1dd2d3890fb72e583cee5a0e18392704

Sharing

Copy URL

Twitter E-mail

General

Target

1dd2d3890fb72e583cee5a0e18392704
Size

2.3MB
MD5

1dd2d3890fb72e583cee5a0e18392704
SHA1

9ece04bbd9fc829c551c612c3f6150be8e447991
SHA256

2657021520b107b21400d210ddfa5178aa6183a22cd5b56d8754e53e381be891
SHA512

f76dfb1a75b55aab315498973554fbcb26634cba2a509dc34b2d555c9ab297d0391a4c40c7cded88750cce853c9ff142264561450841a5f45645a1e5116b550d
SSDEEP

49152:IYnswzLWlr4W9o5YfMbMcRc/s+kobXnz/q/xnd/c/fnr/a5RZH7HAnnnnnLFz8++:bsblrFz0DAekNy/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1dd2d3890fb72e583cee5a0e18392704

Files

1dd2d3890fb72e583cee5a0e18392704
.exe windows:6 windows x86 arch:x86

7ce00d16ee3007f3f69c3739e80a3fa7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
DecodePointer
HeapReAlloc
FlushFileBuffers
ReadConsoleW
GetFileType
FreeEnvironmentStringsW
SetStdHandle
GetStringTypeW
GetProcessHeap
HeapSize
WriteConsoleW
SetEndOfFile
GetTickCount
GetEnvironmentStringsW
LCMapStringW
HeapAlloc
GetConsoleMode
GetConsoleCP
GetSystemTime
GetSystemTimeAsFileTime
WideCharToMultiByte
RemoveDirectoryA
GetProcessorSystemCycleTime
VirtualAllocEx
SetFilePointerEx
GetLocalTime
GetSystemInfo
VerLanguageNameA
GetFileAttributesA
GetLastError
GetTimeZoneInformation
MultiByteToWideChar
GetACP
GetSystemDefaultLangID
GetCurrentProcess
GetFileSizeEx
HeapFree
GetStdHandle
SetConsoleCtrlHandler
GetModuleHandleExW
LoadLibraryExW
TlsFree
SetLastError
RtlUnwind
FreeLibrary
GetProcAddress
LoadLibraryA
OutputDebugStringW
CreateFileW
ReadFile
SetFilePointer
WriteFile
CloseHandle
SetErrorMode
GetModuleFileNameW
GetModuleHandleW
SetThreadExecutionState
ExitProcess
TerminateProcess
GlobalMemoryStatusEx
CreateDirectoryW
LoadLibraryW
lstrcatW
lstrlenW
CreateToolhelp32Snapshot
Process32First
Process32Next
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
DeleteCriticalSection
ReleaseSemaphore
WaitForSingleObjectEx
CreateSemaphoreW
GetEnvironmentVariableA
SetEnvironmentVariableA
IsDebuggerPresent
RaiseException
CreateThread
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
VerSetConditionMask
FormatMessageW
VerifyVersionInfoW
GlobalAlloc
GlobalUnlock
GlobalLock
CompareStringA
MulDiv
CreateEventW
WaitForSingleObject
GetSystemPowerStatus
CreateFileA
DeviceIoControl
GetOverlappedResult
CancelIo
ResetEvent
CreateEventA
LocalFree
GetCurrentProcessId
InitializeSListHead
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent

user32

IsChild
GetDlgItemTextA
GetShellWindow
GetSystemMetrics
GetDC
EnumDesktopsW
SendMessageA
GetMenuItemRect
GetForegroundWindow
GetCaretBlinkTime
GetMenuItemInfoA
GetClipboardFormatNameA
MessageBoxA
TranslateMessage
DispatchMessageW
PeekMessageW
GetMessageExtraInfo
DefWindowProcW
CallWindowProcW
UnregisterClassW
RegisterClassExW
GetClassInfoExW
IsWindowVisible
IsIconic
PtInRect
GetAsyncKeyState
GetMenu
GetUpdateRect
InvalidateRect
ValidateRect
GetPropW
GetClientRect
GetWindowRect
AdjustWindowRectEx
SetCursor
GetClipCursor
ClientToScreen
ScreenToClient
WindowFromPoint
ClipCursor
IsRectEmpty
GetWindowLongW
LoadIconW
DestroyIcon
GetRawInputData
GetCursorPos
OpenClipboard
CloseClipboard
GetClipboardSequenceNumber
SetClipboardData
GetClipboardData
EmptyClipboard
IsClipboardFormatAvailable
GetKeyboardLayout
GetKeyboardState
ToUnicode
GetKeyState
TrackMouseEvent
SendMessageW
RegisterClassW
CreateWindowExW
DestroyWindow
ShowWindow
SetLayeredWindowAttributes
SetWindowPos
GetFocus
SetForegroundWindow
ReleaseDC
SetPropW
RemovePropW
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
SetWindowLongW
GetParent
CreateIconFromResource
SetWindowRgn
SetCursorPos
LoadCursorW
CreateIconIndirect
RegisterRawInputDevices
ChangeDisplaySettingsExW
EnumDisplaySettingsW
EnumDisplayDevicesW
GetMonitorInfoW
EnumDisplayMonitors
GetDesktopWindow
RegisterDeviceNotificationW
UnregisterDeviceNotification
UnregisterClassA
RegisterClassExA
CreateWindowExA
GetMessageW
PostThreadMessageW
SetTimer
KillTimer
PostMessageW
DialogBoxIndirectParamW
EndDialog
GetDlgItem
SetFocus
DrawTextW
SystemParametersInfoA
SystemParametersInfoW
GetRawInputDeviceInfoA
GetRawInputDeviceList
GetDoubleClickTime
MapVirtualKeyW

gdi32

GetTextExtentPoint32A
SwapBuffers
SetPixelFormat
GetPixelFormat
DescribePixelFormat
ChoosePixelFormat
GetDIBits
GetDeviceCaps
CreateCompatibleBitmap
CreateRectRgn
CombineRgn
GetTextMetricsW
UnrealizeObject
WidenPath
GetObjectA
SetTextCharacterExtra
SetTextAlign
CreateFontIndirectW
CreateBitmap
CreateSolidBrush
DeleteObject
SetStretchBltMode
EnumFontFamiliesA
SetTextJustification
SetViewportOrgEx
TextOutA
SetTextColor
TextOutW
DeleteDC
GetPixel
StrokeAndFillPath
SetViewportExtEx
EnumFontFamiliesW
SetWindowExtEx
SetWindowOrgEx
UpdateColors
GetICMProfileA
StretchBlt
SetICMProfileA
SetPixel
CreateCompatibleDC
SetWinMetaFileBits
SelectObject
BitBlt
SetWorldTransform
SetDeviceGammaRamp
GetDeviceGammaRamp
CreateDCW
CreateDIBSection

comdlg32

ChooseFontW

shell32

SHGetFolderPathW
DragAcceptFiles
ExtractIconExW
DragFinish
DragQueryFileW
SHGetFolderLocation
SHBindToParent

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemFree
PropVariantClear
CoInitializeEx

oleaut32

VariantChangeType
SysAllocStringLen
VariantInit
SysFreeString

winmm

waveOutOpen
waveOutGetErrorTextW
waveOutGetDevCapsW
waveOutClose
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutGetNumDevs
waveOutReset
waveInGetNumDevs
waveInGetDevCapsW
waveInOpen
waveInClose
waveInPrepareHeader
waveInUnprepareHeader
waveInAddBuffer
waveInStart
waveInReset
timeEndPeriod
timeBeginPeriod
waveOutWrite
timeGetTime

version

VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoA

imm32

ImmSetCompositionWindow
ImmNotifyIME
ImmGetCandidateListW
ImmSetCompositionStringW
ImmGetCompositionStringW
ImmAssociateContext
ImmReleaseContext
ImmGetContext
ImmGetIMEFileNameA

setupapi

SetupDiEnumDeviceInfo
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiGetDeviceRegistryPropertyA

comctl32

ImageList_GetIcon
ImageList_DragLeave
ImageList_LoadImageW
ImageList_Create
ImageList_Draw
ImageList_Add
ImageList_LoadImageA
ImageList_DragEnter
ord5
ImageList_ReplaceIcon
ImageList_DragMove
ImageList_DrawIndirect
InitCommonControlsEx
ImageList_Replace
ImageList_GetIconSize
ImageList_DrawEx
ImageList_SetBkColor

msimg32

TransparentBlt

oleacc

GetOleaccVersionInfo
CreateStdAccessibleObject
GetRoleTextW
AccessibleChildren
WindowFromAccessibleObject
GetRoleTextA

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1015KB - Virtual size: 1014KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ce00d16ee3007f3f69c3739e80a3fa7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

oleaut32

winmm

version

imm32

setupapi

comctl32

msimg32

oleacc

advapi32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 233KB - Virtual size: 233KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 1015KB - Virtual size: 1014KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 233KB - Virtual size: 233KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 1015KB - Virtual size: 1014KB