GetModuleFileNameW
GetModuleFileNameA
GetFileSize
DeleteCriticalSection
InitializeCriticalSection
GlobalAlloc
GlobalReAlloc
GlobalFree
GlobalSize
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
FreeResource
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
FreeLibrary
lstrcmpW
GetVersionExA
GlobalLock
GlobalUnlock
GetCurrentProcessId
GlobalGetAtomNameA
GlobalAddAtomA
MultiByteToWideChar
Sleep
GetProfileIntA
GetFileInformationByHandle
GetDriveTypeA
SetFileTime
WriteFile
CreateDirectoryA
GetFileAttributesA
LocalFileTimeToFileTime
lstrcatA
lstrlenA
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
CloseHandle
SetFilePointer
CreateFileA
lstrcpyA
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
DeleteFileA
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetLastError
SearchPathA
SetLastError

user32

SetWindowContextHelpId
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
PostThreadMessageA
WaitMessage
ShowOwnedPopups
GetIconInfo
CharUpperBuffA
FrameRect
InvertRect
HideCaret
SetCursorPos
CopyIcon
CopyAcceleratorTableA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableA
SubtractRect
UnregisterClassA
IsClipboardFormatAvailable
GetDoubleClickTime
EnumChildWindows
CharNextA
InvalidateRgn
GetNextDlgGroupItem
DestroyCursor
DrawIcon
CreateMenu
IsCharLowerA
MapVirtualKeyExA
GetWindowRgn
GetTabbedTextExtentA
DefFrameProcA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
SetWindowsHookExA
CallNextHookEx
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
MessageBoxA
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
ValidateRect
SetWindowPlacement
DefWindowProcA
MapDialogRect
PtInRect
SystemParametersInfoA
GetWindowPlacement
GetClassNameA
UnpackDDElParam
ReuseDDElParam
DestroyMenu
WinHelpA
SetWindowPos
SetFocus
GetWindowThreadProcessId
GetActiveWindow
IsWindowEnabled
EndPaint
GetDlgItem
SetWindowLongA
GetDlgCtrlID
GetKeyState
LoadIconA
SetCursor
PeekMessageA
ReleaseCapture
LoadAcceleratorsA
SetActiveWindow
IsIconic
InsertMenuItemA
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
GetClassInfoA
IntersectRect
OffsetRect
GetMenu
GetLastActivePopup
BringWindowToTop
SetMenu
GetDesktopWindow
ShowWindow
GetWindowLongA
TranslateAcceleratorA
IsWindow
DestroyWindow
GetClassLongA
SetParent
GetTopWindow
GetCapture
IsWindowVisible
SetWindowRgn
IsZoomed
PostMessageA
CopyRect
GetWindow
GetParent
SetRectEmpty
GetSysColorBrush
SetClassLongA
RegisterClipboardFormatA
GetMenuStringA
GetMenuItemInfoA
MapVirtualKeyA
DefMDIChildProcA
ReleaseDC
GetDC
LockWindowUpdate
GetUpdateRect
UnionRect
SetRect
EmptyClipboard
CloseClipboard
SetClipboardData
DestroyIcon
GetKeyNameTextA
CopyImage
OpenClipboard
FillRect
IsRectEmpty
DrawStateA
SetMenuDefaultItem
DrawIconEx
IsMenu
GetMenuDefaultItem
AppendMenuA
PostQuitMessage
DrawFocusRect
DrawFrameControl
DrawEdge
InsertMenuA
CallWindowProcA
RemoveMenu
CharUpperA
GetAsyncKeyState
NotifyWinEvent
GetCursorPos
MessageBeep
LoadCursorA
WindowFromPoint
SetCapture
KillTimer
SetTimer
BeginPaint
GetWindowDC
wsprintfA
RedrawWindow
GetSystemMetrics
LoadImageA
ClientToScreen
GetFocus
IsChild
EnableWindow
LoadBitmapA
GetSysColor
InflateRect
GetWindowRect
UpdateWindow
InvalidateRect
GetClientRect
ScreenToClient
SendMessageA
GetSubMenu
LoadMenuA
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UpdateLayeredWindow
EnableScrollBar
DestroyAcceleratorTable
GetMessageA
EqualRect
TranslateMessage
GetSystemMenu
DeleteMenu
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CheckDlgButton
TranslateMDISysAccel
SetScrollInfo
DrawMenuBar

