c2838a2c42608cbe1c7dec098c69b71d54ccf44125f3643292d67f00ec9748b6

Sharing

Copy URL

Twitter E-mail

General

Target

c2838a2c42608cbe1c7dec098c69b71d54ccf44125f3643292d67f00ec9748b6
Size

483KB
MD5

c462f971990e8d87fd0a3a035a696945
SHA1

00b8411bfec36bba091ae78bc483215175a31a7f
SHA256

c2838a2c42608cbe1c7dec098c69b71d54ccf44125f3643292d67f00ec9748b6
SHA512

94bd4ab81bdddcd0690d397c260f6cebde0ff08139902b44787544ad56a82d3357341f19145144300b09a3bc1499d913bd431f5adcdc39da35950c47d9039e1a
SSDEEP

12288:cgf29cTBC3dcYxMk7GWNks0jTKADcyrQL7c:3VNYnGLs0/xDcy8o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/390868f54adfd09d97e28c7a19d520d951e67a6ec7d5c4c23b3fc80d3c89a097

Files

c2838a2c42608cbe1c7dec098c69b71d54ccf44125f3643292d67f00ec9748b6
.zip
390868f54adfd09d97e28c7a19d520d951e67a6ec7d5c4c23b3fc80d3c89a097
.dll regsvr32 windows:4 windows x86 arch:x86

8410d8aecb7e07722a55d18b11080925

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFileAttributesA
GetFileAttributesA
GetFileTime
SetErrorMode
GetTickCount
HeapAlloc
HeapFree
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
GetCommandLineA
GetProcessHeap
RaiseException
ExitThread
CreateThread
SetStdHandle
GetFileType
HeapSize
FatalAppExitA
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
SetFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
GetACP
GetTimeZoneInformation
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
SetConsoleCtrlHandler
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
LocalFileTimeToFileTime
FileTimeToLocalFileTime
CreateFileA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
GetCurrentDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetOEMCP
GetCPInfo
GlobalFlags
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
GetAtomNameA
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
GetModuleFileNameW
GetCurrentProcessId
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
GetCurrentThread
ConvertDefaultLocale
GetModuleFileNameA
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcmpW
GetVersionExA
GetModuleHandleA
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
SetLastError
CreateDirectoryA
ExitProcess
LoadLibraryA
GetProcAddress
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
lstrlenA
lstrcmpiW
lstrcmpiA
CompareStringW
CompareStringA
lstrlenW
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
WideCharToMultiByte
MultiByteToWideChar
TerminateProcess
InterlockedExchange

user32

IsRectEmpty
SetRect
InvalidateRgn
GetNextDlgGroupItem
UnregisterClassA
TranslateAcceleratorA
SetMenu
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
RegisterClipboardFormatA
GetKeyNameTextA
MapVirtualKeyA
SetParent
UnionRect
PostThreadMessageA
GetDCEx
LockWindowUpdate
GetMenuItemInfoA
InflateRect
SetWindowContextHelpId
MapDialogRect
GetWindowThreadProcessId
ShowOwnedPopups
SetCursor
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ScrollWindowEx
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
CopyAcceleratorTableA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
IsWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetMenu
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetParent
EqualRect
DeferWindowPos
CopyRect
GetScrollInfo
SetScrollInfo
PtInRect
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringA
CharNextA
DestroyIcon
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
DeleteMenu
GetDialogBaseUnits
GetSysColorBrush
GetClassLongA
DestroyMenu
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
LoadCursorA
UpdateWindow
LoadBitmapA
MessageBeep
GetSystemMetrics
LoadIconA
GetClientRect
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
GetWindowRect
GetSysColor
EnableWindow
KillTimer
SetTimer
InvalidateRect
PostMessageA
CharUpperW
CharUpperA
CharLowerW
CharLowerA
GetDlgItem

gdi32

GetCurrentPositionEx
ArcTo
PolyDraw
PtVisible
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBitmap
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateHatchBrush
GetDCOrgEx
ScaleWindowExtEx
GetTextExtentPoint32A
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetTextMetricsA
GetBkColor
GetTextColor
GetRgnBox
CreateCompatibleBitmap
GetCharWidthA
StretchDIBits
StartDocA
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
CreateFontIndirectA
CreateSolidBrush
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
GetDeviceCaps
BitBlt
CreateCompatibleDC
GetObjectA
CreateFontA
RectVisible

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegSetValueA
RegCloseKey
RegCreateKeyA

shell32

SHGetFileInfoA
DragFinish
DragQueryFileA
ExtractIconA

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleRun
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
StringFromGUID2
CoCreateInstance
CoDisconnectObject
CLSIDFromString
CoRegisterClassObject
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CoRevokeClassObject
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CreateStreamOnHGlobal
CLSIDFromProgID

oleaut32

LoadTypeLi
SysAllocString
OleCreateFontIndirect
VarBstrFromDate
VarCyFromStr
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarDateFromStr
SysReAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysStringLen

winmm

PlaySoundA

Exports

Exports

DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 632KB - Virtual size: 630KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 4KB - Virtual size: 793B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8410d8aecb7e07722a55d18b11080925

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

winmm

Exports

Exports

Sections

.text Size: 632KB - Virtual size: 630KB

.rdata Size: 132KB - Virtual size: 130KB

.data Size: 16KB - Virtual size: 31KB

.idata Size: 16KB - Virtual size: 15KB

.didat Size: 4KB - Virtual size: 793B

.rsrc Size: 176KB - Virtual size: 175KB

.reloc Size: 44KB - Virtual size: 40KB

.text
Size: 632KB - Virtual size: 630KB

.rdata
Size: 132KB - Virtual size: 130KB

.data
Size: 16KB - Virtual size: 31KB

.idata
Size: 16KB - Virtual size: 15KB

.didat
Size: 4KB - Virtual size: 793B

.rsrc
Size: 176KB - Virtual size: 175KB

.reloc
Size: 44KB - Virtual size: 40KB