138bb41d221855f8f08168519a5b8df8

Sharing

Copy URL Twitter E-mail

General

Target

138bb41d221855f8f08168519a5b8df8
Size

2.1MB
MD5

138bb41d221855f8f08168519a5b8df8
SHA1

6fa8501100617522730d6973a8db4c760ec132ca
SHA256

1500469be749cefae63c0e773864cd335de22d579aa94302ba0d5dadde98bb6b
SHA512

8c792f8f295dfcb33fa98c5f9ef67782b68be7a1d9e4ffc8cac6f9d807b94a0911a4963f16023628be49ab4785fbc4a3c23ae2fa4635a52b741921ff09006bbb
SSDEEP

24576:jDc4dZjuuXrZE/+6oN7jgUywYioIrvWwT+AVk7ZjK+mOaxYlFr5j1f4bRZVjYYAk:jdZjI/YN7quoy+EkMkVqJE+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
138bb41d221855f8f08168519a5b8df8

Files

138bb41d221855f8f08168519a5b8df8
.exe windows:4 windows x86 arch:x86

1e1c397cf41e52463b734d840c521c70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeW
VerQueryValueW

gdi32

Rectangle
GetBkColor
SetMapMode
SelectObject
Ellipse
CreateFontW
EndPage
CreateFontIndirectW
SetBkColor
GetStockObject
CreateSolidBrush
RectVisible
CreateCompatibleBitmap
DeleteObject
BitBlt
DPtoLP
CombineRgn
TextOutW

msvcrt

strcpy
__badioinfo
wcscspn
malloc
_iob
_adjust_fdiv
_unlock
fseek
_exit
__getmainargs
_XcptFilter
__p__fmode
_amsg_exit
_acmdln
__dllonexit
memmove
__setusermatherr
__CxxFrameHandler
strlen
_initterm
__set_app_type
_controlfp
wcstod
__p__commode

user32

BeginPaint
MoveWindow
PostMessageA
GetScrollInfo
SendMessageA
SetForegroundWindow
OemToCharBuffA
DestroyWindow
IsDialogMessageW
SendMessageTimeoutA
CountClipboardFormats
GetSystemMenu
EnumThreadWindows
SetWindowTextW
DestroyIcon
OpenClipboard
GetDesktopWindow
SetCapture
LoadCursorW
GetSubMenu
DrawTextW
DrawFocusRect
ReleaseDC
DeleteMenu
IsIconic
GetMessagePos
EnableWindow
DefWindowProcA
GetDlgCtrlID
CharNextA
GetCursor
GetParent
CharUpperW
GetWindowLongW
MapWindowPoints
SystemParametersInfoW
PeekMessageA
GetCapture
GetWindow
PostMessageW
SetParent
GetWindowTextLengthW
CharUpperA
GetSysColor
ShowWindow
DefWindowProcW
EnableMenuItem
SetWindowLongW
GetDlgItem
CopyRect
OpenIcon
MessageBoxW
GetFocus
ScreenToClient
SetRect
BringWindowToTop
LoadImageW
TrackPopupMenu
TranslateMessage
GetDlgItemTextW
LoadStringA
IsMenu
RegisterClipboardFormatW
CharLowerW
DispatchMessageA
GetWindowRect
RegisterClassA
InvalidateRect
GetSystemMetrics
GetLastActivePopup
LoadStringW
CreateWindowExW
SetWindowPos
SetActiveWindow
CopyAcceleratorTableA
wsprintfA
CharNextW
IsWindowVisible
CallWindowProcW
RegisterClassW
DdeFreeStringHandle
ChangeDisplaySettingsExW
EndDialog
SetFocus
SetCursor
SetMenuItemInfoA
IsWindow
SendMessageTimeoutW
GetMenuState
ScrollWindow
DispatchMessageW

advapi32

RegQueryValueExA
LookupPrivilegeValueA
OpenServiceW
GetSidSubAuthorityCount
OpenProcessToken
RegCloseKey
LookupAccountSidW
RegisterEventSourceA
GetKernelObjectSecurity
RegCreateKeyExA
GetUserNameW
RegOpenKeyExA
RegOpenKeyExW

shell32

ShellExecuteExW
SHGetSpecialFolderLocation
DragQueryFileW
ShellExecuteA
SHFileOperationA
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteW
SHFileOperationW

ole32

OleInitialize
CoCreateInstance
OleRun
CoTaskMemAlloc
StringFromGUID2
HWND_UserUnmarshal
CoTaskMemFree
RegisterDragDrop
OleLockRunning
CoRegisterMessageFilter
OleGetClipboard
DoDragDrop

kernel32

GetSystemTimeAsFileTime
GetVersion
GetCommandLineW
FreeLibrary
SetStdHandle
LocalFree
GetCurrentThreadId
FileTimeToSystemTime
GetCurrentThread
UnhandledExceptionFilter
GetCPInfo
SearchPathW
RtlUnwind
WriteConsoleW
CreateFileA
GetTickCount
GetLastError
TlsGetValue
SetErrorMode
GetProcAddress
GetFileType
LoadLibraryA
lstrcpyA
GetLocaleInfoA
SetCurrentDirectoryA
LeaveCriticalSection
GetProcessHeap
GetConsoleMode
ExpandEnvironmentStringsA
IsDebuggerPresent
GetCurrentProcessId
IsBadCodePtr
GetFullPathNameW
GlobalAlloc
SetLastError
GetVolumeInformationA
CloseHandle
GetModuleHandleA
MultiByteToWideChar
GetDateFormatW
HeapCreate
IsBadReadPtr
VirtualProtect
GetTimeZoneInformation
GetLocaleInfoW
GetStartupInfoA
GetModuleHandleW
GetModuleFileNameA
VirtualAlloc
TerminateProcess
Sleep
InterlockedExchange
TlsSetValue
WriteConsoleA
DisableThreadLibraryCalls
GetSystemInfo
EnumSystemLocalesA
FormatMessageA
HeapFree
HeapAlloc
QueryPerformanceCounter
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCurrentProcess
QueryPerformanceFrequency

Sections

.text
Size: 208KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e1c397cf41e52463b734d840c521c70

Headers

File Characteristics

Imports

version

gdi32

msvcrt

user32

advapi32

shell32

ole32

kernel32

Sections

.text Size: 208KB - Virtual size: 206KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 208KB - Virtual size: 206KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 20KB - Virtual size: 17KB