18f47eeabcd03b3640bb0377329eb30f62bb6787a6bea4027692115911fbfa2f

Sharing

Copy URL

Twitter E-mail

General

Target

18f47eeabcd03b3640bb0377329eb30f62bb6787a6bea4027692115911fbfa2f
Size

3.0MB
MD5

660f9d732b9f457bf3c40d7d9b23aab0
SHA1

e1ccbe7b748fcca917b81f86747c3bf1daecec04
SHA256

18f47eeabcd03b3640bb0377329eb30f62bb6787a6bea4027692115911fbfa2f
SHA512

46593f8f9da43ab24b3e61cb5e16a1f739216476035e15e3b0621d11e5f34fb256c17f4e036bbd9d9c68c3478a7a0af46ad17e3eb2c41f63660601ff7eed435d
SSDEEP

49152:o1bzkQRp2s8O1Jr7DGEII7Zz2UxZuYvodTJafdLv7JofrOs1sHdHhVzk:y0O1x7DGEII7Zz2UxZuUoeLCrOs6HPo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18f47eeabcd03b3640bb0377329eb30f62bb6787a6bea4027692115911fbfa2f

Files

18f47eeabcd03b3640bb0377329eb30f62bb6787a6bea4027692115911fbfa2f
.exe windows:4 windows x86

f2567e2bde95c059fe332f51897741fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ValidateRect
ReleaseDC
GetDC
GetClientRect
DestroyIcon
DestroyWindow
SetWindowLongA
GetWindow
SendMessageA
TrackPopupMenu
SetMenuDefaultItem
GetMenuState
ReleaseCapture
SetCapture
GetActiveWindow
IsChild
GetFocus
SetActiveWindow
SetWindowPos
SetFocus
GetClassWord
GetParent
EnableMenuItem
GetSystemMenu
MessageBoxA
GetDlgItem
GetWindowLongA
GetSysColorBrush
GetSysColor
GetClassLongA
LoadImageA
FillRect
EnableWindow
ScreenToClient
GetWindowRect
SetParent
GetClassNameA
SetDlgItemTextA
GetDlgItemTextA
SendDlgItemMessageA
CheckDlgButton
IsDlgButtonChecked
IsWindowVisible
InvalidateRect
CreateDialogIndirectParamA
DialogBoxParamA
ShowWindow
AdjustWindowRectEx
GetNextDlgTabItem
MapDialogRect
RedrawWindow
LoadIconA
GetWindowTextLengthA
CreateWindowExA
CallWindowProcA
MapWindowPoints
GetUpdateRect
SetCursor
RegisterClassA
GetClassInfoA
ValidateRgn
DestroyMenu
GetMenuStringA
GetMenuItemInfoA
GetMenuItemCount
LoadStringA
ClientToScreen
GetDesktopWindow
LoadCursorA
SetCursorPos
MessageBeep
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetSystemMetrics
GetScrollInfo
TranslateMessage
GetMessageA
IsZoomed
IsIconic
CharNextA
EnumChildWindows
GetClipboardData
EnumWindows
MoveWindow
SetScrollPos
DrawMenuBar
CreatePopupMenu
SetTimer
GetMessageTime
GetCursorPos
ArrangeIconicWindows
KillTimer
CreateAcceleratorTableA
CreateMenu
InsertMenuA
AdjustWindowRect
TranslateAcceleratorA
IsDialogMessageA
BeginPaint
EndPaint
GetSubMenu
IsClipboardFormatAvailable
CheckMenuItem
AppendMenuA
SetMenuItemInfoA
DeleteMenu
GetCaretPos
DestroyAcceleratorTable
ScrollWindowEx
BringWindowToTop
UnregisterClassA
RegisterWindowMessageA
CreateDialogParamA
LoadMenuA
LoadAcceleratorsA
SetScrollInfo
GetKeyState
GetDlgCtrlID
SetWindowTextA
EndDialog
UpdateWindow
GetWindowTextA
wsprintfA
PeekMessageA
DispatchMessageA
DefWindowProcA
GetMenu
GetWindowPlacement
SetWindowPlacement
SetMenu

