1d01895c1102fdcdc7931eb76914252a

Sharing

Copy URL Twitter E-mail

General

Target

1d01895c1102fdcdc7931eb76914252a
Size

508KB
MD5

1d01895c1102fdcdc7931eb76914252a
SHA1

a3209c09812179a72e1dbb4585859f9d70c587d4
SHA256

d84f390c3d587616c2bf5d732de7d181c1bd4dbfd5360842f27ab4d340c6f438
SHA512

ced3a862d16845f683a8ea884022f2e2c493148158cfbffec1f046da0fbad0c2ba80ba5157a9d8ab97f05a6c0383e26946e40203a9e54e41eaacb0477ad6c5fe
SSDEEP

12288:yClFZsOMMnMMMMMY3WingcEK5rQ4JuJNkIKN:yClFOOMMnMMMMMYmin2DcuJNkx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d01895c1102fdcdc7931eb76914252a

Files

1d01895c1102fdcdc7931eb76914252a
.exe windows:4 windows x86 arch:x86

c2d8b5dde4bb170baf25aa499b69ab67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
WideCharToMultiByte
IsDBCSLeadByte
LoadResource
DeleteCriticalSection
GetStdHandle
WriteFile
GetSystemTime
SetFileAttributesA
CreateFileA
ReadFile
LockResource
HeapSize
CreateDirectoryA
CreateProcessW
_llseek
HeapFree
VirtualQuery
GetCurrentProcess
GetProfileStringA
GetVersion
GetShortPathNameA
_lwrite
lstrcatA
CreateSemaphoreA
GetEnvironmentStringsW
GetFileTime
GlobalReAlloc
RemoveDirectoryA
GetExitCodeProcess
GlobalDeleteAtom
LoadLibraryExA
SetLocalTime
CreateEventA
ExitProcess
lstrcmpiA
LeaveCriticalSection
GetCurrentThreadId
RaiseException
FlushFileBuffers
lstrlenA
FreeEnvironmentStringsW
CompareStringA
FormatMessageA
RtlUnwind
FileTimeToLocalFileTime
GetModuleFileNameW
GlobalLock
CompareStringW
GetLocaleInfoA
GetTempPathA
GetSystemDefaultLCID
MoveFileA
FindResourceA
VirtualProtect
GetStringTypeExA
SetErrorMode
TlsFree
FileTimeToSystemTime
InterlockedDecrement
ReleaseSemaphore
GetUserDefaultLCID
GetTickCount
HeapDestroy
SetFilePointer
GetFullPathNameA
GetModuleFileNameA
lstrcmpiW
TlsAlloc
UnhandledExceptionFilter
GetCurrentProcessId
GetStartupInfoA
GetTimeZoneInformation
EnterCriticalSection
_lread
GetVersionExA
FindClose
WaitForSingleObject
TlsSetValue
GetDateFormatA
GlobalFree
SetLastError
FindNextFileA
Sleep
GetUserDefaultLangID
ResumeThread
GetCurrentDirectoryA
GetACP
GetModuleHandleA
MulDiv
SetFileTime
GetLastError
LCMapStringW
HeapCreate
SearchPathA
GlobalAlloc
SetEndOfFile
IsBadReadPtr
SetHandleCount
GlobalHandle
InitializeCriticalSection
FindFirstFileA
VirtualFree
IsBadCodePtr
DeleteFileA
GetCPInfo
CloseHandle
SetCurrentDirectoryA
SizeofResource
LCMapStringA
FreeResource
SetEnvironmentVariableA
InterlockedIncrement
GetFileType
UnlockFile
GetStringTypeA
lstrcmpA
FlushInstructionCache
LockFile
WinExec
TerminateProcess
SetStdHandle
GetProcAddress
GetTempFileNameA
FormatMessageW
GlobalUnlock
GetEnvironmentStrings
lstrcpyA
GlobalAddAtomA
LoadLibraryA
ExitThread
_lclose
SystemTimeToFileTime
HeapReAlloc
GetSystemDefaultLangID
GetFileAttributesA
FreeEnvironmentStringsA
ResetEvent
GetCommandLineA
GlobalSize
TlsGetValue
GetSystemInfo
HeapAlloc
GetDriveTypeA
GetStringTypeW
GetSystemDirectoryA
CreateThread
DuplicateHandle
GetOEMCP
CreateProcessA
GetLocalTime
SetEvent
GetWindowsDirectoryA
GetVolumeInformationA
lstrcpynA
VirtualAlloc
FreeLibrary

