018cddd4b31a31386749729dcf5d62c7

Sharing

Copy URL Twitter E-mail

General

Target

018cddd4b31a31386749729dcf5d62c7
Size

362KB
MD5

018cddd4b31a31386749729dcf5d62c7
SHA1

555c47508605922292c6072fe0c2a1bd05ebdc3e
SHA256

f31f46a5077e02b08bd416ff6af410db5fb5a10958266e0d9300d41814a1f5d6
SHA512

dba3c2738797f2a747006937325a622bcf037e7eabee41d2cd3a899a108a507a76f7903360f064025403619122371796520ac84e71a917553c30a392190b3a7d
SSDEEP

6144:btHci3lYMwOFA5iNrRHOz7VA6zbHwkJB2hso+zdX40xvwCWYjWKPDKVXx+:btPuFiNdu7VNb1lznx1WQF7KVx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
018cddd4b31a31386749729dcf5d62c7

Files

018cddd4b31a31386749729dcf5d62c7
.exe windows:4 windows x86 arch:x86

78d5be3a1fc23341bde73ca00863ea50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

GetSystemDefaultLangID
SetConsoleCtrlHandler
GetOEMCP
TlsFree
UnhandledExceptionFilter
SetEnvironmentVariableA
GetConsoleOutputCP
HeapAlloc
GetFileType
FlushFileBuffers
GetLocaleInfoA
SetHandleCount
GetLastError
SetLastError
GetCurrentThreadId
Sleep
HeapCreate
ExitProcess
GetUserDefaultLCID
SetStdHandle
GetEnvironmentStringsW
GetLocaleInfoW
EnumSystemLocalesA
GetCurrentProcess
GetModuleFileNameA
GetStringTypeW
ReadFile
LeaveCriticalSection
EnumTimeFormatsA
LCMapStringW
VirtualFree
GetCPInfo
CreateMutexA
InterlockedDecrement
GetCurrentThread
WideCharToMultiByte
FreeLibrary
IsValidLocale
GetTimeZoneInformation
TlsGetValue
LoadLibraryExA
VirtualAlloc
WriteFile
CreateFileA
FreeEnvironmentStringsA
GetEnvironmentStrings
WriteConsoleA
SetFilePointer
SetUnhandledExceptionFilter
GetProcAddress
HeapDestroy
GetTickCount
HeapSize
VirtualQuery
GetModuleHandleW
IsDebuggerPresent
GetConsoleMode
EnterCriticalSection
MultiByteToWideChar
GetStdHandle
CompareStringA
LCMapStringA
GetStringTypeA
TerminateProcess
TlsAlloc
QueryPerformanceCounter
InterlockedExchange
GetTimeFormatA
FreeEnvironmentStringsW
GetACP
HeapReAlloc
GetSystemTimeAsFileTime
GetConsoleCP
HeapFree
GetStartupInfoA
RtlUnwind
CompareStringW
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
IsValidCodePage
GetDateFormatA
CloseHandle
OpenMutexA
GetCurrentProcessId
CreateMailslotW
InterlockedIncrement
GetCommandLineA
LoadLibraryA
DeleteCriticalSection
TlsSetValue
WriteConsoleW

wininet

InternetInitializeAutoProxyDll
RegisterUrlCacheNotification
HttpAddRequestHeadersA
FindNextUrlCacheEntryExW
CreateUrlCacheGroup
InternetAutodial
InternetGoOnline
CommitUrlCacheEntryW

comdlg32

PrintDlgA
PrintDlgW

shell32

DoEnvironmentSubstW
ShellHookProc

gdi32

PathToRegion
GetOutlineTextMetricsA
GetCurrentObject
CreateRoundRectRgn

user32

RegisterClassA
DdeSetQualityOfService
RegisterClassExA
OffsetRect
DialogBoxIndirectParamA
SetClassWord
CreateWindowExA
SwapMouseButton
SetFocus

Sections

.text
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78d5be3a1fc23341bde73ca00863ea50

Headers

File Characteristics

Imports

comctl32

kernel32

wininet

comdlg32

shell32

gdi32

user32

Sections

.text Size: 166KB - Virtual size: 165KB

.rdata Size: 10KB - Virtual size: 27KB

.data Size: 174KB - Virtual size: 174KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 166KB - Virtual size: 165KB

.rdata
Size: 10KB - Virtual size: 27KB

.data
Size: 174KB - Virtual size: 174KB

.rsrc
Size: 10KB - Virtual size: 10KB