111dc41587a45e9347b4c1efd8ea0c6b

Sharing

Copy URL Twitter E-mail

General

Target

111dc41587a45e9347b4c1efd8ea0c6b
Size

648KB
MD5

111dc41587a45e9347b4c1efd8ea0c6b
SHA1

b46460749f58c6b264b4e30e07611223d87757ce
SHA256

a0587138ed89c1aed2cc6745fc66627f7de09d2c7cb9a11fb92e8009a273f29d
SHA512

946e7adf8af090843fe09eee465c8dbad6407c576f8742f938f6da6449938b1c835e26b24747eb2658542d7df1ef6b12b8ab1a15d45be50394c5ddacf46a3ed2
SSDEEP

12288:XBEDH0zMesAEqVAcVLcKrVMI1SAdmRcxg8RMkpvGzD:R2H0tsAEqrVLdrGWSE+Q1ax

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
111dc41587a45e9347b4c1efd8ea0c6b

Files

111dc41587a45e9347b4c1efd8ea0c6b
.exe windows:4 windows x86 arch:x86

19f8c53baafe7f34945f16f2bbb6786a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowPlacement
GetAsyncKeyState
FindWindowA
GetMenuCheckMarkDimensions
OpenDesktopA
SetWindowRgn
DdeCreateDataHandle
GetUserObjectInformationW
GetDlgCtrlID
CreateWindowExW
GetQueueStatus
EnumWindowStationsA
VkKeyScanExW
GetMenuItemInfoW
MapVirtualKeyA
PostMessageA
InsertMenuA
ShowWindow
EndDialog
GetDialogBaseUnits
CharUpperW
GetKeyboardLayout
GetDlgItemTextW
IsCharAlphaW
GetSubMenu
EnumDisplaySettingsExA
SetUserObjectInformationW
GetShellWindow
CallWindowProcA
MapDialogRect
MessageBoxW
SetClassLongA
OemToCharBuffW
OemToCharBuffA
CreateCaret
BeginPaint
DrawTextExW
MapWindowPoints
CreateMDIWindowW
wvsprintfA
GetIconInfo
SetActiveWindow
DrawStateA
RegisterClassExA
SetMenuDefaultItem
GetMonitorInfoA
ReleaseCapture
InvertRect
EmptyClipboard
IsWindow
DestroyWindow
BeginDeferWindowPos
GetScrollBarInfo
CallNextHookEx
WINNLSGetIMEHotkey
DdeAddData
SetSysColors
GetMenuContextHelpId
CreateWindowStationA
EnumPropsExA
DdeDisconnect
DefWindowProcW
DdeReconnect
MsgWaitForMultipleObjectsEx
RegisterClassA
VkKeyScanW
DrawFocusRect
DialogBoxParamA

advapi32

CryptGetKeyParam
RegOpenKeyW
RegSetValueExA
LookupPrivilegeDisplayNameA
InitiateSystemShutdownA
CryptAcquireContextW
RegEnumValueW
RegQueryInfoKeyA
CryptContextAddRef

