2d954a564b8a150fe0556d06a9a1abfae6b7940db0ed2346573fbaf03f77d748

Sharing

Copy URL

Twitter E-mail

General

Target

2d954a564b8a150fe0556d06a9a1abfae6b7940db0ed2346573fbaf03f77d748
Size

2.0MB
MD5

ade9671f87b7299d56ca9bd264e2dfb6
SHA1

4a6e9c1db1f5e71fced8250aeeefcb4c6a3eed73
SHA256

2d954a564b8a150fe0556d06a9a1abfae6b7940db0ed2346573fbaf03f77d748
SHA512

2bd3df75f7e338bb469ca0872814a9ed5ec9e9bdf279108809c88047255c22543764880ac655103fcd60dbf926b798c7c3f0dee441104058682fd7daa45ace32
SSDEEP

49152:lU0NATOxbVgUDi7yqt/OoZ5taD2468HIu9Vdpw7nJdsvelX:y5TabmUDAyqJOA5tn4zHIKVdpw7n/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2d954a564b8a150fe0556d06a9a1abfae6b7940db0ed2346573fbaf03f77d748

Files

2d954a564b8a150fe0556d06a9a1abfae6b7940db0ed2346573fbaf03f77d748
.dll windows:6 windows x86 arch:x86

18f164e03126b6e0effac7a374173d8a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetConsoleOutputCP
GetStdHandle
SetFilePointerEx
GetFileType
SetStdHandle
QueryPerformanceFrequency
VirtualQuery
GetSystemInfo
HeapQueryInformation
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
ExitProcess
InterlockedFlushSList
RtlUnwind
GetCPInfo
GetStringTypeW
LCMapStringEx
RaiseException
OutputDebugStringW
GetConsoleMode
FlsAlloc
FlsGetValue
FlsSetValue
LCMapStringW
IsValidLocale
EnumSystemLocalesW
ReadConsoleW
GetTimeZoneInformation
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
FlsFree
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetUserDefaultLCID
GetTempFileNameW
SearchPathW
GetProfileIntW
GetTickCount64
GetTempPathW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
FindResourceExW
lstrcpyW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
FileTimeToSystemTime
VirtualProtect
GlobalGetAtomNameW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
CompareStringW
GlobalFindAtomW
LoadLibraryA
GetSystemDirectoryW
EncodePointer
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalSize
GlobalAddAtomW
GetCurrentProcessId
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryW
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
GetVersionExW
GetCurrentThread
SetLastError
OutputDebugStringA
ResumeThread
SetThreadPriority
GetCurrentThreadId
CreateProcessA
GetTempPathA
OpenProcess
WinExec
WideCharToMultiByte
DeleteFileA
GetTickCount
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
FindResourceW
LoadResource
GetModuleFileNameA
CreateThread
CloseHandle
HeapReAlloc
LockResource
GetFileAttributesA
GetLastError
Sleep
MultiByteToWideChar
HeapSize
GetModuleHandleA
WaitForSingleObject
InitializeCriticalSectionEx
LeaveCriticalSection
VirtualAlloc
EnterCriticalSection
HeapFree
SizeofResource
GetModuleHandleExW
WriteConsoleW

user32

LoadImageW
InsertMenuItemW
CreatePopupMenu
LoadMenuW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
IntersectRect
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
OffsetRect
SetRectEmpty
SendDlgItemMessageA
InflateRect
GetMenuItemInfoW
DestroyMenu
CharUpperW
DestroyIcon
GetSysColorBrush
GetSystemMetrics
LoadCursorW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
FillRect
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
InvalidateRect
KillTimer
SetTimer
RealChildWindowFromPoint
GetDesktopWindow
ClientToScreen
DeleteMenu
SystemParametersInfoW
CopyImage
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
GetScrollInfo
SetScrollInfo
LoadIconW
GetWindow
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
CloseClipboard
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
SetClipboardData
EmptyClipboard
DrawStateW
MessageBoxA
GetLastInputInfo
GetMessageW
TranslateMessage
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
UnpackDDElParam
ReuseDDElParam
TrackMouseEvent
GetKeyNameTextW
MapVirtualKeyW
UnionRect
IsRectEmpty
GetSystemMenu
SetParent
GetNextDlgGroupItem
DrawFocusRect
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
GetMenuDefaultItem
SetLayeredWindowAttributes
EnumDisplayMonitors
WinHelpW
DispatchMessageW
PeekMessageW
SendMessageW
IsWindowVisible
GetActiveWindow
GetKeyState
GetDoubleClickTime
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
PostMessageW
PostQuitMessage
ShowOwnedPopups
SetCursor
EnableWindow
IsWindowEnabled
MessageBoxW
GetWindowLongW
GetParent
GetWindowThreadProcessId
GetLastActivePopup
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
UnhookWindowsHookEx
RegisterWindowMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
SetClassLongW
SetWindowRgn
DrawEdge
DrawFrameControl
IsWindow
IsMenu
OpenClipboard
IsZoomed
SetCursorPos
CopyIcon
FrameRect
DrawIcon
SetRect
LockWindowUpdate
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
PostThreadMessageW
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetMenuDefaultItem
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffW
RegisterClipboardFormatW
ModifyMenuW
SetPropW

gdi32

LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
IntersectClipRect
GetTextMetricsW
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
DeleteObject
GetObjectW
SetTextColor
SetBkColor
CreateBitmap
GetDeviceCaps
CreateDCW
CopyMetaFileW
CreateCompatibleBitmap
ExcludeClipRect
DeleteDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueExW
CryptGetHashParam
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
CryptReleaseContext
RegOpenKeyExW
RegCloseKey
CryptDestroyKey
CryptAcquireContextW
CryptDecrypt
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptSetKeyParam
CryptImportKey

shell32

SHGetFileInfoW
ShellExecuteW
DragQueryFileW
DragFinish
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHAppBarMessage
SHBrowseForFolderW
SHGetDesktopFolder
SHGetFolderPathA

shlwapi

PathFindExtensionW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW
PathIsUNCW
PathFindFileNameW

uxtheme

GetThemeColor
GetThemeSysColor
GetWindowTheme
IsAppThemed
GetThemePartSize
GetCurrentThemeName
DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
OpenThemeData
CloseThemeData

ole32

OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString
SysFreeString
LoadTypeLi
VariantCopy
VarBstrFromDate
VariantChangeType
VariantClear
SysAllocStringLen
VariantInit

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream

crypt32

CryptStringToBinaryA

ws2_32

WSACleanup
closesocket
getaddrinfo
WSAStartup
socket
connect
recv
freeaddrinfo

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Exports

Exports

Init

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fptable
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18f164e03126b6e0effac7a374173d8a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

crypt32

ws2_32

oleacc

imm32

winmm

Exports

Exports

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 332KB - Virtual size: 332KB

.data Size: 23KB - Virtual size: 40KB

.fptable Size: 512B - Virtual size: 128B

Size: 14KB - Virtual size: 14KB

.reloc Size: 136KB - Virtual size: 135KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 332KB - Virtual size: 332KB

.data
Size: 23KB - Virtual size: 40KB

.fptable
Size: 512B - Virtual size: 128B

.reloc
Size: 136KB - Virtual size: 135KB

.rsrc
Size: 13KB - Virtual size: 12KB