1d25548613ae92575cf99b1687c768119d05451891f3a9b899720ccf3b9de88e

Sharing

Copy URL Twitter E-mail

General

Target

1d25548613ae92575cf99b1687c768119d05451891f3a9b899720ccf3b9de88e
Size

538KB
MD5

f833b2e8e49e7c23d0b400a2168c9e0e
SHA1

bd1b001bb8007ba4071c61d9f84f65055a24345e
SHA256

1d25548613ae92575cf99b1687c768119d05451891f3a9b899720ccf3b9de88e
SHA512

9d5a9d7ad611d199918c5b69165a799d55920856e32a43ebc99067b9267d581e0c5e5e6389c36c2e2ce5464fc9b683073c1e687ec778f583c70ac1203133e8ab
SSDEEP

6144:Zq0uPor0GzC+eiu0v8KzVLVnYgdFDyWg/iAUUxT7j37/Djv/z5A1iCGTxR:U0Lr05sv/VnLk37/Djv/VDCGTxR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d25548613ae92575cf99b1687c768119d05451891f3a9b899720ccf3b9de88e

Files

1d25548613ae92575cf99b1687c768119d05451891f3a9b899720ccf3b9de88e
.exe windows x86

e7af2efd4be41e4e278b2ad9ab7f807c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc140

ord6523
ord7461
ord10421
ord10330
ord7618
ord6831
ord10202
ord5742
ord12074
ord12869
ord4580
ord12190
ord12182
ord5894
ord3844
ord6323
ord14582
ord6324
ord14583
ord6322
ord14581
ord7964
ord12474
ord14380
ord8997
ord11928
ord11927
ord2027
ord7905
ord12888
ord4082
ord4143
ord9353
ord14507
ord10963
ord7886
ord11343
ord14509
ord12485
ord12484
ord2383
ord2381
ord2387
ord4084
ord2484
ord2241
ord2407
ord982
ord1456
ord928
ord1410
ord7152
ord265
ord300
ord1044
ord2210
ord2292
ord2467
ord13882
ord13197
ord1507
ord2251
ord3874
ord316
ord4807
ord1661
ord2298
ord2520
ord2518
ord13011
ord5861
ord3924
ord2524
ord4869
ord4865
ord4870
ord8435
ord2986
ord450
ord14044
ord1106
ord1529
ord3856
ord2940
ord5109
ord13026
ord13027
ord8770
ord8326
ord3949
ord4162
ord4639
ord3177
ord5930
ord898
ord12582
ord8188
ord1526
ord4315
ord8146
ord12826
ord8717
ord4655
ord8322
ord13234
ord3861
ord540
ord1696
ord1693
ord1692
ord310
ord301
ord13193
ord8672
ord4656
ord1169
ord14571
ord12348
ord14518
ord12291
ord2376
ord11580
ord10686
ord3825
ord1000
ord1472
ord1458
ord1064
ord8732
ord13475
ord14291
ord362
ord12969
ord1066
ord358
ord983
ord7783
ord8426
ord7078
ord8713
ord1111
ord1109
ord1068
ord3689
ord5336
ord12863
ord462
ord1131
ord7782
ord500
ord11907
ord12294
ord2880
ord14520
ord1140
ord12162
ord993
ord1468
ord1444
ord7961
ord2200
ord952
ord13830
ord8776
ord5401
ord4468
ord14149
ord5898
ord305
ord14238
ord3005
ord968
ord890
ord1389
ord10986
ord13556
ord3597
ord14048
ord13724
ord13730
ord12734
ord14054
ord1443
ord501
ord4085
ord6290
ord1141
ord6200
ord1403
ord2165
ord3396
ord3395
ord3159
ord6193
ord13677
ord2758
ord12116
ord9192
ord9167
ord3864
ord2988
ord8703
ord4213
ord3142
ord9085
ord6471
ord7619
ord4210
ord3140
ord9083
ord12032
ord14502
ord12163
ord4958
ord11663
ord12067
ord3933
ord6104
ord6464
ord5192
ord12963
ord14040
ord12960
ord14029
ord8838
ord14032
ord13619
ord13966
ord13230
ord13028
ord13036
ord12808
ord12894
ord12521
ord12501
ord13699
ord13202
ord6502
ord6724
ord8705
ord4218
ord6581
ord6460
ord6533
ord6463
ord6768
ord6540
ord6777
ord3254
ord6195
ord13681
ord3298
ord3295
ord8173
ord2759
ord14699
ord10237
ord10239
ord10238
ord10236
ord10240
ord5631
ord11671
ord11672
ord9096
ord3830
ord11881
ord8922
ord6947
ord10950
ord9213
ord3259
ord13798
ord12205
ord12201
ord1717
ord1739
ord1765
ord1751
ord1772
ord4920
ord4987
ord4932
ord4950
ord4944
ord4938
ord4997
ord4981
ord4926
ord5003
ord4896
ord4911
ord4972
ord4493
ord9647
ord4485
ord3050
ord14510
ord7887
ord14508
ord6848
ord13628
ord5911
ord2680
ord12194
ord10383
ord8180
ord314
ord3364
ord3363
ord3258
ord12111
ord5228
ord5528
ord5739
ord9305
ord5504
ord5769
ord5231
ord5390
ord5210
ord8285
ord12806
ord8347
ord8429
ord7687
ord7688
ord6507
ord6806
ord9092
ord3250
ord4227
ord6774
ord3231
ord3351
ord8718
ord7677
ord5388
ord8182
ord10207
ord9166

kernel32

GetLastError
CreateFileA
SetupComm
SetCommTimeouts
GetCommState
SetCommState
ClearCommError
Sleep
TerminateThread
GetExitCodeThread
LocalFree
DeleteCriticalSection
GetModuleHandleW
GetProcAddress
CloseHandle
PurgeComm
SetCommMask
ReadFile
DecodePointer
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetCPInfo
lstrcmpiA
OutputDebugStringW
GetVersion
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
FindResourceA
LoadResource
LockResource
FreeResource
WriteFile

user32

FillRect
DrawEdge
CreateMenu
CreatePopupMenu
AppendMenuA
GetMenuItemCount
LoadBitmapW
GetMenuState
GetSubMenu
ModifyMenuA
GetDC
ReleaseDC
GetDesktopWindow
SetRect
CopyRect
GetMenuItemID
DrawTextA
LoadIconW
KillTimer
SetTimer
IsIconic
GetSystemMenu
DrawIcon
LoadImageA
PostMessageA
SetCursor
DestroyCursor
GetWindowLongA
WindowFromPoint
GetParent
GetSysColor
DrawIconEx
DestroyIcon
GetSystemMetrics
SystemParametersInfoA
GetSysColorBrush
GetMenuItemInfoA
EnableWindow
TabbedTextOutA
DrawTextExA
GrayStringA
IsMenu
SendMessageA
DrawStateA
GetIconInfo
CreateIconIndirect
InflateRect
OffsetRect
FrameRect
DrawFocusRect
GetWindowRect
GetClientRect
ClientToScreen
InvalidateRect
GetActiveWindow
GetNextDlgTabItem

vcruntime140

memset
memmove
_CxxThrowException
__vcrt_InitializeCriticalSectionEx
_except_handler4_common
__FrameUnwindFilter
__RTDynamicCast
__CxxFrameHandler3
__CxxUnregisterExceptionObject
__CxxDetectRethrow
__CxxQueryExceptionSize
__CxxExceptionFilter
__CxxRegisterExceptionObject

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode
fclose
fread
rewind
fopen
fseek
ftell
__stdio_common_vsscanf

api-ms-win-crt-heap-l1-1-0

malloc
free
_set_new_mode

api-ms-win-crt-runtime-l1-1-0

_set_app_type
_configure_narrow_argv
_seh_filter_exe
_get_narrow_winmain_command_line
_errno
_initterm
abort
_initialize_narrow_environment
_invalid_parameter_noinfo
_initterm_e
exit
_controlfp_s
_crt_atexit
_register_onexit_function
_initialize_onexit_table
terminate
_exit
_register_thread_local_exe_atexit_callback
_c_exit
_cexit

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_setmbcp
_configthreadlocale

gdi32

GetTextExtentPoint32W
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
PtVisible
GetTextExtentPoint32A
CreateCompatibleDC
ExtTextOutA
Escape
GetStockObject
CreateBitmap
SetBkColor
SetPixel
GetPixel
BitBlt
PatBlt
Ellipse
GetBkMode
RectVisible
GetDeviceCaps
GetObjectA
CreateCompatibleBitmap
CreateSolidBrush
CreatePen
TextOutA
CreateFontIndirectA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueExA

shell32

ShellExecuteExA

comctl32

ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Draw
_TrackMouseEvent
InitCommonControlsEx
ImageList_AddMasked

shlwapi

PathFileExistsA

api-ms-win-crt-time-l1-1-0

_localtime64_s
_time64

api-ms-win-crt-convert-l1-1-0

atof
atoi

mscoree

_CorExeMain

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7af2efd4be41e4e278b2ad9ab7f807c

Headers

DLL Characteristics

File Characteristics

Imports

mfc140

kernel32

user32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

gdi32

advapi32

shell32

comctl32

shlwapi

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-convert-l1-1-0

mscoree

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 130KB - Virtual size: 129KB

.data Size: 10KB - Virtual size: 13KB

.gfids Size: 512B - Virtual size: 60B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 291KB - Virtual size: 290KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 130KB - Virtual size: 129KB

.data
Size: 10KB - Virtual size: 13KB

.gfids
Size: 512B - Virtual size: 60B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 291KB - Virtual size: 290KB

.reloc
Size: 6KB - Virtual size: 6KB