1d918672deba3ce90a0303f8bbfae12fe4a26ea4b1d144cade00339804c23b80

Sharing

Copy URL Twitter E-mail

General

Target

1d918672deba3ce90a0303f8bbfae12fe4a26ea4b1d144cade00339804c23b80
Size

11.2MB
MD5

4af70dc0b945e7f114354ea60c4feb64
SHA1

1fb02bdceb1dda818e7b2b786cb004b53ef2ceac
SHA256

1d918672deba3ce90a0303f8bbfae12fe4a26ea4b1d144cade00339804c23b80
SHA512

4ace253a34ed18213ab82f3663ef151b5118dd0616e089fc838d3b8db34e7bf80d94a0e9e922da7dda8a0e2aa8f5a72c7467763b937fdbfbd552da675f0e1edb
SSDEEP

196608:gk6JVQAGbwNVC/wuEicClexczYHYXwLo+57NYBsK8Gy0MC4ldi+:gk6JG8PeSi5lePH2wLZ57SBx53MCC4+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d918672deba3ce90a0303f8bbfae12fe4a26ea4b1d144cade00339804c23b80

Files

1d918672deba3ce90a0303f8bbfae12fe4a26ea4b1d144cade00339804c23b80
.exe windows x86

87bfaa6ac14d40730b5beeacd77b32ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

kernel32

GetStringTypeW
LoadLibraryA
GetProcAddress
FreeLibrary
GetCommandLineA
GetStartupInfoA
CreateProcessA
WaitForSingleObject
DeleteFileA
SetFileAttributesA
WriteFile
CloseHandle
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetUserDefaultLCID
MultiByteToWideChar
LCMapStringA
GetTickCount
WritePrivateProfileStringA
CreateThread
Sleep
GetPrivateProfileStringA
GetModuleFileNameA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetACP
lstrlenA
GetTempPathA
GetSystemDirectoryA
GetWindowsDirectoryA
GetVersionExA
GetCurrentProcess
MulDiv
lstrcatA
lstrcpyA
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
LocalAlloc
LocalFree
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
lstrcpynA
GlobalFlags
InterlockedDecrement
InterlockedIncrement
SetLastError
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetVersion
LockResource
LoadResource
FindResourceA
GetProcessVersion
SetErrorMode
SetFilePointer
FlushFileBuffers
GetCPInfo
GetOEMCP
RtlUnwind
RaiseException
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
IsBadReadPtr
SetStdHandle
IsBadCodePtr
TerminateProcess
GetModuleHandleA
WideCharToMultiByte
lstrlenW
RtlMoveMemory
VirtualProtect
CreateFileA
GetLastError
GetProcessHeap
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree

user32

IsDialogMessageA
ShowWindow
SetFocus
GetSystemMetrics
GetWindowPlacement
IsIconic
SystemParametersInfoA
RegisterWindowMessageA
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
GetPropA
SetPropA
GetClassLongA
DestroyWindow
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
AdjustWindowRectEx
MapWindowPoints
UpdateWindow
LoadIconA
LoadCursorA
GetSysColorBrush
LoadStringA
UnregisterClassA
PostThreadMessageA
DestroyMenu
CreateDialogIndirectParamA
EndDialog
GetMenuItemCount
UnhookWindowsHookEx
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
SendDlgItemMessageA
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
GetWindowRect
PtInRect
GetClassNameA
GetMenuCheckMarkDimensions
GetMenuState
ReleaseDC
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
MessageBoxA
SetWindowPos
IsWindow
SetLayeredWindowAttributes
GetClientRect
GetWindowThreadProcessId
FindWindowA
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
SetWindowsHookExA
GetLastActivePopup
GetWindowLongA
SetCursor
PostMessageA
PostQuitMessage
UnregisterHotKey
SetWindowLongA
SetCapture
SendMessageA
ScreenToClient
ReleaseCapture
RegisterHotKey
LoadBitmapA
GetSysColor
GetDC
GetCursorPos
CreateWindowExA
CallWindowProcA
SetForegroundWindow
SetActiveWindow
GetActiveWindow
GetForegroundWindow
IsWindowEnabled
GetParent
EnableWindow
RegisterClipboardFormatA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
OleRun
CLSIDFromProgID
CLSIDFromString
CoCreateInstance

gdi32

DeleteObject
GetDeviceCaps
TranslateCharsetInfo
CreateBitmap
DeleteDC
SaveDC
RestoreDC
SelectObject
CreateFontA
SetBkColor
SetTextColor
Escape
ExtTextOutA
GetObjectA
GetStockObject
TextOutA
RectVisible
PtVisible
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

oledlg

ord8

oleaut32

SafeArrayGetDim
VariantTimeToSystemTime
VariantInit
SafeArrayGetLBound
SafeArrayDestroy
VariantClear
SysAllocString
SafeArrayCreate
VariantCopy
RegisterTypeLi
LHashValOfNameSys
LoadTypeLi
VariantChangeType
SafeArrayGetElemsize
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound

shlwapi

PathFileExistsA

shell32

DragAcceptFiles
DragQueryFileA
DragFinish
SHGetSpecialFolderPathA

comctl32

ImageList_Add
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_EndDrag
ord17
ImageList_BeginDrag

Sections

.text
Size: 368KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 824KB - Virtual size: 821KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10.0MB - Virtual size: 10.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87bfaa6ac14d40730b5beeacd77b32ee

Headers

File Characteristics

Imports

winmm

kernel32

user32

advapi32

ole32

gdi32

winspool.drv

oledlg

oleaut32

shlwapi

shell32

comctl32

Sections

.text Size: 368KB - Virtual size: 365KB

.rdata Size: 824KB - Virtual size: 821KB

.data Size: 10.0MB - Virtual size: 10.1MB

.rsrc Size: 4KB - Virtual size: 640B

.text
Size: 368KB - Virtual size: 365KB

.rdata
Size: 824KB - Virtual size: 821KB

.data
Size: 10.0MB - Virtual size: 10.1MB

.rsrc
Size: 4KB - Virtual size: 640B