kernel32

WriteConsoleOutputW
FlushViewOfFile
lstrcpy
GetCurrentThreadId
SetEnvironmentVariableA
SetStdHandle
GlobalGetAtomNameW
GetUserDefaultLCID
lstrcmpW
GetCurrentProcess
GetSystemTimeAsFileTime
GetCommandLineA
GetStringTypeW
WriteFileEx
ReleaseMutex
HeapReAlloc
CloseHandle
GetWindowsDirectoryA
FindFirstFileExA
CreateMutexA
GetTickCount
AllocConsole
TerminateProcess
GlobalSize
GetTimeFormatA
GetPrivateProfileStructW
IsBadWritePtr
LoadLibraryA
GetModuleFileNameA
TlsAlloc
ReadConsoleOutputCharacterA
CreateEventW
GetFullPathNameA
GetCurrentProcessId
WideCharToMultiByte
GetProcAddress
lstrcmp
SetLocaleInfoW
CompareStringA
EnumSystemLocalesA
LocalAlloc
SetLastError
EnterCriticalSection
SetHandleCount
CreateMutexW
GetThreadPriority
GetNamedPipeHandleStateW
GetSystemInfo
GlobalFindAtomW
FileTimeToDosDateTime
GetOEMCP
VirtualFree
RemoveDirectoryA
GetModuleHandleA
LeaveCriticalSection
WriteFile
HeapDestroy
lstrcmpA
GetLastError
HeapFree
OpenMutexA
IsValidCodePage
WriteProfileSectionA
EnumSystemLocalesW
HeapCreate
LCMapStringW
GetPrivateProfileStringA
AddAtomA
QueryPerformanceCounter
FileTimeToLocalFileTime
FreeEnvironmentStringsA
GetDriveTypeW
CreateDirectoryW
MapViewOfFile
OpenEventW
ResumeThread
ReadFile
IsValidLocale
GetFileAttributesExA
GetACP
TlsFree
InitializeCriticalSection
GetDateFormatA
ExitProcess
CreateWaitableTimerA
TlsGetValue
GetStdHandle
EnumCalendarInfoA
LoadLibraryExA
LocalCompact
GetLocaleInfoW
GetTimeZoneInformation
GetWindowsDirectoryW
CreateThread
ExpandEnvironmentStringsA
GetEnvironmentStringsW
GlobalReAlloc
GetTempFileNameW
DeleteCriticalSection
WritePrivateProfileSectionW
GetVersionExA
GetLogicalDriveStringsA
GetCurrentThread
HeapAlloc
InterlockedExchange
FindFirstFileW
GetComputerNameW
UnhandledExceptionFilter
GlobalUnfix
GetStringTypeA
ContinueDebugEvent
GetProcAddress
GetLocaleInfoA
SetConsoleWindowInfo
WriteConsoleOutputAttribute
FlushFileBuffers
GetFileType
GetStartupInfoA
GetEnvironmentStrings
TlsSetValue
GetPrivateProfileStringW
MultiByteToWideChar
SleepEx
FindResourceA
VirtualQuery
VirtualAlloc
InterlockedCompareExchange
VirtualProtect
SetFilePointer
LocalFileTimeToFileTime
CompareStringW
GetCPInfo
RtlUnwind
FreeEnvironmentStringsW
LCMapStringA
DuplicateHandle
HeapSize

comdlg32

ChooseColorW
ReplaceTextW
ChooseFontA

comctl32

ImageList_SetIconSize
InitCommonControlsEx
ImageList_DrawIndirect
ImageList_BeginDrag
ImageList_SetDragCursorImage
ImageList_LoadImage
ImageList_SetFlags
CreatePropertySheetPage
ImageList_Duplicate
DrawInsert
ImageList_Draw
ImageList_DrawEx
DrawStatusTextA
ImageList_GetIconSize
ImageList_SetFilter
CreateToolbar

shell32

ShellExecuteExA
DragFinish

gdi32

GetColorAdjustment
GetICMProfileA
DeleteColorSpace
DeleteDC
DeleteObject
SetStretchBltMode
GetObjectA
GetTextFaceA
InvertRgn
CancelDC
CreateDCW
GetDeviceCaps
CreateFontIndirectW
SetFontEnumeration
RestoreDC
AbortDoc
CreateScalableFontResourceA
ExtTextOutA
EndPath
CreateDIBitmap
SwapBuffers
CopyEnhMetaFileW
GetMetaFileA
GetMapMode

Sections

.text
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19f8c53baafe7f34945f16f2bbb6786a

Headers

File Characteristics

Imports

user32

advapi32

kernel32

comdlg32

comctl32

shell32

gdi32

Sections

.text Size: 204KB - Virtual size: 203KB

.rdata Size: 260KB - Virtual size: 256KB

.data Size: 116KB - Virtual size: 131KB

.rsrc Size: 64KB - Virtual size: 60KB

.text
Size: 204KB - Virtual size: 203KB

.rdata
Size: 260KB - Virtual size: 256KB

.data
Size: 116KB - Virtual size: 131KB

.rsrc
Size: 64KB - Virtual size: 60KB