d2a1eaedbaaa1d37a0cf6275ed1ba241437047ea206bf9f92043b31a9082972b

Sharing

Copy URL

Twitter E-mail

General

Target

d2a1eaedbaaa1d37a0cf6275ed1ba241437047ea206bf9f92043b31a9082972b
Size

2.2MB
MD5

4b516af36eb352798108ae0318dc913a
SHA1

9eb738904e80784b59b0d12743348e45079853dd
SHA256

d2a1eaedbaaa1d37a0cf6275ed1ba241437047ea206bf9f92043b31a9082972b
SHA512

dfd0b23d26398d51af34da23be6bcf77013491a31876ca1bc0216510dd717b8bcaa7ed687aebb87fff04400265555adb3bad7a39f73d052007df14e37ed971b7
SSDEEP

24576:QOvfKVPgFtTRfUxgul41mMa3+O6D6z87l/G+:P3K2fRWOmMa3+O6D6o7l/G+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2a1eaedbaaa1d37a0cf6275ed1ba241437047ea206bf9f92043b31a9082972b

Files

d2a1eaedbaaa1d37a0cf6275ed1ba241437047ea206bf9f92043b31a9082972b
.exe windows:4 windows x86 arch:x86

8b8b318848b71c5074bf591ea7b5e5ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadCodePtr
CompareStringA
CompareStringW
IsBadReadPtr
GetDriveTypeA
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
lstrcpyA
GetStdHandle
SetHandleCount
HeapSize
HeapReAlloc
TerminateProcess
ExitThread
CreateThread
GetFileType
SetStdHandle
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapFree
GetLocalTime
GetSystemTime
GetTimeZoneInformation
SleepEx
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
GetProfileStringA
GetCurrentProcessId
GetFileInformationByHandle
RtlUnwind
GetOEMCP
GetCPInfo
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GetProcessVersion
SizeofResource
GlobalFlags
SetErrorMode
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDiskFreeSpaceA
GetTempFileNameA
GlobalAlloc
GetCurrentThread
lstrcmpA
WaitForSingleObject
GetFileTime
GetFileSize
GetPrivateProfileIntA
LocalFree
SetLastError
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
lstrcmpiA
GetThreadLocale
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
LoadLibraryA
GetProcAddress
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
InterlockedDecrement
InterlockedIncrement
WriteFile
SetFileTime
LocalFileTimeToFileTime
lstrlenA
SystemTimeToFileTime
ReadFile
CloseHandle
CreateFileA
SetFilePointer
Sleep
SetFileAttributesA
RemoveDirectoryA
GetFileAttributesA
lstrcatA
WritePrivateProfileStringA
VirtualAlloc
VirtualFree
FreeLibrary
GetLogicalDriveStringsA
CreateDirectoryA
GetTickCount
MulDiv
WideCharToMultiByte
MultiByteToWideChar
GetACP
GetLastError
FormatMessageA
DeleteFileA
GetCurrentDirectoryA
GetProcessHeap
HeapAlloc
SetCurrentDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetModuleFileNameA
SetEnvironmentVariableA

