1170ffca1bab74ebd23934481868e9a9

Sharing

Copy URL

Twitter E-mail

General

Target

1170ffca1bab74ebd23934481868e9a9
Size

2.4MB
MD5

1170ffca1bab74ebd23934481868e9a9
SHA1

8cc524b6514ae43556fdc2aed3bc8aa165cd66be
SHA256

20912f83d7d9618188f6133d0ea717db2dcbd84e313b9adfa590c344bc750033
SHA512

c000f9c06ff0e3afa8ba9acf88805de22a2c5b8cfa2934dac468a51965b3ce6575e755e14aff7deb5903eba0f89103f17933115d31e19b5ae22f92cf86e31524
SSDEEP

49152:xP/PR5iTdweXvchZxtZceZZqy2dg8jfzpQCh:tPviTb0zxtZbHr2dg8jfdQG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1170ffca1bab74ebd23934481868e9a9

Files

1170ffca1bab74ebd23934481868e9a9
.exe windows:4 windows x86 arch:x86

167ab12c68c0499597bf170a9cc4d50c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SafeArrayCreate
VariantChangeTypeEx
SafeArrayPutElement
VariantCopyInd
VariantClear

kernel32

lstrcmpiW
Sleep
SetHandleCount
TlsAlloc
LoadResource
IsValidLocale
GetCommandLineA
FindResourceW
GetStdHandle
LocalAlloc
EnterCriticalSection
FreeEnvironmentStringsW
GetProcAddress
GetLastError
TerminateProcess
GetCurrentThreadId
GetFileSize
WideCharToMultiByte
GetCurrentDirectoryA
GetSystemTimeAsFileTime
HeapCreate
LoadLibraryExA
SetStdHandle
ReadConsoleW
MultiByteToWideChar
AreFileApisANSI
SetFileAttributesA
SetEvent
LockResource
MapViewOfFile
ReadFile
UnhandledExceptionFilter
VirtualAlloc
FindFirstFileW
HeapAlloc
LeaveCriticalSection
QueryPerformanceCounter
RtlUnwind
InterlockedExchange
SetLastError
SetThreadPriority
GetStringTypeA
GlobalLock
CloseHandle
SetUnhandledExceptionFilter
GetVersionExW
GlobalAlloc
SetFilePointer
WriteFile
GetModuleHandleA
WritePrivateProfileStringW
ExpandEnvironmentStringsW
LoadLibraryA
GetFileType
HeapDestroy
HeapReAlloc
GetModuleHandleW

gdi32

CreateSolidBrush
CreateBrushIndirect
SelectObject
CreateFontW
CreateDCW
GetBkColor
CreateFontIndirectA
CreateCompatibleDC
EndPage
CreateFontIndirectW
SetWindowExtEx
GetDIBits
DeleteObject
FrameRgn
SetTextColor
GetDeviceCaps
SetPixel
SetBkMode
SetBkColor
SetDCPenColor
RectVisible
GdiFlush
DeleteDC
GetCurrentPositionEx
RealizePalette
TextOutW

comctl32

ImageList_SetImageCount
_TrackMouseEvent
ImageList_GetImageCount
ImageList_Destroy
ImageList_ReplaceIcon

shell32

StrStrA
StrChrA

advapi32

RegOpenKeyA
RegisterEventSourceW
RegDeleteKeyA
CopySid
RegSetValueExW
OpenProcessToken
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegQueryValueExW
AllocateAndInitializeSid
RegEnumValueA
CryptHashData
RegOpenKeyExA

shlwapi

PathFindExtensionA
PathFindExtensionW
StrToIntA
PathRemoveFileSpecW
PathRemoveBackslashW
PathStripToRootW
PathCompactPathExW
UrlUnescapeW
PathStripPathW
PathFileExistsW
StrTrimA

user32

EnableWindow
DestroyMenu
KillTimer
GetDC
UpdateWindow
DestroyWindow
MsgWaitForMultipleObjects
ShowWindow
MessageBoxW
LoadCursorA
GetDlgItem
OffsetRect
SetCursor
GetSysColor
GetMenuItemCount
CharToOemA
GetWindowThreadProcessId
ClientToScreen
OpenClipboard
GetSubMenu
TranslateAcceleratorW
CharLowerA
GetWindowLongW
LoadBitmapW
GetWindowLongA
IsWindow
SetWindowPos
GetSysColorBrush
DrawTextA
SetWindowLongW
CallWindowProcW
MoveWindow
DrawFrameControl
GetParent
PeekMessageA
AppendMenuW
LoadImageW
IsWindowEnabled
GetNextDlgTabItem
SendMessageW
InvalidateRect
GetMenuState
ExitWindowsEx
SetDlgItemTextW
UnregisterClassW
ReleaseCapture
SetActiveWindow
BringWindowToTop
wsprintfA
LoadBitmapA
SystemParametersInfoA
GetSystemMetrics
LoadCursorW
PostQuitMessage
GetClientRect
TranslateMessage
GetMenu
SetWindowTextW
EndDialog
SetWindowsHookExW
GetFocus
WindowFromPoint
BeginPaint
GetWindowRect
CharNextA
CharUpperW
RegisterClassA
CallNextHookEx
LoadStringW
CreateDialogParamW

msvcrt

wcscpy
_getche
_controlfp
__set_app_type
_vsnwprintf
swprintf
_initterm
_XcptFilter
_makepath
qsort
_wfopen
malloc
_adjust_fdiv
fclose
__getmainargs
free
calloc
wcsncpy
_except_handler3
_exit

Sections

.text
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 188KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

167ab12c68c0499597bf170a9cc4d50c

Headers

File Characteristics

Imports

oleaut32

kernel32

gdi32

comctl32

shell32

advapi32

shlwapi

user32

msvcrt

Sections

.text Size: 204KB - Virtual size: 200KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 1.9MB - Virtual size: 1.9MB

.rsrc Size: 188KB - Virtual size: 184KB

.text
Size: 204KB - Virtual size: 200KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 1.9MB - Virtual size: 1.9MB

.rsrc
Size: 188KB - Virtual size: 184KB