1f6f517cdc3fd52dc5c0c976933969e9340511784d5d7d6bf85fbfa2f84a09c7

Sharing

Copy URL Twitter E-mail

General

Target

1f6f517cdc3fd52dc5c0c976933969e9340511784d5d7d6bf85fbfa2f84a09c7
Size

2.1MB
MD5

3815beec6e5c08c43c1eb8a88e534a89
SHA1

924ec873d3634a7a70ffe19168f1bb5a40fe5e9a
SHA256

1f6f517cdc3fd52dc5c0c976933969e9340511784d5d7d6bf85fbfa2f84a09c7
SHA512

d8e1fa348187adaba19da7e8d4e217bef976825f0c3012eec327ed8ac23339661d534ed4e1d58c2a55a0cb5ce907152dc22f9a9468cd011eff16e5f80ec3e8aa
SSDEEP

49152:hB1atVIw7kA7zpbOKlky6+oL7J62jmhudPPkyVQg:L1aHT7kKzpbHl76/7J6RudHxVp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f6f517cdc3fd52dc5c0c976933969e9340511784d5d7d6bf85fbfa2f84a09c7

Files

1f6f517cdc3fd52dc5c0c976933969e9340511784d5d7d6bf85fbfa2f84a09c7
.exe windows x86

5cd268f2cad3066b49ce174afc7499d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetFileAttributesA
GetTimeZoneInformation
RaiseException
HeapAlloc
TerminateProcess
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
ExitThread
LCMapStringA
LCMapStringW
Sleep
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetCPInfo
GetDriveTypeA
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
CreateThread
RtlUnwind
FindResourceA
GlobalAddAtomA
GetProfileStringA
InterlockedExchange
ExitProcess
GetStartupInfoW
GetTickCount
SetErrorMode
FileTimeToLocalFileTime
FileTimeToSystemTime
SizeofResource
GetProcessVersion
GetCurrentDirectoryW
WritePrivateProfileStringW
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
lstrcmpiW
GetThreadLocale
GetFullPathNameW
lstrcpynW
GetVolumeInformationW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
GetCurrentProcess
DuplicateHandle
MulDiv
GetModuleHandleA
LoadLibraryA
FreeLibrary
GetVersion
lstrcatW
GlobalAddAtomW
GlobalFindAtomW
GetModuleHandleW
GetProcAddress
FormatMessageW
LocalFree
lstrcpyW
SetLastError
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalUnlock
GlobalFree
LockResource
FindResourceW
LoadResource
ResumeThread
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
WideCharToMultiByte
GetModuleFileNameW
MultiByteToWideChar
FindFirstFileW
SetFileAttributesW
DeleteFileW
FindNextFileW
FindClose
RemoveDirectoryW
lstrlenW
GetFileAttributesW
CreateDirectoryW
GetTempPathW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CloseHandle
CreateMutexW
GetLastError
SetUnhandledExceptionFilter

user32

GetTopWindow
IsChild
GetCapture
WinHelpW
wsprintfW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
CreateWindowExW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageW
OffsetRect
IntersectRect
SystemParametersInfoW
GetWindowPlacement
GetWindowRect
LoadStringW
SetFocus
ShowWindow
MoveWindow
SetWindowLongW
GetDlgCtrlID
GetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
MessageBeep
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExW
MessageBoxW
PostMessageW
UnregisterClassW
GetWindowTextLengthA
HideCaret
CopyRect
ShowCaret
ExcludeUpdateRgn
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
SetCursor
PostQuitMessage
GrayStringW
DrawTextW
TabbedTextOutW
RedrawWindow
IsWindow
InvalidateRect
PostThreadMessageW
RegisterClipboardFormatW
GetSysColor
SetWindowTextW
EnableWindow
PeekMessageW
DispatchMessageW
TranslateMessage
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetWindowTextA
DrawTextA
DrawFocusRect
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
LoadIconW
SendMessageW
AppendMenuW
GetSystemMenu
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableW
CharNextW
GetSysColorBrush
PtInRect
GetClassNameW
GetDesktopWindow
GetFocus
LoadCursorW
InflateRect
CharUpperW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
DestroyMenu
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
ScreenToClient
GetMenuCheckMarkDimensions

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
IntersectClipRect
DeleteObject
SetBkMode
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PatBlt
GetMapMode
DPtoLP
GetTextColor
GetBkColor
LPtoDP
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateCompatibleBitmap
CreateCompatibleDC
CreateRectRgn
CreateDIBitmap
ExtTextOutA
GetTextExtentPointA
BitBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW

shell32

ShellExecuteW

comctl32

ord17

oledlg

OleUIBusyW

ole32

CoFreeUnusedLibraries
CoRegisterMessageFilter
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleUninitialize

olepro32

ord253

oleaut32

SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString
SysStringLen

Sections

.text
Size: 188KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5cd268f2cad3066b49ce174afc7499d6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 188KB - Virtual size: 185KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 24KB - Virtual size: 40KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 188KB - Virtual size: 185KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 24KB - Virtual size: 40KB

.rsrc
Size: 12KB - Virtual size: 9KB