18a97be360107d462b84c55f1335382a

Sharing

Copy URL

Twitter E-mail

General

Target

18a97be360107d462b84c55f1335382a
Size

513KB
MD5

18a97be360107d462b84c55f1335382a
SHA1

c0ea048368edfb4e9f32686df3fdde265154b1c2
SHA256

6c139be0f1dbbc0ec7b8883fc76135db1af2ba83de30e4c46fe334065800f74a
SHA512

57d7f05763566ae210918ebfbee296b361049095d44b7175182c6809fbd6726ed5b6fefc7ab660ea210cff304118389db21195eb8e46e7ae7d8532bc4ee63583
SSDEEP

12288:x4R2nvl5l3ywqLqw9VUAyFjV1fR4Ql5CQ/2LKCUK:r95l3JqmcsdTZxj2ec

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18a97be360107d462b84c55f1335382a

Files

18a97be360107d462b84c55f1335382a
.exe windows:4 windows x86 arch:x86

6028b370f9bc5192b2ebf49ee40c540c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExW
DestroyWindow
BlockInput
MessageBoxExW
RegisterClassA
InflateRect
GetQueueStatus
ShowCursor
LockWindowUpdate
ShowWindow
DefWindowProcA
CreateWindowExA
AnyPopup
RegisterClassExA
IsClipboardFormatAvailable
MessageBoxA

comctl32

InitCommonControlsEx
CreatePropertySheetPage

kernel32

GetCurrentProcess
SetEnvironmentVariableA
IsBadReadPtr
GetStringTypeW
HeapSize
GetConsoleCP
SetVolumeLabelA
GetSystemTimeAsFileTime
IsDebuggerPresent
GetTimeFormatA
VirtualQuery
GetLastError
ReadConsoleOutputW
EnterCriticalSection
VirtualAlloc
TlsAlloc
GetCurrentProcessId
GetProfileIntW
lstrlenA
HeapDestroy
GetOEMCP
UnhandledExceptionFilter
LeaveCriticalSection
QueryPerformanceCounter
WriteFile
GetCPInfo
GetTimeZoneInformation
CreateMutexA
GetProcAddress
RtlUnwind
CloseHandle
CompareStringW
GetStartupInfoW
GetTickCount
GetModuleHandleW
LoadLibraryW
OutputDebugStringA
TlsFree
WideCharToMultiByte
GetCurrentThreadId
GetStdHandle
TerminateProcess
GetStartupInfoA
TlsSetValue
LCMapStringW
GetUserDefaultLCID
InterlockedIncrement
OutputDebugStringW
LocalAlloc
HeapAlloc
GetFileTime
SetConsoleCtrlHandler
GetLocaleInfoW
LCMapStringA
GetDateFormatA
Sleep
LoadLibraryA
GetLocaleInfoA
GetProcessHeap
VirtualFree
GetStringTypeA
WaitForMultipleObjects
SetConsoleCursorInfo
SetStdHandle
GetCurrentThread
HeapReAlloc
GetEnvironmentStringsW
FreeLibrary
IsValidLocale
SetLastError
GetCommandLineW
DebugBreak
ReadFile
TerminateThread
GetCommandLineA
GetConsoleMode
WriteConsoleA
GetModuleHandleA
HeapCreate
SetUnhandledExceptionFilter
MultiByteToWideChar
HeapValidate
CompareStringA
FreeEnvironmentStringsW
MoveFileExA
EnumDateFormatsExA
TlsGetValue
OpenMutexA
GetModuleFileNameA
InterlockedDecrement
GetConsoleOutputCP
WriteConsoleW
IsValidCodePage
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
EnumSystemLocalesA
FlushFileBuffers
InterlockedExchange
DeleteCriticalSection
GetACP
GetFileType
SetFilePointer
RaiseException
SetHandleCount
CreateFileA
HeapFree
ExitProcess

Sections

.text
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6028b370f9bc5192b2ebf49ee40c540c

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 252KB - Virtual size: 251KB

.rdata Size: 120KB - Virtual size: 151KB

.data Size: 91KB - Virtual size: 90KB

.rsrc Size: 49KB - Virtual size: 48KB

.text
Size: 252KB - Virtual size: 251KB

.rdata
Size: 120KB - Virtual size: 151KB

.data
Size: 91KB - Virtual size: 90KB

.rsrc
Size: 49KB - Virtual size: 48KB