188b966882905511f6bbc6b9b30e9d5fa260cc37d22a277048999438c7776552

Sharing

Copy URL Twitter E-mail

General

Target

188b966882905511f6bbc6b9b30e9d5fa260cc37d22a277048999438c7776552
Size

1023KB
MD5

709c5e073a73119cca17018a82b3bee8
SHA1

66390cb5286c0190c6a5e0b42ab90886577d60de
SHA256

188b966882905511f6bbc6b9b30e9d5fa260cc37d22a277048999438c7776552
SHA512

de532198acaec4629bcec34abecc693e20abec892e734c050503a943a06658cf6308440384167517ac0588b6185703a50a98c889b3022dfa9609ea9bb738fdc9
SSDEEP

24576:IyN5M47gVyZip7DYA72Wmu7VWNq61Pj2PNkIHdyxlCHBIZZ40Q58vnr:TbM47gVyIlYu2Wmu7QNXj2PNrKChiQY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
188b966882905511f6bbc6b9b30e9d5fa260cc37d22a277048999438c7776552

Files

188b966882905511f6bbc6b9b30e9d5fa260cc37d22a277048999438c7776552
.exe windows x86

375f4fa057aeb6a4fb5afa5d9233ddbd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenuBarInfo
GetAncestor
WindowFromPoint
RedrawWindow
IsZoomed
SetActiveWindow
SwitchToThisWindow
SetWindowPos
GetWindowRect
FindWindowExA
IsIconic
ShowWindow
IsWindowEnabled
GetWindowDC
MoveWindow
ReleaseDC
GetDlgItem
GetAsyncKeyState
GetCursorInfo
ChildWindowFromPointEx
GetDC
FillRect
DrawIconEx
EnableWindow
GetLastActivePopup
GetScrollInfo
GetMenu
GetSubMenu
GetMenuItemID
GetMenuStringA
MessageBoxTimeoutW
MapVirtualKeyA
AttachThreadInput
SetKeyboardState
GetWindowInfo
SendInput
SetWinEventHook
UnhookWinEvent
DrawIcon
EnumDisplaySettingsA
WindowFromDC
MessageBoxA
wsprintfA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
GetCursorPos
GetSystemMetrics
EnableMenuItem

kernel32

LoadLibraryA
GetProcAddress
FreeLibrary
LCMapStringA
GetEnvironmentVariableA
DeleteFileA
WriteFile
CreateFileA
GetFileSize
ReadFile
CloseHandle
GetModuleFileNameA
Sleep
GetTickCount
IsBadReadPtr
HeapReAlloc
ExitProcess
GetModuleHandleA
GetSystemInfo
CreateMutexA
CreateEventA
GlobalSize
lstrcpyn
GlobalUnlock
GetSystemDirectoryA
GetTempPathA
TerminateProcess
GetLogicalDriveStringsA
QueryDosDeviceA
WideCharToMultiByte
RtlMoveMemory
ReleaseMutex
GetProcessHeap
HeapAlloc
HeapFree
HeapDestroy
RtlZeroMemory
HeapCreate

gdi32

StretchBlt
GetCurrentObject
CreateBitmap
GetTextExtentPoint32A
CreateDIBitmap
GetStockObject
GetDIBits
BitBlt
CreateDIBSection
CreateSolidBrush
CreateCompatibleDC
Rectangle
SelectObject

shell32

SHAppBarMessage

shlwapi

PathIsDirectoryA
PathFileExistsA

gdiplus

GdiplusStartup
GdipCreateBitmapFromStream
GdipDeleteBrush
GdipCreateSolidFill
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdipFillRectangle
GdiplusShutdown
GdipSaveImageToStream
GdipDisposeImage
GdipDeleteGraphics
GdipDrawImageRectRect
GdipGetImageGraphicsContext

ole32

CoInitialize
CoUninitialize
CreateStreamOnHGlobal

ws2_32

WSACleanup

msvcrt

strstr
_CIpow
strrchr
strncpy
strchr
??3@YAXPAX@Z
??2@YAPAXI@Z
floor
modf
rand
_ftol
atoi
_CIfmod
sprintf
malloc
realloc
free

oleaut32

VariantTimeToSystemTime

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 524KB - Virtual size: 524KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 492KB - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

375f4fa057aeb6a4fb5afa5d9233ddbd

Headers

File Characteristics

Imports

user32

kernel32

gdi32

shell32

shlwapi

gdiplus

ole32

ws2_32

msvcrt

oleaut32

advapi32

Sections

.text Size: 524KB - Virtual size: 524KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 492KB - Virtual size: 540KB

.rsrc Size: 1024B - Virtual size: 664B

.text
Size: 524KB - Virtual size: 524KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 492KB - Virtual size: 540KB

.rsrc
Size: 1024B - Virtual size: 664B