18034ed2ac29a89f2ca15d8bdb2790b3

Sharing

Copy URL

Twitter E-mail

General

Target

18034ed2ac29a89f2ca15d8bdb2790b3
Size

256KB
MD5

18034ed2ac29a89f2ca15d8bdb2790b3
SHA1

00e0c4bac4d20fe548fec12cd16b1f1d77599cb7
SHA256

5bc74bafa28dacfad4b0edba7d00220cb3b207dbaa10a77f69561f0a162e8f05
SHA512

f1d976884ccb66390559476fdba91c285860780a9e4eb2fd85bdb03c9d579ac18ee8de19209c10d7fa4db1080b670dcfbe9c4b06ab3ab305d0f1eb3dd7326db5
SSDEEP

6144:Pt2yeY4oAAEFuhE28U1Qj4nQMj6QUV9fJJx2JK182prJaw0FM:Pt2yeYPF+uhQU04nQLZJl8Sg6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18034ed2ac29a89f2ca15d8bdb2790b3

Files

18034ed2ac29a89f2ca15d8bdb2790b3
.exe windows:4 windows x86 arch:x86

63fd1e87a719c107458969f2ef179239

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

GetRecordInfoFromGuids
VariantTimeToSystemTime
SafeArrayGetLBound
SafeArrayDestroy
LoadRegTypeLi
SysAllocString
SafeArrayGetDim
VariantCopy
SafeArrayGetVartype
SystemTimeToVariantTime
SafeArrayUnlock
SafeArrayCreateVectorEx
SysAllocStringByteLen
SafeArrayGetElement
SafeArrayLock
VarBstrCmp
SysFreeString
SafeArrayGetUBound
VariantInit
SafeArrayRedim
SafeArrayCreate
VariantClear
SafeArrayUnaccessData
LoadTypeLi
VariantCopyInd
SysStringLen
SafeArrayAccessData
SafeArrayCopy
SysAllocStringLen
SysStringByteLen
VariantChangeType

kernel32

LockResource
lstrlenW
ReadFile
ExpandEnvironmentStringsW
WaitForSingleObject
HeapDestroy
EnterCriticalSection
UnhandledExceptionFilter
DeviceIoControl
LoadResource
RaiseException
GetLongPathNameW
FindClose
FormatMessageW
IsDebuggerPresent
MapViewOfFile
ResetEvent
SignalObjectAndWait
GlobalMemoryStatusEx
HeapFree
DeleteFileW
GetCurrentThreadId
SetUnhandledExceptionFilter
FindResourceW
CreateFileW
FileTimeToDosDateTime
CreateFileMappingW
GetSystemTime
SizeofResource
DeleteCriticalSection
LeaveCriticalSection
WriteFile
QueryDosDeviceW
ResumeThread
SetThreadLocale
CreateEventW
GetModuleHandleW
FileTimeToSystemTime
GetProcessHeap
SetEndOfFile
FindFirstFileW
CloseHandle
LocalFree
UnmapViewOfFile
CreateThread
GetSystemInfo
GetDriveTypeW
SetThreadPriority
GetACP
FindResourceExW
SetLastError
HeapAlloc
SetFilePointer
FreeLibrary
GetThreadLocale
HeapReAlloc
WaitForMultipleObjects
HeapSize
GetFileSize
GetSystemTimeAsFileTime
VirtualAllocEx

shlwapi

PathAppendW

shell32

SHGetFolderPathW

user32

wsprintfW
UnregisterClassA

ole32

OleRun
CoUninitialize
CoMarshalInterThreadInterfaceInStream
CLSIDFromProgID
CLSIDFromString
CoInitializeEx
CoCreateInstance
CoGetInterfaceAndReleaseStream
CoImpersonateClient
CoRevertToSelf

advapi32

LookupAccountSidW
MakeSelfRelativeSD
GetAclInformation
RegCreateKeyExW
EqualSid
GetSecurityDescriptorGroup
GetSidSubAuthority
GetSecurityDescriptorControl
GetTokenInformation
OpenProcessToken
GetSidLengthRequired
CopySid
MakeAbsoluteSD
GetLengthSid
RegQueryValueExW
InitializeSecurityDescriptor
InitializeAcl
OpenThreadToken
AddAce
GetSecurityDescriptorDacl
SetSecurityDescriptorOwner
DuplicateTokenEx
RevertToSelf
GetSecurityDescriptorSacl
ConvertStringSidToSidW
InitializeSid
SetThreadToken
RegCloseKey
IsValidSid
GetSecurityDescriptorOwner
SetSecurityDescriptorDacl
LookupPrivilegeValueW
RegNotifyChangeKeyValue
GetSecurityDescriptorLength
AdjustTokenPrivileges

userenv

UnloadUserProfile

esent

JetStopServiceInstance
JetCreateTableColumnIndex
JetRetrieveKey
JetGetTableInfo
JetGetLS
JetGetCursorInfo
JetOpenFile
JetPrepareUpdate
JetDetachDatabase
JetCreateDatabaseWithStreaming
JetGetTruncateLogInfoInstance
JetSetColumns
JetGetAttachInfoInstance
JetSetCurrentIndex3

scrrun

DllRegisterServer
DllGetClassObject
DllUnregisterServer
DllCanUnloadNow

Sections

.fmCma
Size: 1024B - Virtual size: 20KB

IMAGE_SCN_MEM_READ

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.LQUrAC
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SitA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hpcMJ
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bVUGvzj
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ZsMGdz
Size: 512B - Virtual size: 197B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.NQnDuGc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mSUHsRG
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UFHYF
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmGaHYW
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YQmo
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

63fd1e87a719c107458969f2ef179239

Headers

File Characteristics

Imports

oleaut32

kernel32

shlwapi

shell32

user32

ole32

advapi32

userenv

esent

scrrun

Sections

.fmCma Size: 1024B - Virtual size: 20KB

.text Size: 19KB - Virtual size: 18KB

.LQUrAC Size: 1KB - Virtual size: 1KB

.SitA Size: 2KB - Virtual size: 2KB

.hpcMJ Size: 1024B - Virtual size: 732B

.bVUGvzj Size: 1KB - Virtual size: 1KB

.ZsMGdz Size: 512B - Virtual size: 197B

.NQnDuGc Size: 1KB - Virtual size: 1KB

.data Size: 7KB - Virtual size: 126KB

.rdata Size: 209KB - Virtual size: 209KB

.mSUHsRG Size: 3KB - Virtual size: 2KB

.UFHYF Size: 2KB - Virtual size: 2KB

.vmGaHYW Size: 1KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.YQmo Size: 1024B - Virtual size: 576B

.fmCma
Size: 1024B - Virtual size: 20KB

.text
Size: 19KB - Virtual size: 18KB

.LQUrAC
Size: 1KB - Virtual size: 1KB

.SitA
Size: 2KB - Virtual size: 2KB

.hpcMJ
Size: 1024B - Virtual size: 732B

.bVUGvzj
Size: 1KB - Virtual size: 1KB

.ZsMGdz
Size: 512B - Virtual size: 197B

.NQnDuGc
Size: 1KB - Virtual size: 1KB

.data
Size: 7KB - Virtual size: 126KB

.rdata
Size: 209KB - Virtual size: 209KB

.mSUHsRG
Size: 3KB - Virtual size: 2KB

.UFHYF
Size: 2KB - Virtual size: 2KB

.vmGaHYW
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.YQmo
Size: 1024B - Virtual size: 576B