gdi32

GetTextMetricsA
ExtTextOutA
CreateDIBSection
SetPixel
GetPixel
StretchBlt
CombineRgn
CreateRectRgn
SelectPalette
RealizePalette
SaveDC
GetStockObject
GetTextExtentPoint32A
DeleteObject
CreateFontIndirectA
GetDIBits
PatBlt
BitBlt
SetDIBColorTable
SelectObject
GetObjectA
RestoreDC
DeleteDC
GetTextColor
CreateRectRgnIndirect
CreateRoundRectRgn
CreatePen
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateCompatibleBitmap
SetPixelV
GetSystemPaletteEntries
GetNearestPaletteIndex
EnumFontFamiliesExA
GetTextExtentPointA
GetTextFaceA
GetTextAlign
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetNearestColor
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetWindowOrgEx
SetPaletteEntries
GetPaletteEntries
CreatePalette
ExtFloodFill
LPtoDP
GetViewportOrgEx
GetRgnBox
OffsetRgn
GetCharWidthA
RoundRect
Rectangle
EndDoc
AbortDoc
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetAbortProc
EndPage
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
StartDocA
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
GetObjectType
GetDeviceCaps
CreateSolidBrush
CreateHatchBrush
SetRectRgn
GetMapMode
DPtoLP
CopyMetaFileA
CreateDCA
CreateEllipticRgn
CreatePolygonRgn
GetBkColor
Polyline
Ellipse
Polygon
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
StartPage
CreateCompatibleDC

shell32

ExtractIconA
SHGetPathFromIDListA
SHGetMalloc
SHGetFileInfoA
SHAppBarMessage
DragQueryFileA
DragFinish
ShellExecuteA
SHBrowseForFolderA

oleaut32

VariantClear
SysAllocStringByteLen
SysStringLen
VariantCopy
SysAllocString
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysFreeString
SysAllocStringLen
VariantChangeType
VariantInit

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_GetImageCount
ImageList_Destroy
ImageList_DrawEx
InitCommonControlsEx

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW

oledlg

ord8

gdiplus

GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCloneImage
GdipGetImagePalette

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetJobA

comdlg32

GetFileTitleA

advapi32

CryptEncrypt
CryptImportKey
CryptAcquireContextA
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptDestroyKey
RegCreateKeyA
RegEnumKeyExA
RegCloseKey
RegSetValueA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
CryptReleaseContext

ole32

CreateStreamOnHGlobal
CoTaskMemFree
CLSIDFromProgID
CLSIDFromString
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
OleUninitialize
CoFreeUnusedLibraries
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoInitializeEx
CoUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
CoRevokeClassObject
CoGetClassObject
OleLockRunning
OleGetClipboard
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CoCreateInstance
OleInitialize

wldap32

ord32
ord46
ord41
ord27
ord301
ord33
ord79
ord35
ord50
ord200
ord30
ord26
ord60
ord143
ord211
ord22

ws2_32

recv
select
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup
send
WSAIoctl
setsockopt
getsockname
ntohs
listen
bind
htons
getsockopt
getpeername
closesocket
socket
connect
freeaddrinfo
getaddrinfo
sendto
recvfrom
accept
gethostname
ioctlsocket

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 343KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f77c28ba73364a378bad9a475af32a03

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

oleaut32

msimg32

comctl32

shlwapi

oledlg

gdiplus

oleacc

imm32

winmm

winspool.drv

comdlg32

advapi32

ole32

wldap32

ws2_32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 343KB - Virtual size: 343KB

.data Size: 26KB - Virtual size: 53KB

.rsrc Size: 107KB - Virtual size: 108KB

.reloc Size: 162KB - Virtual size: 162KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 343KB - Virtual size: 343KB

.data
Size: 26KB - Virtual size: 53KB

.rsrc
Size: 107KB - Virtual size: 108KB

.reloc
Size: 162KB - Virtual size: 162KB