f7d4f261a959d790aaca39d1ebb9f26c4623c52c074776590394216bb810ff77[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

f7d4f261a959d790aaca39d1ebb9f26c4623c52c074776590394216bb810ff77.exe
Size

6.7MB
MD5

726baf607d5d6e364c3c610230e371b8
SHA1

809f2cb846a766ff94b7fb86db7d4eab07883975
SHA256

f7d4f261a959d790aaca39d1ebb9f26c4623c52c074776590394216bb810ff77
SHA512

5494fa84d9049d75199aaf494e1a7fe72bf977853558d2ed1565530fd26345615e35eb79476bd28a187778004645597fa0960fc73085a783f97d64ff79482262
SSDEEP

98304:FRXveERYHssF12MVwjbFGzdaDMF/Qi0GyREcBhmca3wjA5Ok/OyCF:FRbRYM612MVQbF8gOOCcBhmca3w0oF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7d4f261a959d790aaca39d1ebb9f26c4623c52c074776590394216bb810ff77.exe

Files

f7d4f261a959d790aaca39d1ebb9f26c4623c52c074776590394216bb810ff77.exe
.exe windows:5 windows x86 arch:x86

a3b29a4bff6940bc8a4b34067d9c5a9c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_BeginDrag
ImageList_EndDrag
ImageList_SetIconSize
ImageList_DragMove
ImageList_DragShowNolock
ImageList_Remove
ImageList_AddMasked
ord17
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create
_TrackMouseEvent
ImageList_GetImageInfo
ImageList_Draw
ord413
ord412
ImageList_DragEnter
ord410

shlwapi

ColorRGBToHLS
ColorHLSToRGB
PathStripPathW
PathAppendW
PathFindFileNameW
PathRemoveExtensionW
PathIsDirectoryW
PathAddExtensionW
PathCombineW
AssocQueryStringW
PathMatchSpecW
PathIsRelativeW
PathGetDriveNumberW
PathCompactPathExW
PathFindExtensionW
PathFileExistsW
PathRemoveFileSpecW

shell32

SHFileOperationW
SHCreateItemFromParsingName
Shell_NotifyIconW
SHGetFolderPathW
ord165
ShellExecuteW
DragFinish
DragQueryPoint
DragQueryFileW

dbghelp

ImageNtHeader

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

crypt32

CryptQueryObject
CertGetNameStringW
CertNameToStrW
CertGetCertificateContextProperty
CertFindCertificateInStore
CertCloseStore
CryptMsgGetParam
CryptMsgClose

wintrust

WinVerifyTrust

sensapi

IsNetworkAlive
IsDestinationReachableW

wininet

InternetCrackUrlW

imm32

ImmSetCompositionStringW
ImmEscapeW
ImmGetCompositionStringW
ImmSetCompositionWindow
ImmSetCompositionFontW
ImmReleaseContext
ImmGetContext
ImmNotifyIME
ImmSetCandidateWindow

