01ec36fa5d7dddc857660d1cb51806bd

Sharing

Copy URL Twitter E-mail

General

Target

01ec36fa5d7dddc857660d1cb51806bd
Size

560KB
MD5

01ec36fa5d7dddc857660d1cb51806bd
SHA1

cc51b9b3440b5f235ba89a924dee78e4c2765c69
SHA256

27ffde3b4636eeee8e301833036cb3fa999b92f8a6ca26289cf7e92826ff88e3
SHA512

f6e0c3531b86fc826afa74c7a6fa1f97c6031323fbeeb71fcd4a8a65f8b06257b6d5c8cbb4e0f95b5a7c8aa34846bfcf62ae0e8fa66299621a619c3ee3ea3808
SSDEEP

12288:d07QBpMa/B+jS+ioGUCic0cc+CMB7xh9QhsZUiIj92afwcGdp7p4o8GBw7FtszM6:UeZToGUoc+fBlvQhsmf8cG5dmzszM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01ec36fa5d7dddc857660d1cb51806bd

Files

01ec36fa5d7dddc857660d1cb51806bd
.exe windows:4 windows x86 arch:x86

7355cadf0a684756e7a74bcf0e5abcda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleOutputCharacterW
GetUserDefaultLCID
FlushFileBuffers
GetConsoleCP
ConvertDefaultLocale
GetModuleHandleW
TlsFree
GetLocaleInfoW
OutputDebugStringW
GetTickCount
GetLocaleInfoA
TlsAlloc
GetCurrentProcess
InterlockedExchange
GetCalendarInfoW
ExitProcess
GetACP
LoadLibraryW
InterlockedDecrement
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
UnhandledExceptionFilter
QueryPerformanceCounter
FreeLibrary
RaiseException
GetFileType
lstrlenA
HeapFree
GetEnvironmentStringsW
GetProcessHeap
GetModuleFileNameA
RtlUnwind
SetFilePointer
SetEnvironmentVariableA
CreateFileMappingA
IsBadReadPtr
SetStdHandle
GetEnvironmentStrings
TerminateProcess
GetConsoleOutputCP
SetLastError
GetModuleFileNameW
VirtualFree
GetLastError
DeleteCriticalSection
WriteFile
VirtualAlloc
TlsGetValue
LoadLibraryA
CreateFileA
LCMapStringW
GetConsoleMode
HeapSize
FreeEnvironmentStringsA
OutputDebugStringA
GetStartupInfoA
CompareStringA
GlobalGetAtomNameA
IsDebuggerPresent
GetCPInfo
LeaveCriticalSection
ExpandEnvironmentStringsW
GetCommandLineA
GetTimeZoneInformation
SetUnhandledExceptionFilter
GetCurrentThreadId
lstrcmpA
GetCurrentProcessId
Sleep
MultiByteToWideChar
GetTimeFormatA
CompareStringW
TryEnterCriticalSection
GetProfileSectionA
GetTimeFormatW
WriteConsoleA
WriteConsoleOutputA
IsValidLocale
VirtualQuery
EnumSystemLocalesA
HeapDestroy
HeapReAlloc
InterlockedIncrement
SetHandleCount
CreateMutexA
DebugBreak
WideCharToMultiByte
TlsSetValue
OpenMutexA
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
CloseHandle
ResetEvent
GetProcAddress
IsValidCodePage
LocalFlags
GetCurrentThread
FreeEnvironmentStringsW
HeapCreate
HeapValidate
EnterCriticalSection
UnlockFileEx
LCMapStringA
lstrcat
SetThreadContext
GetDateFormatA
GetStringTypeW
ReadFile
GetOEMCP
GetStringTypeA
WriteConsoleW
GetStdHandle
HeapAlloc
VirtualProtect

user32

RegisterClassA
CreateIconIndirect
CharUpperW
GetKeyboardType
DdeDisconnectList
GetDlgCtrlID
RegisterClassExA
BringWindowToTop
SetWindowsHookExA
CheckMenuItem
SendMessageTimeoutA
DefWindowProcW
TrackMouseEvent
SetClassWord
CreateWindowExA
DlgDirSelectExA
LoadImageA
ShowWindow
IsCharAlphaNumericA
MessageBoxW
GetInputState
PostThreadMessageW
RegisterHotKey
RealGetWindowClass
SetDoubleClickTime
GetClipboardFormatNameA
DrawStateW
ChildWindowFromPoint
DrawTextExW
DestroyWindow
IsCharUpperA
CreateAcceleratorTableA
GetWindowRect
EnableScrollBar
MsgWaitForMultipleObjects
OffsetRect

advapi32

RegEnumKeyExW
RegSaveKeyA
RegQueryValueExA
RegQueryInfoKeyW
RegSetValueA
RegEnumKeyA
RegFlushKey
RegEnumKeyExA
CryptSetProviderW
RegEnumKeyW
RegRestoreKeyW
RegDeleteValueA
LookupPrivilegeValueA
RegCreateKeyW
RegDeleteValueW
LookupPrivilegeValueW
LookupPrivilegeDisplayNameW
RegLoadKeyW
RegCreateKeyExA

shell32

CommandLineToArgvW
ShellExecuteExW
SHAppBarMessage

comctl32

ImageList_Remove
ImageList_GetImageInfo
ImageList_DragShowNolock
CreateToolbar
ImageList_LoadImageA
InitMUILanguage
DestroyPropertySheetPage
ImageList_DrawIndirect
ImageList_Draw
ImageList_LoadImageW
ImageList_DragEnter
ImageList_SetDragCursorImage
DrawStatusTextA
ImageList_Replace
ImageList_DragMove
InitCommonControlsEx
CreatePropertySheetPageW
CreatePropertySheetPage

gdi32

PtVisible
CreateDCA
SetWinMetaFileBits
SetPaletteEntries
AnimatePalette
GetMiterLimit
CreateRectRgn
GetCharacterPlacementA
ExtSelectClipRgn
CombineRgn
GetMetaRgn
PolyTextOutA
GetClipRgn
GetColorSpace
EnumFontFamiliesA
CreatePenIndirect
OffsetWindowOrgEx
CreateCompatibleDC
SetTextCharacterExtra
GetICMProfileW
GetTextExtentPointW
GetNearestColor
EnumEnhMetaFile
PolyTextOutW
GetCurrentObject

Sections

.text
Size: 276KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7355cadf0a684756e7a74bcf0e5abcda

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

comctl32

gdi32

Sections

.text Size: 276KB - Virtual size: 274KB

.rdata Size: 164KB - Virtual size: 163KB

.data Size: 100KB - Virtual size: 110KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 276KB - Virtual size: 274KB

.rdata
Size: 164KB - Virtual size: 163KB

.data
Size: 100KB - Virtual size: 110KB

.rsrc
Size: 16KB - Virtual size: 13KB