418c1421c2424f152d83aa6886c15c42dd9947b63fcd4544a679eb0477d40dab

Sharing

Copy URL Twitter E-mail

General

Target

418c1421c2424f152d83aa6886c15c42dd9947b63fcd4544a679eb0477d40dab
Size

427KB
MD5

add302b551122d0d48c69477c701c58f
SHA1

0bb3c223adeb0f8c71d93cd6f6c090c3349fb979
SHA256

418c1421c2424f152d83aa6886c15c42dd9947b63fcd4544a679eb0477d40dab
SHA512

2797d3f4fa0436f3ea399a0c42309f68c232065037958e2a1933b6c753d1841c153cbdadcb42a0b53801edb7d44450c2836d70be0a6debaf6cc9513eab517876
SSDEEP

12288:qPno/SE5b4n0Kddh5tA/sBd/qnFT94qaUss:WWLA/qnFpz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
418c1421c2424f152d83aa6886c15c42dd9947b63fcd4544a679eb0477d40dab

Files

418c1421c2424f152d83aa6886c15c42dd9947b63fcd4544a679eb0477d40dab
.exe windows x86

16f793fa2ae6ad62186553be52a52b65

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStringTypeW
WriteConsoleW
SetStdHandle
RtlUnwind
SetConsoleCtrlHandler
FatalAppExitA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetFileType
GetCurrentThread
CreateSemaphoreW
GetUserDefaultLCID
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
Sleep
CreateEventW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WriteFile
GetStdHandle
AreFileApisANSI
GetModuleHandleExW
ExitProcess
GetCommandLineW
EncodePointer
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
OutputDebugStringW
IsDebuggerPresent
EnumSystemLocalesW
FlushFileBuffers
CreateFileW
CreateThread
GetCurrentProcessId
lstrcmpiW
GetProcAddress
lstrcmpW
GetModuleFileNameW
SizeofResource
LoadLibraryW
GetModuleHandleW
LoadLibraryExW
FreeLibrary
VirtualQuery
lstrcpyW
WideCharToMultiByte
GetCurrentThreadId
DeleteCriticalSection
DecodePointer
LockResource
EnterCriticalSection
HeapSize
SetLastError
GetLastError
VerifyVersionInfoW
RaiseException
FlushInstructionCache
lstrlenW
MultiByteToWideChar
MulDiv
LeaveCriticalSection
HeapDestroy
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
GetCurrentProcess
CloseHandle
VerSetConditionMask
HeapAlloc
LoadResource
FindResourceW
GetTickCount
HeapReAlloc

user32

GetSubMenu
SetForegroundWindow
LoadStringA
GetFocus
CallNextHookEx
MessageBeep
IsWindowEnabled
WindowFromPoint
SetFocus
DrawEdge
SetRectEmpty
ModifyMenuW
BeginPaint
PtInRect
CharLowerW
GetCapture
TranslateMessage
LoadAcceleratorsW
GetKeyState
OffsetRect
TrackPopupMenuEx
SetCapture
GetMenuItemID
FillRect
GetWindowDC
CharNextW
PostQuitMessage
SetMenuItemInfoW
DestroyMenu
UpdateWindow
SendMessageW
IsWindowVisible
MessageBoxW
PostThreadMessageW
MonitorFromPoint
GetMessageW
TranslateAcceleratorW
MsgWaitForMultipleObjects
InflateRect
DrawTextW
CheckMenuRadioItem
SetCursorPos
LoadMenuW
AppendMenuW
SystemParametersInfoW
PeekMessageW
GetClassNameW
GetSysColor
GetSysColorBrush
FrameRect
GetActiveWindow
CreateWindowExW
GetMenuItemCount
LoadBitmapW
EndPaint
IsWindow
RemoveMenu
SetMenuDefaultItem
SetWindowsHookExW
UnhookWindowsHookEx
ReleaseCapture
GetSystemMetrics
MapWindowPoints
DrawFrameControl
GetMonitorInfoW
CallWindowProcW
DefWindowProcW
GetMessagePos
GetWindowThreadProcessId
DispatchMessageW
TrackPopupMenu
CreatePopupMenu
ClientToScreen
DestroyWindow
SetCursor
ScreenToClient
GetWindowRect
IsMenu
LoadImageW
UnregisterClassW
PostMessageW
GetParent
LoadCursorW
GetClientRect
GetMenuItemInfoW
GetClassInfoExW
GetDC
GetMenu
RegisterClassExW
LoadIconW
SetRect
MessageBoxA
InvalidateRect
GetWindowLongW
ReleaseDC
SetWindowLongW
SetWindowPos
GetCursorPos
LoadStringW
ShowWindow
SetMenu
RegisterWindowMessageW

gdi32

SetWindowOrgEx
BitBlt
PatBlt
LineTo
SetTextColor
CreateFontIndirectW
SetBrushOrgEx
SetBkColor
CreateBitmap
SetBkMode
CreateCompatibleBitmap
OffsetWindowOrgEx
CreatePatternBrush
CreatePen
DeleteDC
CreateDIBSection
GetCurrentObject
DeleteObject
SelectObject
CreateCompatibleDC
MoveToEx
GetStockObject
GetObjectW

advapi32

RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW

shell32

SHGetDesktopFolder
ShellAboutW
SHGetFileInfoW
SHGetSpecialFolderLocation
ShellExecuteExW

ole32

CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoInitialize

oleaut32

VarUI4FromStr
SysFreeString

shlwapi

StrChrW
StrRetToBufW

comctl32

ImageList_DrawIndirect
CreateStatusWindowW
ImageList_AddMasked
ImageList_LoadImageW
ImageList_Create
ImageList_GetImageCount
ord8
ImageList_Draw
ImageList_Destroy
InitCommonControlsEx

uxtheme

IsThemeActive
IsAppThemed

msimg32

GradientFill

Sections

.text
Size: 282KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16f793fa2ae6ad62186553be52a52b65

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

uxtheme

msimg32

Sections

.text Size: 282KB - Virtual size: 282KB

.rdata Size: 57KB - Virtual size: 56KB

.data Size: 54KB - Virtual size: 62KB

.rsrc Size: 21KB - Virtual size: 20KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 282KB - Virtual size: 282KB

.rdata
Size: 57KB - Virtual size: 56KB

.data
Size: 54KB - Virtual size: 62KB

.rsrc
Size: 21KB - Virtual size: 20KB

.reloc
Size: 12KB - Virtual size: 11KB