1152b681826a073bb25ae68d3cb276275c2d9099ab76bce3c7ce0433a61c1ef1

Sharing

Copy URL

Twitter E-mail

General

Target

1152b681826a073bb25ae68d3cb276275c2d9099ab76bce3c7ce0433a61c1ef1
Size

1.1MB
MD5

6396285e74500b70884b821bca05e933
SHA1

f8dbd2c05ed00961fd4a21da3d4da6c00ecb5a29
SHA256

1152b681826a073bb25ae68d3cb276275c2d9099ab76bce3c7ce0433a61c1ef1
SHA512

eadcf59bba895ae5fe9675421de06aabf371bf627e56060a6b287574fda76b3d7a3b173a8c2a14c24fe76e2c95d58a28a54cef194943321aaa591dba05659983
SSDEEP

12288:8I3UyGWPb9fsgzfusuYxjnD927rru1NrO:8qNGWPxs+uY5Zlo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1152b681826a073bb25ae68d3cb276275c2d9099ab76bce3c7ce0433a61c1ef1

Files

1152b681826a073bb25ae68d3cb276275c2d9099ab76bce3c7ce0433a61c1ef1
.exe windows:4 windows x86 arch:x86

f39cf0ce7f04466fcee1eb3f0ff12d38

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

comctl32

CreateStatusWindowW
CreateToolbarEx
InitCommonControlsEx
PropertySheetW

comdlg32

ChooseFontW
FindTextW
GetOpenFileNameW
GetSaveFileNameW
PageSetupDlgW
PrintDlgW
ReplaceTextW

gdi32

BitBlt
CombineRgn
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateFontW
CreatePen
CreateRectRgnIndirect
DeleteDC
DeleteObject
EndDoc
EndPage
EnumFontFamiliesExW
FillRgn
GetCurrentObject
GetDeviceCaps
GetStockObject
GetTextExtentPointW
LineTo
MoveToEx
Rectangle
SelectObject
SetBkMode
SetRectRgn
SetTextAlign
StartDocW
StartPage
StretchBlt
TextOutW

kernel32

CloseHandle
CreateFileW
GetCommandLineA
GetCommandLineW
GetDateFormatW
GetLocalTime
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GetTickCount
GetTimeFormatW
GlobalLock
GlobalUnlock
HeapAlloc
HeapReAlloc
LoadLibraryW
MulDiv
QueryPerformanceCounter
QueryPerformanceFrequency
ReadFile
SetFilePointer
WriteFile
lstrcmpW
lstrcmpiW

ntdll

_vsnprintf

ole32

StgCreateDocfile

shell32

DragAcceptFiles
DragFinish
DragQueryFileW
SHGetFolderPathW
ShellAboutW

ucrtbase

__acrt_iob_func
__p___argc
__p___argv
__stdio_common_vfprintf
__stdio_common_vsprintf
__stdio_common_vswprintf
_configure_narrow_argv
_errno
_get_initial_narrow_environment
_initialize_narrow_environment
_set_app_type
_strdup
atoi
calloc
exit
free
fwrite
getenv
isspace
malloc
memcmp
memcpy
memmove
qsort
realloc
strchr
strcmp
strcpy
strcspn
strlen
wcstod

user32

BeginPaint
CallWindowProcW
CheckDlgButton
CheckMenuItem
CheckRadioButton
ClientToScreen
CreateWindowExW
DefWindowProcW
DestroyWindow
DialogBoxParamW
DispatchMessageW
DrawEdge
EnableMenuItem
EnableWindow
EndDialog
EndPaint
FillRect
GetClientRect
GetDC
GetDlgItem
GetMenu
GetMenuItemInfoW
GetMessagePos
GetMessageW
GetMonitorInfoW
GetParent
GetScrollInfo
GetScrollPos
GetSubMenu
GetSysColorBrush
GetSystemMetrics
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthW
GetWindowTextW
InsertMenuItemW
IntersectRect
InvalidateRect
IsDialogMessageW
IsDlgButtonChecked
IsWindowVisible
LoadAcceleratorsW
LoadCursorW
LoadIconW
LoadImageW
LoadMenuW
LoadStringW
MapWindowPoints
MessageBoxA
MessageBoxIndirectW
MessageBoxW
MonitorFromRect
MoveWindow
PeekMessageW
PostMessageW
PostQuitMessage
RegisterClassExW
RegisterWindowMessageW
ReleaseDC
RemoveMenu
ScreenToClient
ScrollWindow
SendMessageW
SetActiveWindow
SetCursor
SetFocus
SetMenu
SetMenuItemInfoW
SetScrollInfo
SetScrollPos
SetWindowLongW
SetWindowTextA
SetWindowTextW
ShowWindow
TrackPopupMenu
TrackPopupMenuEx
TranslateAcceleratorW
TranslateMessage
wsprintfW

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 392KB - Virtual size: 389KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 4KB - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/67
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/78
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/89
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/103
Size: 4KB - Virtual size: 730B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/119
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/135
Size: 4KB - Virtual size: 63B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f39cf0ce7f04466fcee1eb3f0ff12d38

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comctl32

comdlg32

gdi32

kernel32

ntdll

ole32

shell32

ucrtbase

user32

Sections

.text Size: 60KB - Virtual size: 57KB

.data Size: 4KB - Virtual size: 704B

.rdata Size: 40KB - Virtual size: 37KB

/4 Size: 8KB - Virtual size: 5KB

.bss Size: - Virtual size: 9KB

.idata Size: 8KB - Virtual size: 5KB

.rsrc Size: 392KB - Virtual size: 389KB

.reloc Size: 4KB - Virtual size: 3KB

/14 Size: 4KB - Virtual size: 344B

/29 Size: 228KB - Virtual size: 227KB

/41 Size: 12KB - Virtual size: 9KB

/55 Size: 40KB - Virtual size: 38KB

/67 Size: 4KB - Virtual size: 2KB

/78 Size: 56KB - Virtual size: 54KB

/89 Size: 8KB - Virtual size: 7KB

/103 Size: 4KB - Virtual size: 730B

/119 Size: 4KB - Virtual size: 1KB

/135 Size: 4KB - Virtual size: 63B

.text
Size: 60KB - Virtual size: 57KB

.data
Size: 4KB - Virtual size: 704B

.rdata
Size: 40KB - Virtual size: 37KB

/4
Size: 8KB - Virtual size: 5KB

.bss
Size: - Virtual size: 9KB

.idata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 392KB - Virtual size: 389KB

.reloc
Size: 4KB - Virtual size: 3KB

/14
Size: 4KB - Virtual size: 344B

/29
Size: 228KB - Virtual size: 227KB

/41
Size: 12KB - Virtual size: 9KB

/55
Size: 40KB - Virtual size: 38KB

/67
Size: 4KB - Virtual size: 2KB

/78
Size: 56KB - Virtual size: 54KB

/89
Size: 8KB - Virtual size: 7KB

/103
Size: 4KB - Virtual size: 730B

/119
Size: 4KB - Virtual size: 1KB

/135
Size: 4KB - Virtual size: 63B