msimg32

AlphaBlend

kernel32

GlobalLock
GetCurrentDirectoryW
CreateFileW
FlushFileBuffers
SetFilePointerEx
WriteFile
CloseHandle
GetLocalTime
GlobalAlloc
FormatMessageW
GetTimeFormatEx
GetDateFormatEx
LCMapStringW
FormatMessageA
ExpandEnvironmentStringsW
SetCurrentDirectoryW
FreeLibrary
LoadResource
LockResource
SizeofResource
FindResourceW
SetEvent
ResetEvent
WaitForSingleObject
CreateEventW
CreateThread
CopyFileW
GetCurrentProcess
GetCurrentProcessId
LoadLibraryW
ReleaseMutex
CreateMutexW
Sleep
GlobalSize
lstrcpynW
WaitForMultipleObjects
CopyFileExW
GetSystemInfo
GetVersionExW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetTempPathW
DeleteFileW
CancelIo
SleepEx
WaitForSingleObjectEx
QueueUserAPC
ReadDirectoryChangesW
GetLocaleInfoA
GetTickCount
GetStringTypeExW
LCMapStringA
GetStringTypeExA
GetUserDefaultLCID
LoadLibraryA
WriteConsoleW
TlsAlloc
RtlUnwind
VirtualAlloc
GetStartupInfoW
IsDebuggerPresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetLocaleInfoEx
GetCPInfo
CompareStringEx
LCMapStringEx
DecodePointer
EncodePointer
GetTimeFormatW
GetSystemTimeAsFileTime
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
GetModuleHandleExW
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
IsProcessorFeaturePresent
GetNativeSystemInfo
RaiseException
QueryPerformanceFrequency
QueryPerformanceCounter
InitOnceBeginInitialize
InitOnceComplete
GetStringTypeW
DeleteCriticalSection
TryEnterCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
SetEndOfFile
HeapSize
CreateDirectoryW
CompareFileTime
lstrlenW
lstrcmpW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
WideCharToMultiByte
MultiByteToWideChar
GetACP
GlobalFree
GetModuleFileNameW
GetVersion
GetCurrentThreadId
MulDiv
LocalFree
GetDateFormatW
LocalAlloc
GetLastError
OutputDebugStringW
lstrcmpiW
LoadLibraryExW
GetProcAddress
GetModuleHandleW
VirtualProtect
SetStdHandle
GetProcessHeap
GlobalUnlock
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
MoveFileExW
lstrcpyW
SetFileAttributesW
GetLongPathNameW
GetFullPathNameW
GetFileAttributesExW
TlsGetValue
TlsSetValue
TlsFree
ReadFile
ExitProcess
ExitThread
FreeLibraryAndExitThread
GetStdHandle
HeapAlloc
HeapFree
GetFileType
GetConsoleMode
ReadConsoleW
CompareStringW
GetLocaleInfoW
IsValidLocale
SetEnvironmentVariableW
EnumSystemLocalesW
GetTimeZoneInformation
GetConsoleOutputCP
GetFileSizeEx
IsValidCodePage
GetOEMCP
HeapReAlloc
FindFirstFileExW
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetLastError

user32

ScrollWindow
GetPropW
RemovePropW
InsertMenuItemW
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
KillTimer
GetCaretBlinkTime
AppendMenuA
GetMessageTime
GetKeyboardLayout
ValidateRect
SetTimer
MsgWaitForMultipleObjects
NotifyWinEvent
GetUpdateRgn
SystemParametersInfoA
GetDoubleClickTime
DrawTextA
CopyImage
MonitorFromPoint
AdjustWindowRectEx
LoadStringW
LoadStringA
DestroyCursor
DestroyAcceleratorTable
IsZoomed
IsIconic
ModifyMenuW
GetMenuItemID
GetSubMenu
SetDlgItemInt
RemoveMenu
GetIconInfo
CreateIconIndirect
LoadIconW
GetDesktopWindow
WindowFromPoint
LockWindowUpdate
GetDCEx
mouse_event
GetDlgItemTextA
GetScrollInfo
SetScrollInfo
DestroyIcon
GetSysColorBrush
MessageBoxA
GetWindowTextLengthW
TrackPopupMenu
FlashWindowEx
UnregisterClassW
PostQuitMessage
DispatchMessageW
TranslateMessage
GetMessageW
BringWindowToTop
ReleaseCapture
SetCapture
GetActiveWindow
SetParent
RedrawWindow
IsChild
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
FindWindowExW
IsWindowEnabled
SetMenuItemInfoW
InsertMenuW
GetMenuItemCount
EnableMenuItem
CheckMenuItem
DestroyMenu
CreatePopupMenu
CreateMenu
GetMenuState
EmptyClipboard
SetClipboardData
IsWindow
GetDlgCtrlID
GetDlgItemInt
CreateDialogParamW
ClientToScreen
IsWindowVisible
ShowWindow
IsClipboardFormatAvailable
CreateCursor
GetClipboardData
ChangeClipboardChain
SetClipboardViewer
CloseClipboard
OpenClipboard
LoadCursorW
GetParent
SetCaretPos
ShowCaret
HideCaret
DestroyCaret
CreateCaret
SetCursor
MessageBeep
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
RegisterClassExW
RegisterWindowMessageW
AppendMenuW
LoadBitmapW
SetRectEmpty
GetCapture
TrackMouseEvent
MonitorFromRect
CreateDialogIndirectParamW
ShowCursor
FindWindowW
CreateAcceleratorTableW
GetDC
UpdateWindow
GetClassNameA
IsCharLowerW
IsCharAlphaNumericW
IsCharAlphaW
CharLowerW
CharUpperW
DrawIcon
LoadMenuW
IsDialogMessageW
SetMenu
GetMonitorInfoW
MonitorFromWindow
CheckMenuRadioItem
ChildWindowFromPointEx
SetForegroundWindow
SetMenuItemBitmaps
DeleteMenu
DrawTextExW
GetMenu
GetSystemMetrics
ToAscii
GetKeyboardState
SetWindowPlacement
GetWindowPlacement
DestroyWindow
CreateWindowExW
RegisterClassW
PostMessageW
DrawFrameControl
DrawEdge
MoveWindow
DrawIconEx
LoadImageW
EnableWindow
GetKeyState
SetFocus
SendDlgItemMessageW
EndDialog
DialogBoxIndirectParamW
DialogBoxParamW
GetComboBoxInfo
GetMenuBarInfo
GetClassNameW
EnumThreadWindows
EnumChildWindows
PtInRect
OffsetRect
IntersectRect
InflateRect
FrameRect
FillRect
DrawFocusRect
GetSysColor
ChildWindowFromPoint
MapWindowPoints
ScreenToClient
GetCursorPos
GetWindowRect
GetClientRect
GetWindowTextW
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
DrawTextW
GetMenuItemInfoW
GetFocus
SetWindowPos
DefWindowProcW
SetWindowLongW
GetWindowLongW
SetWindowTextW
GetDlgItemTextW
SetDlgItemTextW
SetDlgItemTextA
GetDlgItem
CallWindowProcW
SendMessageW
MessageBoxW
wsprintfW
GetAncestor
SystemParametersInfoW
SetPropW
DrawMenuBar
GetMenuStringW
RegisterClipboardFormatW
TranslateAcceleratorW

