9b87554944ae46116e9c3418b0d3af7961efbedcadfd21b812264fa3043ddb43

Sharing

Copy URL

Twitter E-mail

General

Target

9b87554944ae46116e9c3418b0d3af7961efbedcadfd21b812264fa3043ddb43
Size

397KB
MD5

d70a36edd0d9475df90642f89c92862e
SHA1

00c8925a9ea3ae5846d662f2ff0fb26e8ced487b
SHA256

9b87554944ae46116e9c3418b0d3af7961efbedcadfd21b812264fa3043ddb43
SHA512

6173e872d5e1f0b79153b3df9e191b8664b0159d008f69253e501bde2d0ddea7b9ea4ecf9d1b15a508151ea460e9ace61d168afc709d4f7c48cab11f201c94ce
SSDEEP

12288:+LfZJA+7IFazd7cZdPJ6FTltnlcILFY6s1B:yfNIFaI8FTl5Lv0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/4a51a4936a3a5d5005a9ede6d961c9155a70f5d149d431737813b189115b7743

Files

9b87554944ae46116e9c3418b0d3af7961efbedcadfd21b812264fa3043ddb43
.zip
4a51a4936a3a5d5005a9ede6d961c9155a70f5d149d431737813b189115b7743
.dll regsvr32 windows:4 windows x86 arch:x86

066d4e2c6288c042d958ddc93cfa07f1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapCreate
VirtualFree
IsBadWritePtr
GetTimeZoneInformation
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
HeapDestroy
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
HeapSize
TerminateProcess
InterlockedExchange
HeapReAlloc
GetCommandLineA
GetDateFormatA
GetTimeFormatA
GetDriveTypeA
SetCurrentDirectoryA
SetEnvironmentVariableA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapAlloc
RtlUnwind
HeapFree
GetTickCount
GetCurrentDirectoryA
LocalFileTimeToFileTime
GetShortPathNameA
CreateFileA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
SystemTimeToFileTime
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
CloseHandle
GetCurrentThread
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcmpA
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
lstrcpyA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
InterlockedDecrement
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
GetModuleHandleA
GetProcAddress
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
LoadResource
LockResource
SizeofResource
FindResourceA
ExitProcess
GetLastError
GetComputerNameA
lstrlenA
lstrcmpiA
GetStringTypeExA
WideCharToMultiByte
CompareStringA
CompareStringW
MultiByteToWideChar
GetVersion
GetThreadLocale
GetLocaleInfoA
GetACP
GetVersionExA
GetSystemTimeAsFileTime

user32

LockWindowUpdate
GetDCEx
SetWindowRgn
DrawIcon
FindWindowA
DestroyIcon
GetMenuItemInfoA
GetSysColorBrush
WindowFromPoint
KillTimer
SetTimer
SetRect
SetParent
GetSystemMenu
DeleteMenu
IsRectEmpty
LoadCursorA
DestroyCursor
SetCursorPos
SetCapture
RedrawWindow
InflateRect
IsZoomed
LoadMenuA
DestroyMenu
UnpackDDElParam
ReuseDDElParam
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorA
wsprintfA
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
ShowOwnedPopups
SetCursor
PostQuitMessage
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
IsWindowEnabled
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
IsWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
LoadIconA
PeekMessageA
MapWindowPoints
ScrollWindow
MessageBoxA
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetClientRect
GetMenu
PostMessageA
GetSysColor
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoA
RegisterClassA
UnregisterClassA
RegisterClipboardFormatA
DefWindowProcA
CallWindowProcA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSystemMetrics
CopyRect
PtInRect
GetWindow
GetDlgCtrlID
GetTabbedTextExtentA
PostThreadMessageA
CreateMenu
SetDlgItemTextA
CopyAcceleratorTableA
GetFocus
IsChild
GetParent
InvalidateRect
IsIconic
AdjustWindowRectEx
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
ShowWindow
UpdateWindow
LoadBitmapA
SendMessageA
GetWindowLongA
SetWindowLongA
EnableWindow
CharUpperA
SetWindowTextA

gdi32

CreateSolidBrush
CreateRectRgnIndirect
PatBlt
TextOutA
CreateCompatibleBitmap
GetTextMetricsA
GetTextExtentPoint32A
StretchDIBits
GetCharWidthA
CreateFontA
GetBkColor
GetViewportOrgEx
DPtoLP
Rectangle
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
CreateFontIndirectA
SetRectRgn
CombineRgn
CreateEllipticRgn
LPtoDP
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
GetTextFaceA
GetWindowOrgEx
RectVisible
PtVisible
StartDocA
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
CreatePen
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
Ellipse
GetDeviceCaps
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateDCA
ExtTextOutA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
PrintDlgA
CommDlgExtendedError
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetJobA

advapi32

RegCreateKeyA
RegSetValueA
RegOpenKeyA
SetFileSecurityA
GetFileSecurityA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegCloseKey

shell32

DragQueryFileA
SHGetFileInfoA
ExtractIconA
DragFinish

comctl32

ImageList_SetBkColor
ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create
ImageList_Draw
ImageList_GetImageInfo

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator

oleaut32

VariantClear
SysAllocStringLen
VariantInit
VariantChangeType

Exports

Exports

DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 304KB - Virtual size: 301KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

066d4e2c6288c042d958ddc93cfa07f1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 304KB - Virtual size: 301KB

.rdata Size: 60KB - Virtual size: 57KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 224KB - Virtual size: 223KB

.reloc Size: 64KB - Virtual size: 60KB

.text
Size: 304KB - Virtual size: 301KB

.rdata
Size: 60KB - Virtual size: 57KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 224KB - Virtual size: 223KB

.reloc
Size: 64KB - Virtual size: 60KB