01788c14528d293c17b192b1a64602e5

Sharing

Copy URL

Twitter E-mail

General

Target

01788c14528d293c17b192b1a64602e5
Size

336KB
MD5

01788c14528d293c17b192b1a64602e5
SHA1

2531818fd11618a469a2302c08ecd95a2265a341
SHA256

4518ea975374ea6181e4da3e58b4bf8102f058f376800a08c5335e6904438425
SHA512

f4beff2739d6384d0fc6ba441890dfae8f0278540d58ff76556a3ac6a138ee9e61001e97464e7ca0375e484d074db6b67e7a8652b15c2df2d312bd585773d545
SSDEEP

6144:Za/W19iF69iJJnQ2BckxlOw6bGMmf1jtBvrNYm5eMUpKuNNxHWnhPET6Prb3A:o0iw0FJxV6bGZtBvrNYmzHTI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01788c14528d293c17b192b1a64602e5

Files

01788c14528d293c17b192b1a64602e5
.exe windows:4 windows x86 arch:x86

dadd23e4228f5d4c1a2931c3a3c91fdd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashW
PathStripPathW
StrCmpIW

shell32

SHGetFolderPathAndSubDirW
CommandLineToArgvW

gdi32

InvertRgn
Polygon
CreateRectRgn
ExtCreatePen
GetCharWidthA
CreateFontIndirectA
CreateFontA
CreatePatternBrush

kernel32

FindResourceW
GetFileSize
ReadFile
LoadLibraryExW
GetStringTypeExA
GetThreadLocale
GlobalGetAtomNameW
CopyFileA
WaitForMultipleObjectsEx
SetEnvironmentVariableA
ExitProcess
TlsGetValue
FileTimeToDosDateTime
SetEnvironmentVariableW
CloseHandle
SetStdHandle
GlobalFindAtomA
Process32NextW
GetSystemDirectoryW
DebugBreak
GetVersionExA
GetTempFileNameA
GetSystemTime
GetModuleHandleA
GetLogicalDriveStringsA
CreateNamedPipeA
GetShortPathNameA
SearchPathA
GlobalHandle
GetComputerNameA
lstrcpynA
GetSystemDirectoryA
WritePrivateProfileSectionA
GetSystemDefaultLangID
DosDateTimeToFileTime
GetUserDefaultLCID
FindFirstFileA
MapViewOfFileEx
LCMapStringA
LoadResource
ReleaseMutex
GetSystemDefaultLCID
GetTimeFormatA
BackupRead
GlobalMemoryStatus
CreateEventW
CreateProcessA
ExpandEnvironmentStringsW
GetCPInfo
GlobalFindAtomW
SetFilePointer
GetStartupInfoW
GlobalDeleteAtom
OpenFileMappingW
SuspendThread
RemoveDirectoryA
CompareFileTime
SetNamedPipeHandleState
GetFileAttributesW
CompareStringW
VirtualQuery
InitializeCriticalSectionAndSpinCount
IsValidCodePage
CreateMutexA
GetQueuedCompletionStatus
GetDiskFreeSpaceA
GlobalAddAtomW
UnlockFile
GetCurrentProcess
OpenFileMappingA
GlobalFree
SetThreadLocale
SetHandleCount
HeapSize
GetSystemInfo
FileTimeToLocalFileTime
FreeEnvironmentStringsW
GetFullPathNameA
Sleep
SystemTimeToFileTime
WriteConsoleA
GetVolumeInformationA
GetNumberFormatW
GlobalUnlock
TlsAlloc
UnmapViewOfFile
FreeLibrary
GetPrivateProfileSectionA
MapViewOfFile
GetPrivateProfileStringA
GetCurrentDirectoryA
GetStringTypeW
GetStringTypeA
GetTickCount
FindResourceA
lstrcpyA
GetSystemWindowsDirectoryW
VirtualAlloc
GetOverlappedResult
LCMapStringW
MultiByteToWideChar
LoadLibraryA
HeapReAlloc
HeapAlloc
GetOEMCP
GetACP
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetLastError
SetLastError
TlsSetValue
GetCurrentThreadId
GetFileType
GetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
SetFileTime
_lread
WideCharToMultiByte
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
TerminateProcess
GetProcAddress
GetVersion
GetStartupInfoA
GetCommandLineA

oleaut32

SysStringLen

advapi32

RegEnumValueW
RegOpenKeyW
RegDeleteKeyW
DeleteService
IsValidSecurityDescriptor
RegEnumKeyExW
GetSecurityDescriptorOwner
LookupPrivilegeValueA

user32

IsCharAlphaNumericA
GetWindowLongA
SetWindowLongW
TranslateMDISysAccel
TrackMouseEvent
SetCaretPos
SetPropW
ChildWindowFromPoint
GetMenuItemID
UnhookWindowsHookEx
CallWindowProcA
ShowCaret
CreateMenu
RegisterWindowMessageA
DeferWindowPos
DdeClientTransaction
IsRectEmpty
MsgWaitForMultipleObjects
GetMenu
HideCaret
GetIconInfo
GetDC
InvalidateRect
IsCharAlphaNumericW
MapDialogRect
CharPrevA
EnumThreadWindows

version

GetFileVersionInfoSizeW

comdlg32

GetFileTitleA

comctl32

InitCommonControlsEx
ImageList_SetDragCursorImage
ImageList_Destroy
ImageList_Read

ole32

OleLockRunning
OleSetMenuDescriptor
DoDragDrop
IIDFromString
ReadFmtUserTypeStg
OleCreateMenuDescriptor

Sections

.text
Size: 264KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dadd23e4228f5d4c1a2931c3a3c91fdd

Headers

File Characteristics

Imports

shlwapi

shell32

gdi32

kernel32

oleaut32

advapi32

user32

version

comdlg32

comctl32

ole32

Sections

.text Size: 264KB - Virtual size: 260KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 20KB - Virtual size: 18KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 264KB - Virtual size: 260KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 20KB - Virtual size: 18KB

.rsrc
Size: 8KB - Virtual size: 5KB