user32

DestroyCursor
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
GetMessageA
ValidateRect
InvertRect
GetSystemMenu
DeleteMenu
SetParent
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
GetDesktopWindow
SetCursor
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
SetRect
WindowFromPoint
LoadStringA
DestroyMenu
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
CheckRadioButton
PostMessageA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
AdjustWindowRectEx
EqualRect
DeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
FindWindowA
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
SetPropA
UnhookWindowsHookEx
PostThreadMessageA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetWindowPos
IntersectRect
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
GetWindowPlacement
SetFocus
GetNextDlgTabItem
EndDialog
GetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
CharUpperA
PostQuitMessage
keybd_event
IsZoomed
LockWindowUpdate
CharNextA
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
GetTabbedTextExtentA
SetWindowLongA
GetClassNameA
LoadMenuA
IsIconic
IsWindowVisible
SetForegroundWindow
GetDlgCtrlID
GetSystemMetrics
EnableMenuItem
GetSubMenu
IsCharAlphaNumericA
ScreenToClient
SetActiveWindow
TranslateMessage
DispatchMessageA
RegisterWindowMessageA
DestroyIcon
GetWindowDC
DrawFocusRect
DefDlgProcA
IsWindowUnicode
FrameRect
DrawIconEx
LoadIconA
LoadImageA
wsprintfA
GetDCEx
ReleaseCapture
SetCapture
RegisterClipboardFormatA
GetMenuItemCount
RedrawWindow
GetClassLongA
FillRect
ReleaseDC
GetWindowLongA
GetParent
BeginDeferWindowPos
EndDeferWindowPos
IsRectEmpty
SystemParametersInfoA
GetSysColorBrush
LoadCursorA
GetCursorPos
GetKeyState
GetFocus
IsChild
PtInRect
InflateRect
GetSysColor
OffsetRect
CopyRect
GetPropA
GetDC
MessageBoxA
CreatePopupMenu
AppendMenuA
ClientToScreen
EnableWindow
SetTimer
GetWindow
KillTimer
SendMessageA
GetClientRect
InvalidateRect
UpdateWindow
GetWindowRect

gdi32

GetMapMode
SetRectRgn
CombineRgn
DPtoLP
StretchDIBits
GetCharWidthA
CreateFontA
Rectangle
GetViewportOrgEx
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
Escape
LPtoDP
GetBkColor
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetWindowOrgEx
ExtTextOutA
TextOutA
RectVisible
SetViewportExtEx
PtVisible
CreatePen
CreateDIBitmap
GetTextExtentPointA
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
GetCurrentPositionEx
SetTextAlign
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
CreateDCA
CreateBitmap
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
StartDocA
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateRectRgnIndirect
DeleteObject
CreateSolidBrush
CreateFontIndirectA
GetTextExtentPoint32A
GetCurrentObject
CreatePatternBrush
EnumFontFamiliesA
GetTextMetricsA
SelectObject
GetStockObject
CreateCompatibleDC
GetDeviceCaps
GetTextColor
BitBlt
CreateCompatibleBitmap
PatBlt
ScaleViewportExtEx

comdlg32

GetFileTitleA
GetSaveFileNameA
CommDlgExtendedError
ChooseColorA
ReplaceTextA
FindTextA
ChooseFontA
PrintDlgA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptAcquireContextA
CryptImportKey
CryptReleaseContext
CryptEncrypt
CryptDestroyKey
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
CryptCreateHash
GetFileSecurityA
SetFileSecurityA

shell32

SHBrowseForFolderA
DragQueryFileA
DragFinish
SHGetPathFromIDListA
Shell_NotifyIconA
SHFileOperationA
ShellExecuteA
SHGetFileInfoA

comctl32

ImageList_DragEnter
ImageList_BeginDrag
ImageList_DragShowNolock
ImageList_DragMove
ImageList_EndDrag
ImageList_DragLeave
_TrackMouseEvent
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create
ord17

oledlg

ord8

ole32

CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
SysFreeString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocString

shlwapi

PathIsRootA
PathFindFileNameA

winmm

mciSendCommandA
mciGetErrorStringA

wldap32

ord32
ord200
ord30
ord35
ord46
ord60
ord145
ord79
ord33
ord26
ord301
ord22
ord27
ord41
ord50
ord213

ws2_32

getpeername
ntohs
getsockopt
getsockname
setsockopt
send
select
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup
connect
WSAIoctl
bind
htons
closesocket
socket
inet_ntoa
htonl
gethostbyname
inet_addr
getservbyname
gethostbyaddr
getservbyport
sendto
recvfrom
listen
accept
ioctlsocket
gethostname
recv

Sections

.text
Size: 604KB - Virtual size: 600KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b8b318848b71c5074bf591ea7b5e5ff

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

shlwapi

winmm

wldap32

ws2_32

Sections

.text Size: 604KB - Virtual size: 600KB

.rdata Size: 100KB - Virtual size: 97KB

.data Size: 64KB - Virtual size: 81KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.text
Size: 604KB - Virtual size: 600KB

.rdata
Size: 100KB - Virtual size: 97KB

.data
Size: 64KB - Virtual size: 81KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB