1d0a36d115b958ed05ea67c96b324a275be60198786a2a56dc634f6502949a53

Sharing

Copy URL

Twitter E-mail

General

Target

1d0a36d115b958ed05ea67c96b324a275be60198786a2a56dc634f6502949a53
Size

468KB
MD5

34ae9714cd9115bade18d38426049c21
SHA1

e56b4f240f6f7ba2a8a42d5f9142003e1d30275d
SHA256

1d0a36d115b958ed05ea67c96b324a275be60198786a2a56dc634f6502949a53
SHA512

167a0b09c1895306b3ec3b5136bb4454e3f19e4407f2c09ca05cce4f20a21a14c1c4e5eb476378dd5d828185a1b8523810f56835c9ecc47b56ba698fa9628e89
SSDEEP

12288:iBQbOtLTGqONXURCtrMQOR5qAO2XYZKs:Ly/OFNRMqAO8YZKs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d0a36d115b958ed05ea67c96b324a275be60198786a2a56dc634f6502949a53

Files

1d0a36d115b958ed05ea67c96b324a275be60198786a2a56dc634f6502949a53
.exe windows:4 windows x86

6b53c0cfca8465aba2e9b50f9d11644a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

TerminateThread
lstrlenW
MultiByteToWideChar
GetStringTypeExW
GetThreadLocale
WideCharToMultiByte
Sleep
SetLastError
GetCurrentThreadId
CreateMutexW
SetErrorMode
GetFileSize
FindClose
GetTempPathW
GetCurrentProcess
GetSystemDirectoryW
GetWindowsDirectoryW
CreateDirectoryW
FindNextFileW
WritePrivateProfileStringW
DeleteFileW
ReadFile
FlushFileBuffers
UnmapViewOfFile
SetFilePointer
SetEndOfFile
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
FileTimeToSystemTime
SystemTimeToFileTime
GetLocalTime
GetDateFormatW
GetLastError
GetTickCount
LoadLibraryW
LoadLibraryExW
FreeLibrary
GetProcAddress
CreateProcessW
GetExitCodeProcess
TerminateProcess
EnumResourceTypesW
EnumResourceNamesW
EnumResourceLanguagesW
SetUnhandledExceptionFilter
GetThreadSelectorEntry
GetCurrentProcessId
GetVersionExA
GetEnvironmentVariableW
GetModuleFileNameA
GetVersionExW
GetVolumeInformationW
GetSystemDefaultLangID
GetUserDefaultLangID
CreateEventW
SetEvent
ResetEvent
WaitForMultipleObjectsEx
QueryPerformanceFrequency
QueryPerformanceCounter
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetPrivateProfileStringW
lstrlenA
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
HeapFree
HeapReAlloc
RaiseException
HeapSize
TlsSetValue
TlsAlloc
TlsGetValue
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
GetStringTypeA
GetStringTypeW
SetStdHandle
VirtualProtect
FlushInstructionCache
CreateThread
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
InterlockedDecrement
InterlockedIncrement
MulDiv
FindResourceExW
LoadResource
SizeofResource
LockResource
GetCurrentDirectoryW
LocalAlloc
LocalFree
GetModuleFileNameW
WriteFile
CloseHandle
FormatMessageW
GetModuleHandleW
CreateActCtxW
ActivateActCtx
DeactivateActCtx
ReleaseActCtx
SetFileAttributesW
RemoveDirectoryW
GetCommandLineW
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
GetSystemTime
FindFirstFileW
GetFileAttributesW
GetTimeFormatW
CreateFileW

