043d628425464a726d05320e9b1476a12097a37e56c18cd5313153ad8a6ab040

Sharing

Copy URL

Twitter E-mail

General

Target

043d628425464a726d05320e9b1476a12097a37e56c18cd5313153ad8a6ab040
Size

768KB
MD5

845aeb41b948fe2e8ab6d3d106f6b27e
SHA1

4da719d8caea1380b9ab5dedd7461519b7676a2f
SHA256

043d628425464a726d05320e9b1476a12097a37e56c18cd5313153ad8a6ab040
SHA512

65a62260af561f649d9516f0c1d387a25ff487660c6faade888dfc1ab5d6dd9cf695429d9276e1742ea50ee96587260f7f3ce2e40158f0b453cada2d874bcb0a
SSDEEP

12288:3twjc328K1GJqnBqnePHbJ9OCDldaaS85fPeNTfVfNhWoB+p5W:9wIdK9u8b/aRAfPaTdfJ+p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
043d628425464a726d05320e9b1476a12097a37e56c18cd5313153ad8a6ab040

Files

043d628425464a726d05320e9b1476a12097a37e56c18cd5313153ad8a6ab040
.exe windows:4 windows x86 arch:x86

b548f07bd8a0a74ae9ff373d3b5aafde

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetFileType
IsBadReadPtr
IsBadCodePtr
SetHandleCount
SetStdHandle
CompareStringW
SetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetProfileStringA
InterlockedExchange
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
Sleep
IsBadWritePtr
GetCurrentProcess
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetACP
HeapSize
HeapReAlloc
GetTimeZoneInformation
ExitThread
CreateThread
TerminateProcess
HeapAlloc
ExitProcess
GetCommandLineA
GetStartupInfoA
RaiseException
HeapFree
RtlUnwind
SetErrorMode
CopyFileA
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetCurrentDirectoryA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
SizeofResource
GlobalFlags
GetProfileIntA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
lstrlenW
SetLastError
GlobalReAlloc
GlobalSize
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFullPathNameA
GetTempFileNameA
GetFileAttributesA
GetTickCount
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
CloseHandle
GetCurrentThread
lstrcmpA
lstrcpynA
MulDiv
InterlockedIncrement
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LockResource
GetModuleFileNameA
GetCurrentThreadId
InterlockedDecrement
GetVersion
GlobalAlloc
CompareStringA
FindResourceA
LoadResource
GetModuleHandleA
GetLastError
FormatMessageA
LocalFree
FreeLibrary
LoadLibraryA
GlobalLock
GlobalUnlock
WideCharToMultiByte
MultiByteToWideChar
GetLocaleInfoA
GetLogicalDriveStringsA
GetDriveTypeA
FindCloseChangeNotification
FindFirstChangeNotificationA
FindNextChangeNotification
FindFirstFileA
FindClose
ExpandEnvironmentStringsA
GetLongPathNameA
lstrcmpiA
lstrcpyA
lstrcatA
lstrlenA
GlobalFree
SetEvent
WaitForSingleObject
WaitForMultipleObjects
LoadLibraryExA
GetProcAddress

