1b49b17b51b56b44cf438bc571bc337b6132475ed33839b0ee5682ad548ec0b3

Sharing

Copy URL

Twitter E-mail

General

Target

1b49b17b51b56b44cf438bc571bc337b6132475ed33839b0ee5682ad548ec0b3
Size

2.8MB
MD5

833745f7d2c3c37d69e577a62a5ed734
SHA1

b71dbbbadf19ba0e58a1c6bce56fc32eed18d7ec
SHA256

1b49b17b51b56b44cf438bc571bc337b6132475ed33839b0ee5682ad548ec0b3
SHA512

d675b29d496fe5820414baefe7fc8fee4ab59bb6e84673689241183154c8c8daf3b7139f0671f0de8dde6810b76e1115e8ef40cc476cc96179163c544c3517cf
SSDEEP

49152:udftIbKu/pHY0iuSwIbFLOAkGy3zdnErPSCTomFDS+BHEuSlVnPgMQ:ayV/pHHmFLOAkGkzdnEVomFHKnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b49b17b51b56b44cf438bc571bc337b6132475ed33839b0ee5682ad548ec0b3

Files

1b49b17b51b56b44cf438bc571bc337b6132475ed33839b0ee5682ad548ec0b3
.exe windows x86

3947aad9259edb8cf7ec6faf9c62ae13

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc120u

ord992
ord13771
ord6252
ord14527
ord6253
ord14528
ord6251
ord14526
ord7884
ord12402
ord14326
ord11857
ord11858
ord1992
ord7825
ord12818
ord4047
ord4109
ord9279
ord14454
ord7806
ord14448
ord12412
ord12413
ord2444
ord10260
ord5262
ord8206
ord7881
ord4546
ord12736
ord12799
ord10314
ord12122
ord8268
ord1467
ord7542
ord8352
ord2163
ord1449
ord13302
ord949
ord7206
ord286
ord2478
ord3911
ord450
ord13149
ord13907
ord4606
ord4128
ord2640
ord12941
ord887
ord1386
ord3654
ord999
ord5328
ord8699
ord12899
ord14094
ord8636
ord9137
ord9349
ord9582
ord12095
ord3790
ord2719
ord13616
ord6123
ord10919
ord6743
ord3218
ord3324
ord7954
ord10166
ord9019
ord6020
ord6436
ord13135
ord293
ord5330
ord4280
ord7002
ord458
ord12047
ord7382
ord1517
ord6032
ord6400
ord3105
ord4179
ord8626
ord2951
ord3829
ord1067
ord9009
ord6492
ord4182
ord6758
ord9013
ord5887
ord10168
ord10167
ord10165
ord10169
ord5557
ord11600
ord11601
ord9020
ord11964
ord3795
ord11811
ord14447
ord8846
ord6875
ord10883
ord3224
ord13738
ord12134
ord12132
ord1711
ord1723
ord1731
ord1727
ord1736
ord4879
ord4920
ord4887
ord4899
ord4895
ord4891
ord4928
ord4916
ord4883
ord4932
ord4905
ord4867
ord4874
ord4909
ord4459
ord5693
ord9574
ord4451
ord3013
ord14449
ord7807
ord14455
ord6774
ord13333
ord5332
ord11999
ord3898
ord3329
ord3330
ord3223
ord12043
ord5157
ord5454
ord5664
ord9231
ord5430
ord5160
ord5316
ord5137
ord7609
ord7610
ord7600
ord5314
ord8101
ord8628
ord4184
ord14237
ord2484
ord4842
ord3889
ord6510
ord13153
ord6392
ord3839
ord2480
ord6469
ord2204
ord4772
ord4621
ord4620
ord2948
ord5824
ord1521
ord3809
ord5821
ord12114
ord8099
ord12126
ord12094
ord5667
ord10131
ord9090
ord6389
ord266
ord265
ord1506
ord7704
ord7384
ord9116
ord12048
ord462
ord7004
ord1110
ord7951
ord7946
ord13516
ord5753
ord2262
ord2173
ord2214
ord12006
ord6121
ord13612
ord1518
ord1042
ord280
ord285
ord296
ord2967
ord14180
ord2718
ord9091
ord8064
ord5787
ord1108
ord8921
ord10896
ord11271
ord1658
ord10353
ord4049
ord3361
ord3362
ord3122
ord3263
ord3260
ord10136
ord1177
ord8092
ord11592
ord13563
ord5838
ord13997
ord5327
ord4196
ord5324
ord1105
ord1508
ord2367

msvcr120

malloc
_controlfp_s
_invoke_watson
__crtSetUnhandledExceptionFilter
_except_handler4_common
?terminate@@YAXXZ
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
??1type_info@@UAE@XZ
_commode
_fmode
_wcmdln
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__crtGetShowWindowMode
_XcptFilter
free
strcat_s
memcpy_s
atoi
atof
fseek
fread
strlen
_CxxThrowException
vsprintf_s
strcmp
strcpy_s
fopen_s
fclose
memset
__CxxFrameHandler3
_wtoi64
_wtoi

kernel32

lstrlenA
FreeLibrary
VirtualQuery
MultiByteToWideChar
LoadLibraryExW
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
GetProcAddress
GetModuleFileNameW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
GetProcessHeap
HeapFree
HeapAlloc
DecodePointer
WideCharToMultiByte
LocalFree
InterlockedDecrement
IsDBCSLeadByte
WritePrivateProfileStringW
GetPrivateProfileIntW
OutputDebugStringW

user32

GetWindowLongW
KillTimer
SetTimer
LoadIconW
LoadBitmapW
SetWindowLongW
SendMessageW
OffsetRect
GetWindowRect
GetWindowTextW
InvalidateRect
DrawIcon
GetSystemMenu
GetSystemMetrics
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetLayeredWindowAttributes
ShowWindow
DrawEdge
GetCursorPos
MessageBoxW
GetClientRect
RedrawWindow
GetSubMenu
LoadMenuW
EnableWindow

gdi32

BitBlt
CreateSolidBrush
GetObjectW
GetStockObject
CreateCompatibleDC

shell32

ShellExecuteW

comctl32

InitCommonControlsEx

ole32

CoCreateInstance
CoUninitialize
CoInitialize
OleRun

oleaut32

SysFreeString
VariantCopy
VariantClear
VariantInit
SysAllocStringByteLen
SysStringByteLen
SysAllocString
GetErrorInfo

msvcp120

?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ

Sections

.text
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3947aad9259edb8cf7ec6faf9c62ae13

Headers

DLL Characteristics

File Characteristics

Imports

mfc120u

msvcr120

kernel32

user32

gdi32

shell32

comctl32

ole32

oleaut32

msvcp120

Sections

.text Size: 198KB - Virtual size: 197KB

.rdata Size: 73KB - Virtual size: 73KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 2.6MB - Virtual size: 2.6MB

.reloc Size: 17KB - Virtual size: 17KB

.text
Size: 198KB - Virtual size: 197KB

.rdata
Size: 73KB - Virtual size: 73KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

.reloc
Size: 17KB - Virtual size: 17KB