user32

SetParent
CharUpperA
DdeClientTransaction
ClientToScreen
SetScrollInfo
GetIconInfo
SystemParametersInfoA
TabbedTextOutA
SetCapture
WindowFromPoint
RegisterClipboardFormatA
GetKeyboardLayout
SetClipboardData
ShowWindow
CharToOemA
CreateIcon
DrawTextA
VkKeyScanA
DefFrameProcA
GetWindow
IsIconic
EndPaint
GetCaretPos
MoveWindow
SendDlgItemMessageA
DialogBoxParamA
ReleaseDC
GetAsyncKeyState
CreatePopupMenu
IsWindowVisible
FindWindowA
SetCursor
OffsetRect
GetMenuStringA
GetCapture
DdeFreeStringHandle
ShowCursor
TranslateMDISysAccel
EqualRect
SetForegroundWindow
InvalidateRgn
SetWindowRgn
SetTimer
GetPropA
SetCursorPos
GetCursorPos
CreateWindowExA
CreateMenu
LoadStringA
SetWindowContextHelpId
GetCaretBlinkTime
GetUpdateRgn
keybd_event
SetDlgItemTextA
IsCharAlphaA
CharNextA
LoadCursorA
DdeQueryConvInfo
GetKeyboardState
GetMenuItemID
GetWindowLongA
GetWindowTextA
GetLastActivePopup
PostMessageW
IntersectRect
IsWindowEnabled
AttachThreadInput
SubtractRect
CreateCaret
GetWindowDC
CharUpperBuffA
ReleaseCapture
RegisterClassA
GetMenuItemCount
ModifyMenuA
MsgWaitForMultipleObjects
UpdateWindow
DeleteMenu
WaitMessage
MessageBoxIndirectA
GetParent
CallNextHookEx
GetKeyState
SetRect
IsClipboardFormatAvailable
CharToOemBuffA
DdeCmpStringHandles
DdePostAdvise
DdeConnect
GetClientRect
GetSubMenu
GetSystemMetrics
DdeAbandonTransaction
IsZoomed
ScreenToClient
EmptyClipboard
GetMenuState
GetMenuItemInfoA
DdeUninitialize
KillTimer
MapWindowPoints
DestroyWindow
GetClassInfoA
GetTabbedTextExtentA
DrawMenuBar
LoadAcceleratorsA
DdeQueryStringA
DdeGetData
SetActiveWindow
GetQueueStatus
DdeGetLastError
PeekMessageA
VkKeyScanW
UnregisterClassA
GetClipboardFormatNameA
DdeNameService
GetSystemMenu
EnableMenuItem
FindWindowW
IsDialogMessageA
CopyAcceleratorTableA
DispatchMessageA
GetWindowRgn
GetSysColor
AppendMenuA
LoadBitmapA
UnhookWindowsHookEx
GetDoubleClickTime
LoadImageA
CreateCursor
InvalidateRect
GetWindowTextLengthA
PostMessageA
DdeDisconnect
BeginPaint
SetKeyboardState
CharUpperBuffW
GetClassNameA
DestroyAcceleratorTable
DestroyMenu
IsWindow
SetScrollRange
DdeCreateDataHandle
SetPropA
GetWindowRect
wsprintfA
MessageBoxA
CharPrevA
DestroyCursor
SetWindowTextA
SetWindowsHookExA
FrameRect
InflateRect
PostThreadMessageA
MessageBeep
IsRectEmpty
DdeCreateStringHandleA
DdeFreeDataHandle
DeferWindowPos
SetMenuItemInfoA
SetScrollPos
CharLowerA
SetCaretPos
CharLowerBuffW
RemoveMenu
DrawIcon
GetDCEx
WinHelpA
GetForegroundWindow
FillRect
PostQuitMessage
RegisterClassExA
BringWindowToTop
PtInRect
GetWindowThreadProcessId
GetScrollPos
ToAscii
TranslateMessage
EnumThreadWindows
GetUpdateRect
LoadIconA
TrackPopupMenu
AdjustWindowRectEx
HideCaret
EndDeferWindowPos
GetActiveWindow
DrawFrameControl
SetFocus
DefWindowProcA
GetClassInfoExA
GetFocus
SetWindowLongA
WaitForInputIdle
GetScrollInfo
GetClipboardData
CharLowerBuffA
SetWindowsHookExW
DestroyCaret
AdjustWindowRect
BeginDeferWindowPos
CallWindowProcA
CopyRect
SetMenu
DdeInitializeA
DestroyIcon
DrawFocusRect
ShowScrollBar
SendMessageA
GetCursor
GetMessagePos
CreateAcceleratorTableA
OpenClipboard
CheckMenuItem
GetMenu
GetDC
EnableWindow
GetDlgItem
DdeSetUserHandle
PeekMessageW
EndDialog
ShowCaret
EnumClipboardFormats
IsChild
CloseClipboard
ClipCursor
CreateDialogParamA
GetMessageTime
SetMenuDefaultItem
LockWindowUpdate
SetWindowPos
InsertMenuA
OemToCharA
DefMDIChildProcA
RemovePropA
GetDesktopWindow

ws2_32

WSAConnect
setsockopt

advapi32

RegisterEventSourceA
RegDeleteKeyW
OpenProcessToken
RegOpenKeyW
RegSetValueExW
RegCreateKeyW
RegOpenKeyExA
RegEnumValueW
RegEnumKeyW
RegQueryInfoKeyA
RegSetValueExA
RegDeleteValueW
RegQueryValueExA
RegDeleteValueA
RegEnumValueA
LookupPrivilegeValueA
RegOpenKeyA
DeregisterEventSource
RegDeleteKeyA
SetSecurityDescriptorDacl
RegQueryValueA
RegSetValueA
AdjustTokenPrivileges
ReportEventA
InitializeSecurityDescriptor
RegEnumKeyA
RegCreateKeyA
RegCloseKey
RegQueryValueExW

ole32

OleLoad
OleSave

samlib

SamConnectWithCreds
SamConnect

ddraw

DirectDrawEnumerateA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 410KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2d8b5dde4bb170baf25aa499b69ab67

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

advapi32

ole32

samlib

ddraw

Sections

.text Size: 1KB - Virtual size: 1KB

.idata Size: 11KB - Virtual size: 10KB

.data Size: 52KB - Virtual size: 1.0MB

.rsrc Size: 33KB - Virtual size: 32KB

.rdata Size: 410KB - Virtual size: 409KB

.text
Size: 1KB - Virtual size: 1KB

.idata
Size: 11KB - Virtual size: 10KB

.data
Size: 52KB - Virtual size: 1.0MB

.rsrc
Size: 33KB - Virtual size: 32KB

.rdata
Size: 410KB - Virtual size: 409KB