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
MoveToEx
GetPixel
BitBlt
RestoreDC
SelectClipRgn
LineTo
CreateHatchBrush
GetTextMetricsW
SetROP2
GetROP2
CreateFontW
Polyline
ExtTextOutW
GetDeviceCaps
SetTextColor
SetWindowOrgEx
OffsetWindowOrgEx
CreateBitmap
CreatePatternBrush
PatBlt
SetBrushOrgEx
GetDIBits
SetDIBits
EnumFontFamiliesExW
SetTextAlign
StartDocW
EndDoc
StartPage
EndPage
DPtoLP
GetTextExtentPointW
StretchBlt
CombineRgn
IntersectClipRect
Ellipse
Polygon
ExtCreatePen
GetTextExtentExPointA
GetTextExtentExPointW
GetTextExtentPoint32A
CreateDIBSection
ExtTextOutA
SetBkMode
SetBkColor
GetObjectW
RoundRect
Rectangle
GetTextExtentPoint32W
GetStockObject
GetClipRgn
ExcludeClipRect
DeleteObject
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreatePen
CreateFontIndirectW
SelectObject
SaveDC
CreateFontA

comdlg32

ChooseColorW
PrintDlgW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
IsTextUnicode

ole32

CLSIDFromProgID
RevokeDragDrop
RegisterDragDrop
OleInitialize
DoDragDrop
OleUninitialize
ReleaseStgMedium
CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance

oleaut32

SysFreeString
SysAllocStringLen

uxtheme

SetWindowTheme
OpenThemeData
GetThemeFont
EnableThemeDialogTexture
DrawThemeParentBackground
DrawThemeTextEx
CloseThemeData
DrawThemeBackground
GetThemeBackgroundContentRect
BufferedPaintStopAllAnimations
GetThemeTransitionDuration
BufferedPaintRenderAnimation
EndBufferedAnimation
BeginBufferedAnimation
GetThemePartSize

Exports

Exports

_CreateLexer@4
_GetLexerCount@0
_GetLexerFactory@4
_GetLexerName@12
_GetLibraryPropertyNames@0
_GetNameSpace@0
_LexerNameFromID@4
_SetLibraryProperty@8

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 633KB - Virtual size: 633KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a3b29a4bff6940bc8a4b34067d9c5a9c

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

shlwapi

shell32

dbghelp

version

crypt32

wintrust

sensapi

wininet

imm32

msimg32

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

uxtheme

Exports

Exports

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 633KB - Virtual size: 633KB

.data Size: 52KB - Virtual size: 126KB

.rsrc Size: 2.9MB - Virtual size: 2.9MB

.reloc Size: 124KB - Virtual size: 123KB

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 633KB - Virtual size: 633KB

.data
Size: 52KB - Virtual size: 126KB

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

.reloc
Size: 124KB - Virtual size: 123KB