1ddd10eedec55e7de6491007d4f985a7

Sharing

Copy URL Twitter E-mail

General

Target

1ddd10eedec55e7de6491007d4f985a7
Size

235KB
MD5

1ddd10eedec55e7de6491007d4f985a7
SHA1

8eb25f403be02324aa8f641916c1500cac1c34cb
SHA256

6e12cf3c1d64afa2511f1bc12e958f50f69b69fe69f0aa7be86c3184e50c76b5
SHA512

d1bbd5ea7ce1081dc76086f2aceb2bf336d730fb6bc90f8a992dcaa2dff05411aa0310a457910cc6d81e75251afeb019c621a5b4fffdb89559631e84b91f7d48
SSDEEP

3072:O7KNzz4hBP7gD6C88xKMTHX4O1FoN0CuvfhUXXZWBzZPPAnO0RY2Cg3L+PK:+AwcDF88scHULuWYZqRYMLk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ddd10eedec55e7de6491007d4f985a7

Files

1ddd10eedec55e7de6491007d4f985a7
.exe windows:4 windows x86 arch:x86

172308efbf26d11b0f628909a4dcef5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetOEMCP
HeapSize
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
UnhandledExceptionFilter
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetUnhandledExceptionFilter
LCMapStringA
GetStdHandle
HeapReAlloc
DeleteCriticalSection
IsBadWritePtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
TerminateProcess
ExitProcess
RaiseException
HeapFree
HeapAlloc
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetModuleFileNameA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetCurrentDirectoryA
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
SizeofResource
GetLastError
SetLastError
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
CloseHandle
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
GetStringTypeW
TlsAlloc
GlobalDeleteAtom
GlobalAlloc
GetVersion
InitializeCriticalSection
LocalFree
LocalAlloc
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
MulDiv
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
IsBadReadPtr
LCMapStringW
GetStringTypeA
lstrcmpA
lstrcatA
GlobalAddAtomA
GlobalGetAtomNameA
GlobalUnlock
lstrcpynA
GlobalLock
lstrlenA
lstrcpyA
GetProfileStringA
LoadResource
FindResourceA
LockResource
GlobalFree
GetCurrentThreadId
GetCurrentThread
lstrcmpiA

user32

GetMenuStringA
ShowOwnedPopups
MessageBoxA
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetClassNameA
PtInRect
ClientToScreen
LoadCursorA
GetSysColorBrush
LoadStringA
FindWindowA
OffsetRect
InsertMenuA
GetMenuCheckMarkDimensions
PostQuitMessage
CharUpperA
DestroyIcon
IntersectRect
InflateRect
DispatchMessageA
AdjustWindowRectEx
DeferWindowPos
GetClientRect
BeginDeferWindowPos
EndDeferWindowPos
ScreenToClient
ScrollWindow
SetScrollInfo
ShowScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
RegisterClassA
GetWindowTextLengthA
SetWindowsHookExA
CallNextHookEx
DeleteMenu
GetMenuState
GetForegroundWindow
SetForegroundWindow
CallWindowProcA
RemovePropA
GetMessageTime
ModifyMenuA
LoadBitmapA
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
GetLastActivePopup
BringWindowToTop
IsWindowVisible
IsIconic
GetFocus
EqualRect
CopyRect
GetDlgItem
InvalidateRect
SetWindowLongA
wsprintfA
GetKeyState
SetWindowPos
GetDlgCtrlID
GetMenuItemCount
GetSubMenu
GetMenuItemID
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
GetMenu
LoadIconA
GetClassInfoA
LoadMenuA
DestroyMenu
SetFocus
GetParent
GetActiveWindow
ShowWindow
GetWindowLongA
IsWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
SendMessageA
SetCursor
PeekMessageA
PostMessageA
GetCapture
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
CheckMenuItem
SetRectEmpty
RegisterWindowMessageA
SetTimer
GetSystemMetrics
EnableWindow
UpdateWindow
EnableMenuItem
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
GetMessagePos
SetMenuItemBitmaps
GetWindowRect
SetPropA
GetSysColor
UnhookWindowsHookEx
CreateWindowExA
DefWindowProcA
GetPropA
GetWindowTextA
CharNextA
DefDlgProcA
IsWindowUnicode
ShowCaret
WindowFromPoint
UnregisterClassA
HideCaret
DrawFocusRect
ExcludeUpdateRgn

gdi32

CreateCompatibleDC
CreateDCA
SetTextColor
SetBkColor
GetObjectA
CreateBitmap
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
BitBlt
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
IntersectClipRect
DeleteObject
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextExtentPointA
PatBlt
CreateDIBitmap
OffsetViewportOrgEx
CreateCompatibleBitmap

comdlg32

GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegSetValueA
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegQueryValueA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegCloseKey

shell32

ExtractIconA
DragQueryFileA
DragFinish
SHGetFileInfoA

comctl32

ImageList_Destroy
ord17

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

172308efbf26d11b0f628909a4dcef5b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 140KB - Virtual size: 140KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 36KB - Virtual size: 36KB

.idata Size: 12KB - Virtual size: 12KB

.rsrc Size: 12KB - Virtual size: 12KB

.aspack Size: 6KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

.text
Size: 140KB - Virtual size: 140KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 36KB - Virtual size: 36KB

.idata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 12KB - Virtual size: 12KB

.aspack
Size: 6KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB