0306ee717c581c62eedb21eb4c1b82a64b641d60d71453344419d4944e410c73

Sharing

Copy URL

Twitter E-mail

General

Target

0306ee717c581c62eedb21eb4c1b82a64b641d60d71453344419d4944e410c73
Size

2.8MB
MD5

5cbc91e005da99324b10e23bae3b9427
SHA1

beac657232e55493546b8bff5d7636af4e1efc24
SHA256

0306ee717c581c62eedb21eb4c1b82a64b641d60d71453344419d4944e410c73
SHA512

7dd16a565d48b8e05450399b0063dc899bb64c2c119b3599cf5d5fabd86099f0bd4759271a35b7d52007f210de55760f92380bef97351ac95a3a33eb01c237de
SSDEEP

49152:zACqIwBXHuZStR6BohzEOZ/VEoyJGKQkQ0oTW:zACXeXHfH6WVEo4XQ0o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0306ee717c581c62eedb21eb4c1b82a64b641d60d71453344419d4944e410c73

Files

0306ee717c581c62eedb21eb4c1b82a64b641d60d71453344419d4944e410c73
.exe windows:5 windows x86 arch:x86

5e793de6533faec9e0271d05fb63e2a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
FileTimeToLocalFileTime
OpenEventA
SetEnvironmentVariableA
CreateFileW
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
CompareStringW
GetStringTypeW
IsProcessorFeaturePresent
IsValidCodePage
HeapFree
HeapQueryInformation
HeapSize
HeapReAlloc
HeapAlloc
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
SetStdHandle
OutputDebugStringW
GetFileType
WriteConsoleW
OutputDebugStringA
GetStdHandle
GetSystemTimeAsFileTime
ExitProcess
VirtualQuery
GetSystemInfo
VirtualAlloc
ExitThread
CreateThread
RaiseException
EncodePointer
DecodePointer
RtlUnwind
IsBadReadPtr
HeapValidate
GetStartupInfoW
HeapSetInformation
GetCommandLineA
SearchPathA
GetTickCount
GetFileAttributesExA
GetFileTime
GetFileSizeEx
GetFileAttributesA
GetTempPathA
GetTempFileNameA
GetNumberFormatA
GetWindowsDirectoryA
lstrcmpiA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetHandleInformation
FindResourceExW
lstrcpyA
GetSystemDirectoryW
InterlockedExchange
GetCurrentThread
GetLocaleInfoA
GetUserDefaultUILanguage
InitializeCriticalSectionAndSpinCount
GetOEMCP
GetCPInfo
GetACP
FileTimeToSystemTime
GetModuleHandleW
InterlockedIncrement
GlobalFlags
GetProfileIntA
ResumeThread
SetThreadPriority
CompareStringA
LoadLibraryW
GetVersionExA
lstrcmpW
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FindResourceA
FreeResource
lstrcmpA
MultiByteToWideChar
lstrlenW
CopyFileA
GlobalSize
FormatMessageA
MulDiv
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetCurrentThreadId
SetEvent
WaitForSingleObject
CloseHandle
GetCurrentProcessId
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalAlloc
GlobalReAlloc
GlobalLock
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
LocalAlloc
LocalFree
LoadResource
LockResource
SizeofResource
FindResourceW
FreeLibrary
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
DeactivateActCtx
ActivateActCtx
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
lstrlenA
GetModuleFileNameA
GetAtomNameA
GlobalGetAtomNameA
GetLastError
SetLastError
GetCurrentDirectoryA
VirtualProtect
FindFirstChangeNotificationA
GetEnvironmentVariableA
GetSystemDirectoryA
CreateProcessA
LCMapStringW
Sleep

user32

RegisterWindowMessageA
SetWindowPos
SetWindowLongA
GetMessagePos
GetMessageTime
GetMenu
SetMenu
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassNameA
GetClassLongA
GetDlgCtrlID
GetWindowTextA
GetWindowTextLengthA
GetWindowPlacement
SetWindowPlacement
TrackPopupMenu
WinHelpA
GetCapture
GetWindow
IsChild
GetTopWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
SetScrollInfo
GetScrollInfo
GetWindowRect
ScrollWindow
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
DeferWindowPos
EqualRect
AdjustWindowRectEx
SetFocus
GetFocus
GetClientRect
GetMonitorInfoA
MonitorFromWindow
SendDlgItemMessageA
LoadIconA
LoadIconW
RegisterClassA
GetClassInfoA
CreateWindowExA
GetMenuCheckMarkDimensions
DrawMenuBar
GetSystemMenu
IsIconic
IsZoomed
SetWindowRgn
GetWindowRgn
BringWindowToTop
UpdateWindow
GetUpdateRect
IsWindowVisible
ShowOwnedPopups
LockWindowUpdate
RedrawWindow
EnableScrollBar
SetTimer
KillTimer
SetCapture
GetNextDlgGroupItem
GetNextDlgTabItem
ShowScrollBar
SetParent
WindowFromPoint
OpenClipboard
HideCaret
SetForegroundWindow
ModifyMenuA
NotifyWinEvent
EndDialog
LoadCursorA
LoadCursorW
MoveWindow
ShowWindow
GetAsyncKeyState
SetRectEmpty
SetCursor
ReleaseCapture
LoadAcceleratorsA
TranslateAcceleratorA
ReuseDDElParam
UnpackDDElParam
DestroyIcon
LoadImageA
GetClipboardFormatNameA
GetKeyNameTextA
MapVirtualKeyA
SystemParametersInfoA
RealChildWindowFromPoint
CopyImage
EnumDisplayMonitors
SetLayeredWindowAttributes
CharUpperA
MessageBeep
DrawIconEx
LoadAcceleratorsW
DestroyAcceleratorTable
CreateAcceleratorTableA
CopyAcceleratorTableA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
SetCursorPos
SetClassLongA
IsCharLowerA
MapVirtualKeyExA
MonitorFromPoint
UpdateLayeredWindow
OffsetRect
WaitMessage
LoadImageW
SetClipboardData
CloseClipboard
RegisterClipboardFormatA
PtInRect
CopyIcon
IsRectEmpty
CharUpperBuffA
DefFrameProcA
TranslateMDISysAccel
DefMDIChildProcA
IsClipboardFormatAvailable
GetDoubleClickTime
DestroyCursor
SetRect
InflateRect
IntersectRect
UnionRect
SubtractRect
ValidateRect
DestroyMenu
MapWindowPoints
InsertMenuItemA
InsertMenuA
GetSubMenu
GetMenuItemInfoA
GetMenuStringA
PostQuitMessage
GetMenuState
GetMenuItemID
SetWindowTextA
GetSystemMetrics
PostMessageA
CheckDlgButton
DefWindowProcA
GetMenuItemCount
GetMenuDefaultItem
EmptyClipboard
ReleaseDC
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetSysColor
EndPaint
GetWindowDC
GetDC
ClientToScreen
ScreenToClient
GetWindowLongA
InvalidateRect
IsDialogMessageA
GetIconInfo
EnumWindows
BeginPaint
CallNextHookEx
LoadBitmapA
GetClassInfoExA
LoadMenuW
LoadMenuA
SetMenuItemBitmaps
PostThreadMessageA
RemoveMenu
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
AppendMenuA
DeleteMenu
IsMenu
CreatePopupMenu
CreateMenu
GrayStringA
DrawTextExA
DrawTextA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateA
DrawIcon
InvertRect
FrameRect
FillRect
LoadBitmapW
GetSysColorBrush
GetKeyState
GetCursorPos
SetWindowsHookExA
PeekMessageA
TranslateMessage
DispatchMessageA
MessageBoxA
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
GetWindowThreadProcessId
TabbedTextOutA
SendMessageA
IsWindow
MapDialogRect
GetForegroundWindow
UnhookWindowsHookEx
GetMessageA

ole32

OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
DoDragDrop
CreateStreamOnHGlobal
RegisterDragDrop
CoInitializeEx
ReleaseStgMedium
CoTaskMemAlloc
CoUninitialize
CoCreateInstance
StringFromCLSID
CoTaskMemFree
OleDuplicateData
CoInitialize
RevokeDragDrop
OleGetClipboard
CoLockObjectExternal

oleaut32

VariantInit
SysStringLen
VarBstrFromDate
SysAllocString
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString
VariantChangeType
VariantClear
SysAllocStringLen

crypt32

CertEnumCertificatesInStore
CryptHashCertificate
CertVerifyCertificateChainPolicy
CertCreateCertificateContext
CertDeleteCertificateFromStore
CertAddEncodedCertificateToStore
CertFreeCertificateChain
CertFreeCertificateContext
CertCloseStore
CertGetCertificateChain
CryptImportPublicKeyInfo

urlmon

IsAsyncMoniker
RevokeFormatEnumerator
IsValidURL
RegisterBindStatusCallback
RegisterFormatEnumerator
ObtainUserAgentString

gdi32

CreateDIBSection
CreateHatchBrush
CreateSolidBrush
SetDIBColorTable
GetSystemPaletteEntries
EnumFontFamiliesExA
CreateDIBitmap
GetTextCharsetInfo
EnumFontFamiliesA
CopyMetaFileA
ExtSelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
SelectPalette
RestoreDC
SaveDC
DeleteDC
SetPixelV
GetBoundsRect
Escape
GetTextMetricsA
GetTextFaceA
GetTextExtentPoint32A
TextOutA
ExtFloodFill
SetPixel
GetPixel
StretchBlt
BitBlt
PatBlt
Rectangle
Polygon
Ellipse
Polyline
RectVisible
PtVisible
FrameRgn
FillRgn
LPtoDP
DPtoLP
GetWindowExtEx
GetWindowOrgEx
GetViewportExtEx
GetViewportOrgEx
GetTextColor
GetBkColor
RealizePalette
SelectObject
GetDeviceCaps
CreateCompatibleDC
CreateDCA
PtInRegion
GetRgnBox
OffsetRgn
CombineRgn
SetRectRgn
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn
GetNearestPaletteIndex
SetPaletteEntries
GetPaletteEntries
CreatePalette
CreateCompatibleBitmap
CreateBitmap
CreateFontIndirectA
CreatePatternBrush
ExtTextOutA
GetObjectA
GetStockObject
GetObjectType
CreatePen

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

comctl32

ImageList_GetIconSize

comdlg32

GetFileTitleA

shell32

DragFinish
DragQueryFileA
SHGetFileInfoA
SHGetDesktopFolder
SHAppBarMessage
SHBrowseForFolderA
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation

gdiplus

GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipCloneImage
GdipFree
GdipDisposeImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdiplusShutdown

shlwapi

PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA
PathFindFileNameA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA
RegDeleteValueA
RegEnumKeyExA
RegCloseKey
OpenThreadToken
RevertToSelf
SetThreadToken
RegQueryValueExA

winmm

PlaySoundA

msimg32

TransparentBlt
AlphaBlend

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 425KB - Virtual size: 425KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 768KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 223KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e793de6533faec9e0271d05fb63e2a6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

crypt32

urlmon

gdi32

winspool.drv

oleacc

comctl32

comdlg32

shell32

gdiplus

shlwapi

advapi32

winmm

msimg32

imm32

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 425KB - Virtual size: 425KB

.data Size: 28KB - Virtual size: 768KB

.rsrc Size: 50KB - Virtual size: 50KB

.reloc Size: 223KB - Virtual size: 222KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 425KB - Virtual size: 425KB

.data
Size: 28KB - Virtual size: 768KB

.rsrc
Size: 50KB - Virtual size: 50KB

.reloc
Size: 223KB - Virtual size: 222KB