user32

SetWindowTextW
SendDlgItemMessageW
SetDlgItemTextW
GetDlgItemTextW
MapWindowPoints
GetDlgItem
ScreenToClient
GetWindowRect
PeekMessageW
MessageBoxW
SetWindowPlacement
IsWindow
GetForegroundWindow
MapDialogRect
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
IsClipboardFormatAvailable
EndDialog
DialogBoxIndirectParamW
CopyRect
DrawMenuBar
RemoveMenu
GetWindowDC
RegisterClipboardFormatW
MsgWaitForMultipleObjects
LoadBitmapW
DrawEdge
GetKeyState
GetDlgCtrlID
InflateRect
GetWindowTextLengthW
PtInRect
WindowFromPoint
GetMenu
LoadMenuIndirectW
LoadMenuW
GetSubMenu
DrawFocusRect
UnhookWindowsHookEx
SetWindowsHookExW
DestroyIcon
RegisterWindowMessageW
CharNextW
CharLowerW
DeleteMenu
GetSysColorBrush
FrameRect
DrawTextW
GetMenuItemCount
GetMenuItemInfoW
SetMenuItemInfoW
GetSysColor
BeginPaint
GetParent
FillRect
EndPaint
GetWindowTextW
InvalidateRect
GetClassLongW
SetClassLongW
DefWindowProcW
PostQuitMessage
DefFrameProcW
GetMessageW
DestroyWindow
TranslateMDISysAccel
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
RemovePropW
SetWindowLongW
GetWindowLongW
ClientToScreen
GetClientRect
IsDialogMessageW
LoadAcceleratorsW
LoadIconW
RegisterClassExW
ShowWindow
GetWindow
GetDC
ReleaseDC
ReleaseCapture
GetCursorPos
SetCapture
SystemParametersInfoW
ChangeDisplaySettingsW
EnumDisplaySettingsW
SetWindowPos
AdjustWindowRectEx
GetWindowPlacement
SetTimer
CreateWindowExW
GetSystemMetrics
SetCursor
CallNextHookEx
PostMessageW
CallWindowProcW
KillTimer
SetFocus
SetForegroundWindow
SendMessageW
LoadCursorW
SetMenu
EnableMenuItem
TrackPopupMenu
LoadImageW
DestroyMenu
SetPropW
GetPropW
UpdateWindow

ole32

ReleaseStgMedium
CoUninitialize
CLSIDFromProgID
CoInitialize
StringFromGUID2
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CLSIDFromString
OleRun
OleSetContainedObject
OleDraw
OleSetMenuDescriptor
OleSave
CoCreateInstance
CoTaskMemFree
CoCreateGuid

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

comctl32

ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create

winmm

timeGetTime

gdi32

GetStockObject
CreateCompatibleDC
CreateDIBSection
CreatePen
SelectObject
DeleteObject
CreateSolidBrush
GetTextMetricsW
RoundRect
SetBkColor
SetTextColor
SetBkMode
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
StretchBlt
GdiFlush
DeleteDC
SaveDC
CreateFontIndirectW
EnumFontFamiliesExW
Rectangle
SetROP2
CreateHatchBrush
CreateFontW
RestoreDC
SetStretchBltMode
GetPixel
Ellipse
GetDeviceCaps
GetObjectW

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

advapi32

RegCloseKey
RegDeleteValueW
RegSetValueExW
RegCreateKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
CryptAcquireContextW
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptDestroyKey
CryptReleaseContext
CryptDeriveKey
CryptDecrypt

shell32

DragQueryFileW
ShellExecuteExW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
Shell_NotifyIconW
SHGetFileInfoW

oleaut32

SysAllocString
SysFreeString
OleLoadPicture
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
VariantClear
VariantInit
SafeArrayPtrOfIndex
SafeArrayCreate
GetErrorInfo

Sections

.text
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b53c0cfca8465aba2e9b50f9d11644a

Headers

File Characteristics

Imports

kernel32

user32

ole32

version

comctl32

winmm

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 244KB - Virtual size: 241KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 32KB - Virtual size: 44KB

.rsrc Size: 132KB - Virtual size: 130KB

.text
Size: 244KB - Virtual size: 241KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 32KB - Virtual size: 44KB

.rsrc
Size: 132KB - Virtual size: 130KB