user32

BeginPaint
GetWindowDC
IsClipboardFormatAvailable
MapDialogRect
SetWindowContextHelpId
LoadStringA
GetMessageA
ValidateRect
ShowOwnedPopups
PostQuitMessage
SetCursorPos
IsZoomed
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
DestroyMenu
TranslateAcceleratorA
LoadAcceleratorsA
SetRect
DestroyCursor
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
ShowWindow
MoveWindow
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetMessageTime
GetForegroundWindow
SetWindowPos
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
GetAsyncKeyState
CallWindowProcA
MessageBeep
SetWindowsHookExA
TrackPopupMenuEx
UnhookWindowsHookEx
CallNextHookEx
SetMenu
EndPaint
SendMessageA
GetSystemMenu
UpdateWindow
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
DispatchMessageA
TranslateMessage
GetMenu
SetActiveWindow
SetCursor
WindowFromPoint
RegisterWindowMessageA
GetClassNameA
IntersectRect
SetWindowLongA
ReleaseCapture
SetMenuDefaultItem
KillTimer
SetTimer
GetCursorPos
GetDesktopWindow
SetCapture
GetDlgItem
DrawTextA
CharNextA
TabbedTextOutA
GrayStringA
IsRectEmpty
SetParent
GetSysColorBrush
GetTabbedTextExtentA
CharUpperA
GetDCEx
LockWindowUpdate
PostThreadMessageA
EnableMenuItem
CheckMenuRadioItem
CheckMenuItem
GetDC
ReleaseDC
GetWindowLongA
LoadMenuA
GetMessagePos
ScreenToClient
PtInRect
GetFocus
FillRect
FrameRect
DrawFocusRect
MapVirtualKeyA
GetKeyNameTextA
CopyAcceleratorTableA
SetMenuItemInfoA
LoadBitmapA
CopyRect
DrawEdge
OffsetRect
DrawStateA
SystemParametersInfoA
GetWindow
InvalidateRect
PeekMessageA
GetSysColor
IsWindow
PostMessageA
RegisterClipboardFormatA
GetWindowRect
DestroyIcon
GetSystemMetrics
GetParent
ClientToScreen
GetKeyState
GetClientRect
GetMenuItemID
GetMenuItemCount
ModifyMenuA
CreatePopupMenu
GetMenuStringA
GetSubMenu
GetMenuItemInfoA
DeleteMenu
AppendMenuA
InsertMenuA
CreateMenu
InvertRect
InflateRect
UnregisterClassA
RegisterClassExA
GetClassInfoExA
LoadCursorA
LoadImageA
LoadIconA
DefWindowProcA
SetForegroundWindow
IsIconic
GetLastActivePopup
FindWindowA
RedrawWindow
SetRectEmpty
GetNextDlgGroupItem
EnableWindow
SetWindowTextA

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
LPtoDP
GetMapMode
SetRectRgn
CreatePatternBrush
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetWindowOrgEx
CopyMetaFileA
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
GetCurrentPositionEx
SetTextAlign
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
CombineRgn
GetTextExtentPoint32A
RestoreDC
SaveDC
CreateFontA
GetCharWidthA
StretchDIBits
GetTextMetricsA
DeleteDC
CreateDCA
SetAbortProc
StartDocA
StartPage
EndPage
EndDoc
AbortDoc
GetViewportOrgEx
CreatePen
GetStockObject
GetDeviceCaps
SetBkColor
SetTextColor
GetClipBox
DPtoLP
CreateRectRgnIndirect
GetTextColor
GetBkColor
CreateSolidBrush
CreateCompatibleBitmap
CreateBitmap
PatBlt
Ellipse
GetObjectA
CreateCompatibleDC
SelectObject
BitBlt
CreateFontIndirectA
GetTextExtentPointA
CreateDIBitmap
DeleteObject
Rectangle
SetBkMode

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA
CommDlgExtendedError
PrintDlgA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyA
RegSetValueA
RegEnumValueA

shell32

ExtractIconA
DragFinish
DragAcceptFiles
DragQueryPoint
SHFileOperationA
ShellExecuteExA
ExtractIconExA
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetFileInfoA
SHGetMalloc
DragQueryFileA

comctl32

ImageList_GetImageInfo
ImageList_Draw
ImageList_GetIcon
ImageList_DrawEx
ImageList_SetBkColor
ImageList_GetImageCount
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_DragEnter
ImageList_BeginDrag
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_EndDrag
ord17
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Remove

oledlg

ord8

ole32

StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRevokeClassObject
CoGetClassObject
CoRegisterMessageFilter
DoDragDrop
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CreateILockBytesOnHGlobal
OleFlushClipboard
OleGetClipboard
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoCreateInstance
ReleaseStgMedium
CoTaskMemAlloc
CreateStreamOnHGlobal
OleDuplicateData
OleIsCurrentClipboard

olepro32

ord253

oleaut32

VariantClear
VariantCopy
VariantInit
SysFreeString
SysAllocString
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SysAllocStringByteLen
VariantChangeType
VarDateFromStr
VarBstrFromDate
VariantTimeToSystemTime
SysStringLen

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 556KB - Virtual size: 553KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b548f07bd8a0a74ae9ff373d3b5aafde

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

version

Sections

.text Size: 556KB - Virtual size: 553KB

.rdata Size: 108KB - Virtual size: 106KB

.data Size: 56KB - Virtual size: 72KB

.rsrc Size: 44KB - Virtual size: 42KB

.text
Size: 556KB - Virtual size: 553KB

.rdata
Size: 108KB - Virtual size: 106KB

.data
Size: 56KB - Virtual size: 72KB

.rsrc
Size: 44KB - Virtual size: 42KB