PROJECT 1[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

PROJECT 1.exe
Size

550KB
MD5

ed52d89af4045fd3aa9fa988b58f20d5
SHA1

a6fb1d7e0ea8a1acae8bf0a2e409c2eba9af3cf4
SHA256

f6bd53e7fe28bb9addafc769a335efcd239f3284d580efbccb6c1b4941c4c317
SHA512

33773471d78d7c248d12ec3e5818e87346a5d6caec3f523567dba7555a60be569811d05c0ccb70e7b80fc61edbf20985c07de5d7fb7aebf4b1559c8e088081b8
SSDEEP

12288:tsMcZwBYZt2GFqvRhzBlP2WRipK1g/rWJSTgTxVVrdB:gZw+tJFqvSqOKonmPVr/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PROJECT 1.exe

Files

PROJECT 1.exe
.exe windows x86

518bde06d72ee971f284f397497a2a68

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetStartupInfoA
CloseHandle
CreateFileA
GlobalLock
GetCPInfo
GetTempPathA
MultiByteToWideChar
CreateFileW
WriteConsoleW
SetFilePointerEx
HeapReAlloc
HeapSize
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetProcessHeap
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
CreateProcessA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
GetFileType
LCMapStringW
HeapFree
GetACP
GetModuleHandleExW
ExitProcess
WideCharToMultiByte
GetModuleFileNameA
WriteFile
GetComputerNameA
GetCurrentProcess
lstrcpyW
GetProcAddress
GlobalAddAtomA
GetLastError
GetStdHandle
GetConsoleScreenBufferInfo
GetConsoleWindow
WaitForSingleObject
OpenEventA
GetModuleHandleA
HeapAlloc
CreateEventA
LoadLibraryA
LoadLibraryW
GetUserDefaultLCID
GetDateFormatA
GetCommandLineA
GetModuleFileNameW
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
RtlUnwind
RaiseException
EnterCriticalSection
GetEnvironmentVariableA
GetModuleHandleExA
LeaveCriticalSection
LoadLibraryExA
InitializeCriticalSection
GetThreadLocale
FormatMessageA
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
DecodePointer
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter

user32

SetTimer
KillTimer
CreateWindowExA
LoadIconA
GetMessageA
TranslateMessage
EnableMenuItem
CheckMenuItem
RegisterClassExA
DispatchMessageA
SetClassLongA
MessageBoxA
GetCursorPos
SendMessageW
GetSubMenu
LoadMenuW
MessageBeep
PostQuitMessage
EnumDesktopsA
DefWindowProcA
DestroyWindow
GetFocus
GetWindowLongA
GetSystemMetrics
LoadCursorA
GetWindowRect
SetFocus
BeginPaint
EndPaint
PtInRect
GetMenu
GetMenuItemInfoA
RemovePropA
DrawFocusRect
SetScrollPos
RegisterClassA
SetWindowLongA
GetWindowDC
SendMessageA
SetWindowPos
GetDlgItem
SetWindowTextA
IsDlgButtonChecked
IsWindow
SetForegroundWindow

gdi32

GetObjectA
SetBkMode
SetDCPenColor
SetBkColor
SetTextColor
CreateSolidBrush
GetStockObject
SetAbortProc
CombineRgn

comdlg32

ChooseColorA

advapi32

LsaQueryInformationPolicy
LsaOpenPolicy
OpenProcessToken
GetTokenInformation
RegCreateKeyExA
RegCloseKey
LsaFreeMemory

shell32

SHGetDesktopFolder
SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
DragQueryFileA
Shell_NotifyIconA

ole32

OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
OleInitialize
CoGetClassObject
CoInitialize
OleUninitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
StgCreateDocfile
ReleaseStgMedium
CoUnmarshalInterface

oleaut32

VariantClear
VariantInit
VariantChangeType

odbc32

ord36
ord2
ord41
ord1

netapi32

NetUserEnum
NetLocalGroupEnum

mpr

WNetAddConnection2A

winmm

mmioSeek

shlwapi

ord14

rpcrt4

RpcStringFreeA
UuidToStringA
UuidCreate

gdiplus

GdipAlloc
GdipCloneImage
GdipFree
GdipSaveImageToFile
GdipDisposeImage
GdipCreateBitmapFromHBITMAP

secur32

LsaGetLogonSessionData

dbghelp

ImageNtHeader
MakeSureDirectoryPathExists

winhttp

WinHttpSendRequest

wsnmp32

ord105
ord106
ord104

urlmon

IsValidURL
MkParseDisplayNameEx

tapi32

phoneDevSpecific
tapiGetLocationInfoA
phoneConfigDialogA

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.trace
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug_o
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 372KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

518bde06d72ee971f284f397497a2a68

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

odbc32

netapi32

mpr

winmm

shlwapi

rpcrt4

gdiplus

secur32

dbghelp

winhttp

wsnmp32

urlmon

tapi32

Sections

.text Size: 98KB - Virtual size: 98KB

.rdata Size: 61KB - Virtual size: 60KB

.data Size: 5KB - Virtual size: 9KB

.text Size: 5KB - Virtual size: 5KB

.gfids Size: 512B - Virtual size: 248B

.trace Size: 2KB - Virtual size: 2KB

_RDATA Size: 1024B - Virtual size: 848B

.debug_o Size: 3KB - Virtual size: 2KB

.rsrc Size: 372KB - Virtual size: 372KB

.text
Size: 98KB - Virtual size: 98KB

.rdata
Size: 61KB - Virtual size: 60KB

.data
Size: 5KB - Virtual size: 9KB

.text
Size: 5KB - Virtual size: 5KB

.gfids
Size: 512B - Virtual size: 248B

.trace
Size: 2KB - Virtual size: 2KB

_RDATA
Size: 1024B - Virtual size: 848B

.debug_o
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 372KB - Virtual size: 372KB