gdi32

Polygon
SetMetaFileBitsEx
SaveDC
ScaleViewportExtEx
SetViewportOrgEx
SetViewportExtEx
PlayMetaFile
RestoreDC
CloseMetaFile
CopyMetaFileA
GetMetaFileBitsEx
DeleteMetaFile
CreateMetaFileA
StretchDIBits
SetWindowOrgEx
SetWindowExtEx
PlayEnhMetaFile
SetEnhMetaFileBits
CreateEnhMetaFileA
ExtCreatePen
Arc
Polyline
UnrealizeObject
SetPaletteEntries
Pie
SelectClipRgn
Ellipse
CreatePatternBrush
GetTextFaceA
CreateFontIndirectA
GetTextExtentPointA
MoveToEx
GetCurrentPositionEx
CreatePen
LineTo
GetTextExtentPoint32A
GetTextMetricsA
IntersectClipRect
TextOutA
CreateDCA
StartDocA
StartPage
EndPage
EndDoc
CreateRectRgn
FillRgn
CreatePalette
GetDIBits
StretchBlt
GetNearestPaletteIndex
SetPixel
Rectangle
CreateICA
SetROP2
SelectPalette
RealizePalette
SetTextAlign
SetBkMode
ExtTextOutA
CloseEnhMetaFile
CopyEnhMetaFileA
GetDeviceCaps
CreateFontA
GetObjectA
CreateCompatibleBitmap
CreateBitmap
GetPixel
GetMapMode
SetMapMode
SetTextColor
SetBkColor
GetNearestColor
CreateSolidBrush
GetStockObject
DeleteObject
DeleteEnhMetaFile
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC

kernel32

GetTickCount
ExitProcess
GetDiskFreeSpaceA
GetLocalTime
_llseek
CompareStringW
CompareStringA
GetOEMCP
GetCPInfo
GetTimeZoneInformation
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapCreate
HeapDestroy
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
RtlUnwind
HeapReAlloc
MultiByteToWideChar
UnhandledExceptionFilter
TerminateProcess
HeapFree
HeapAlloc
GetStartupInfoA
FlushFileBuffers
GetFileInformationByHandle
GetTempPathA
GetTempFileNameA
ReadFile
SetThreadPriority
CreateFileA
CreateFileMappingA
MapViewOfFile
VirtualQuery
GetCurrentThread
DebugBreak
GetStdHandle
WriteFile
SetEndOfFile
VirtualFree
VirtualAlloc
GetCurrentProcess
Sleep
RaiseException
SetLastError
SetConsoleCtrlHandler
GetACP
SetFilePointer
GetFileType
_lread
GetProfileStringA
GlobalReAlloc
LocalSize
GetFullPathNameA
lstrcmpiA
lstrcatA
FreeLibrary
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetFileAttributesA
GlobalLock
GlobalUnlock
GetLocaleInfoA
FindResourceA
LoadResource
LockResource
MulDiv
FreeResource
GlobalAlloc
GlobalFree
lstrcmpA
LocalAlloc
LocalFree
_lwrite
lstrlenA
FormatMessageA
lstrcpynA
GetDriveTypeA
GetModuleFileNameA
GetCommandLineA
FindNextFileA
lstrcpyA
FileTimeToDosDateTime
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
SetFileAttributesA
CreateProcessA
WaitForSingleObject
CloseHandle
CopyFileA
MoveFileA
DeleteFileA
GetSystemDirectoryA
SetErrorMode
GetVolumeInformationA
GetCurrentDirectoryA
CreateDirectoryA
RemoveDirectoryA
GetVersion
GetVersionExA
GetEnvironmentVariableA
SetEnvironmentVariableA
WinExec
GetLastError
_lclose
_lcreat
_lopen
_hread
_hwrite
SetCurrentDirectoryA

advapi32

RegQueryValueExA
GetUserNameA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey

comdlg32

ChooseColorA
CommDlgExtendedError
PageSetupDlgA
ChooseFontA
FindTextA
GetSaveFileNameA
GetOpenFileNameA
ReplaceTextA

shell32

FindExecutableA
SHBrowseForFolderA
SHGetMalloc
SHGetPathFromIDListA

winmm

mciSendCommandA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CODESEG
Size: 4KB - Virtual size: 30B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 628KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2567e2bde95c059fe332f51897741fc

Headers

File Characteristics

Imports

user32

gdi32

kernel32

advapi32

comdlg32

shell32

winmm

winspool.drv

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

CODESEG Size: 4KB - Virtual size: 30B

.rdata Size: 180KB - Virtual size: 176KB

.data Size: 628KB - Virtual size: 1.3MB

.trace Size: 84KB - Virtual size: 83KB

.rsrc Size: 208KB - Virtual size: 207KB

.text
Size: 1.9MB - Virtual size: 1.9MB

CODESEG
Size: 4KB - Virtual size: 30B

.rdata
Size: 180KB - Virtual size: 176KB

.data
Size: 628KB - Virtual size: 1.3MB

.trace
Size: 84KB - Virtual size: 83KB

.rsrc
Size: 208KB - Virtual size: 207KB