018c4868748cb7e0a0379442364c7949

Sharing

Copy URL Twitter E-mail

General

Target

018c4868748cb7e0a0379442364c7949
Size

425KB
MD5

018c4868748cb7e0a0379442364c7949
SHA1

6027be4e80a8e2880a0b8f6746003b6d484737a4
SHA256

39bd6b649705e3de8a3b75ed67e20c47743e48eaf0e42799ae1f9cd00e7f1871
SHA512

f10ffefca8054080d8b243f23b846df6a5d9879ea621f78e54b7973757348175ae2b9ef83b4d3d509497aa38669ce6475465847c80b9291ea4966d28d9c5a2d7
SSDEEP

6144:OjmcypSXaS5UOUdLdCJ9z5CR6wwK+lZlc3GWB/cNN/ws8vnbUumaXxLcatV+qK:OacVbRUDy9A9W43GWllvnbUNahLc8U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
018c4868748cb7e0a0379442364c7949

Files

018c4868748cb7e0a0379442364c7949
.exe windows:4 windows x86 arch:x86

915a396474e09a10fc840fd1c036e79b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ChangeDisplaySettingsA
DrawTextW
CharUpperBuffA
EnumPropsExA
CharToOemW
DefMDIChildProcW
DialogBoxParamA
CharUpperW
DlgDirSelectExA
EndMenu
AnimateWindow
DefWindowProcA
DlgDirListComboBoxA
GetDCEx
DefFrameProcW
CharPrevA
DlgDirSelectComboBoxExA
DrawIcon
DdeUninitialize

comdlg32

ChooseColorA

advapi32

CancelOverlappedAccess
GetAce
LookupPrivilegeValueA
GetAuditedPermissionsFromAclW
DuplicateTokenEx
LsaCreateAccount
LsaAddPrivilegesToAccount
GetSecurityDescriptorSacl
LookupPrivilegeValueW
SetFileSecurityA
CryptGetUserKey
CryptSetProvParam

msvcrt

mblen
_strnicoll
_kbhit
_set_sbh_threshold
_wopen
_y1
_ismbbkalnum
_unlink
_ismbbprint
_Getdays
_ismbclegal
fputwc
pow
__argc
__p__winver
strtoul
_inpd
_winmajor
_futime
_dup
_ftime64
atoi
ceil
_CIlog10
_ismbcspace
_strnset
__p__tzname
_close
exit
__RTtypeid
fprintf
asin
__pxcptinfoptrs
_wenviron
_j1
_fstat
_acmdln
__p__acmdln
clock

kernel32

SetCommConfig
VirtualUnlock
GetModuleHandleA
LoadLibraryA
VirtualAlloc
GetMailslotInfo
ExitThread
GetVersion
lstrcmpA
GetProcessHeaps
GetNamedPipeInfo
GetCurrentThreadId
VirtualFree
ResetEvent
ReadConsoleOutputCharacterA
CreateFileW
FindResourceW
ReadConsoleInputExW
SetVDMCurrentDirectories
GetAtomNameW
CreateWaitableTimerA
DuplicateHandle
lstrlenA
GetConsoleFontInfo
GetCurrentDirectoryA
GetStartupInfoA
IsBadCodePtr
GetDateFormatW
GetNumberOfConsoleMouseButtons
SleepEx
GetPrivateProfileIntA
GetDiskFreeSpaceW
FindFirstFileA
Sleep
GetStringTypeExW
LocalReAlloc
ExitProcess

gdi32

SetColorAdjustment
CreateRoundRectRgn
GetMiterLimit
GetTextCharacterExtra
WidenPath
GetRandomRgn
GetObjectType
GetROP2
CreateICA
CreateRectRgnIndirect
GetViewportExtEx
DeleteColorSpace
GetSystemPaletteUse
LPtoDP
GetCharWidthA
GetStockObject
PatBlt
GetColorSpace
AddFontResourceW
CreateMetaFileW
SetAbortProc
GetRasterizerCaps

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lyt
Size: 154KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.panj
Size: 66KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xvib
Size: 196KB - Virtual size: 444KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 635B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

915a396474e09a10fc840fd1c036e79b

Headers

File Characteristics

Imports

user32

comdlg32

advapi32

msvcrt

kernel32

gdi32

Sections

.text Size: 7KB - Virtual size: 6KB

.lyt Size: 154KB - Virtual size: 269KB

.panj Size: 66KB - Virtual size: 258KB

.xvib Size: 196KB - Virtual size: 444KB

.reloc Size: 1024B - Virtual size: 635B

.text
Size: 7KB - Virtual size: 6KB

.lyt
Size: 154KB - Virtual size: 269KB

.panj
Size: 66KB - Virtual size: 258KB

.xvib
Size: 196KB - Virtual size: 444KB

.reloc
Size: 1024B - Virtual size: 635B