1c40cde761180017b253010b06b8c60f0632f139eb003a3864c0bbbbfd792dac

Sharing

Copy URL Twitter E-mail

General

Target

1c40cde761180017b253010b06b8c60f0632f139eb003a3864c0bbbbfd792dac
Size

308KB
MD5

62ea9ac65a5aee6230b64969740a42e5
SHA1

bcc11f894706e19bbd86474e9b851a19e4cea703
SHA256

1c40cde761180017b253010b06b8c60f0632f139eb003a3864c0bbbbfd792dac
SHA512

16e5aed498de7cb4d5bd72303f1b185bb141e58fdefdcaf0b38c5524e4f647017f872b7fe8144ac2a43663f0a4623533b6ca8b4bcd85aa83d3865fd103dd6b19
SSDEEP

6144:IgypPyuoEUmgTcoTVBZxwREHPYuCLIeMAcmuk5sVsW:Ig0yonocMfxwuHPaIeBNVW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c40cde761180017b253010b06b8c60f0632f139eb003a3864c0bbbbfd792dac

Files

1c40cde761180017b253010b06b8c60f0632f139eb003a3864c0bbbbfd792dac
.exe windows x86

211f323accdca22ab63a40b6de87753c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
WritePrivateProfileStringW
GetPrivateProfileIntW
MoveFileExW
InterlockedIncrement
CreateThread
SetEvent
lstrcpyW
GetDiskFreeSpaceExW
LockResource
SizeofResource
LoadResource
FindResourceW
MultiByteToWideChar
Sleep
GetStartupInfoW
CopyFileW
FindFirstFileW
FindNextFileW
FindClose
ExpandEnvironmentStringsW
CreateFileW
WriteFile
FreeResource
GlobalAlloc
GlobalFree
CreateProcessW
WaitForSingleObject
WaitForMultipleObjects
OpenProcess
TerminateProcess
GetVersionExW
GetTickCount
GetTempPathW
CreateDirectoryW
InterlockedDecrement
OutputDebugStringW
DebugBreak
lstrlenW
lstrlenA
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
LeaveCriticalSection
CreateMutexW
GetLastError
CloseHandle
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
EnterCriticalSection
GetModuleHandleW

user32

SendMessageW
KillTimer
BeginPaint
GetWindowLongW
GetClientRect
SendMessageTimeoutW
DefWindowProcW
EndPaint
UpdateWindow
InvalidateRect
DrawTextW
ClientToScreen
GetWindowRect
PtInRect
GetDlgCtrlID
GetParent
ReleaseCapture
SetCapture
CallWindowProcW
GetCapture
SetWindowLongW
LoadImageW
SetWindowPos
SetWindowTextW
MapWindowPoints
GetWindow
FillRect
CreateWindowExW
AdjustWindowRectEx
GetMenu
ReleaseDC
GetWindowDC
LoadStringW
GetFocus
GetSystemMenu
EnableMenuItem
GetDesktopWindow
GetDlgItem
IsDialogMessageW
GetClassInfoExW
LoadCursorW
wsprintfW
RegisterClassExW
PostQuitMessage
PostMessageW
MessageBoxW
CharNextW
wvsprintfW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
FindWindowW
IsIconic
SetForegroundWindow
BringWindowToTop
GetWindowTextW
ShowWindow
SystemParametersInfoW
SetTimer
IsWindowEnabled
DrawEdge
GetSystemMetrics
InflateRect
DrawFocusRect
OffsetRect
CreateDialogParamW
IsWindow
DestroyWindow

gdi32

GetBitmapBits
DeleteObject
CreateFontW
CreateCompatibleDC
DeleteDC
GetStockObject
SetBkMode
SelectObject
CreateDIBSection
CreateDIBPatternBrushPt
SetTextColor

shell32

SHBrowseForFolderW
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHGetPathFromIDListW

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal

shlwapi

SHGetValueW
SHSetValueW
PathMatchSpecW
PathIsDirectoryW
PathFileExistsW
PathRemoveFileSpecW

psapi

EnumProcesses
EnumProcessModules
GetModuleFileNameExW

comctl32

ImageList_Add
ImageList_SetImageCount
InitCommonControlsEx
ImageList_GetIconSize
_TrackMouseEvent
ImageList_Draw
ImageList_Create

msimg32

AlphaBlend

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_wcsicmp
wcscpy
_except_handler3
_wcsnicmp
__CxxFrameHandler
wcsncpy
wcsstr
_snwprintf
wcscat
_wtoi
iswdigit
wcslen
free
memmove
realloc
memcpy
memset
_purecall
??2@YAPAXI@Z
_controlfp

gdiplus

GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdiplusStartup
GdiplusShutdown
GdipCreateHBITMAPFromBitmap
GdipAlloc
GdipFree

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

211f323accdca22ab63a40b6de87753c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

shlwapi

psapi

comctl32

msimg32

msvcrt

gdiplus

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 6KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB