141bb9bc07484f1c1f17b2615e4cdb85

Sharing

Copy URL Twitter E-mail

General

Target

141bb9bc07484f1c1f17b2615e4cdb85
Size

640KB
MD5

141bb9bc07484f1c1f17b2615e4cdb85
SHA1

dd633c8e1e4737426b88e0aa6a4334a9b9ba2933
SHA256

f44bcbc53943bcc3e154395ff70d3d4bd273b293bf525851900f1bdd6e8952c4
SHA512

7362535c169ff72f7db6a3d05b9ab2e35ed6eda8a63387c3dbf8e0312437d976e2439490c8d8dadb60dc9e5be8b7d25c230c20cb0843fd4b99cebb8b980851ed
SSDEEP

12288:ljwy16m8TXSQ+nbD1WsWRnOk7WG/HVo0XRk6qUAhbQzFA0H/A8mBuQ9W/B:dwy163iQIn1frk7WGvVo0m6IEAaA8mBs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
141bb9bc07484f1c1f17b2615e4cdb85

Files

141bb9bc07484f1c1f17b2615e4cdb85
.exe windows:4 windows x86 arch:x86

dfdbe8d47fd6cac8bc703bd2a0b9ecee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteExA

gdi32

SelectClipRgn
Polygon
RealizePalette
PolyPolyline
InvertRgn
Rectangle
GetOutlineTextMetricsW
SetDIBColorTable
SetAbortProc
CopyMetaFileW
LineTo
FrameRgn
SetPixelFormat
FloodFill
GetMiterLimit
GetColorAdjustment

kernel32

GetEnvironmentStrings
SetCurrentDirectoryW
OpenWaitableTimerA
GetCPInfo
WriteConsoleOutputA
CompareStringA
LockFileEx
DeleteCriticalSection
GetLocaleInfoA
LCMapStringW
ExpandEnvironmentStringsW
GetLocaleInfoW
OpenMutexA
GetLastError
GetCurrentThread
SleepEx
SystemTimeToTzSpecificLocalTime
SetCurrentDirectoryA
InterlockedDecrement
VirtualAllocEx
VirtualQuery
SetFileTime
VirtualFree
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
CreateToolhelp32Snapshot
GetCompressedFileSizeA
EnterCriticalSection
GetSystemTimeAdjustment
FileTimeToLocalFileTime
CreateMutexA
HeapCreate
VirtualAlloc
GetPriorityClass
QueryPerformanceCounter
GetConsoleCP
HeapFree
EnumResourceTypesA
GetTimeFormatA
TlsAlloc
GetStringTypeExA
HeapReAlloc
GetSystemTimeAsFileTime
FindResourceA
GetModuleHandleW
WriteProfileSectionW
GetProcessHeap
GetShortPathNameW
GetEnvironmentStringsW
TlsFree
OpenSemaphoreW
HeapAlloc
FreeLibrary
IsDebuggerPresent
WriteConsoleA
Sleep
GetConsoleOutputCP
SetTimeZoneInformation
GetModuleFileNameA
FreeEnvironmentStringsW
GetStartupInfoA
GetConsoleTitleA
SetConsoleCtrlHandler
LeaveCriticalSection
SetFilePointer
GetDateFormatA
GetTickCount
WriteFile
SetLocaleInfoA
SetConsoleOutputCP
EnumSystemLocalesA
WriteConsoleW
IsValidCodePage
ReadFile
TlsSetValue
UnhandledExceptionFilter
WriteFileEx
InterlockedIncrement
EnumResourceLanguagesA
GetStringTypeA
GetFileType
LocalLock
FlushFileBuffers
IsValidLocale
HeapDestroy
GetProcAddress
FindResourceExW
GetConsoleScreenBufferInfo
ExitProcess
LoadLibraryA
GetCurrentProcessId
GetCurrentProcess
GetProcAddress
GetSystemDefaultLCID
SetUnhandledExceptionFilter
VirtualQueryEx
GetDiskFreeSpaceExA
CompareStringW
FlushViewOfFile
InterlockedExchange
SetEnvironmentVariableA
ReadConsoleInputA
TerminateProcess
CreateSemaphoreW
CloseHandle
FreeEnvironmentStringsA
GetUserDefaultLCID
GlobalFindAtomW
MoveFileA
HeapSize
SetHandleCount
MultiByteToWideChar
TlsGetValue
WaitForDebugEvent
SetStdHandle
GetConsoleMode
GetCurrentThreadId
ReadConsoleOutputCharacterW
HeapValidate
DuplicateHandle
GetCommandLineA
SetLastError
GetStdHandle
WaitForMultipleObjects
GetTimeZoneInformation
FreeLibraryAndExitThread
lstrcatW
GetACP
WideCharToMultiByte
RtlZeroMemory
GetOEMCP
GetStringTypeW
LCMapStringA
CreateSemaphoreA
RemoveDirectoryW
RtlUnwind
CreateFileA
GetCommandLineW

user32

IsWindowUnicode
GetClassLongW
GetKeyNameTextA
DdeQueryNextServer
CreateAcceleratorTableA
BeginDeferWindowPos
ModifyMenuA
SetActiveWindow
CallWindowProcW
GetActiveWindow
SendMessageA
GetWindowLongW
GetSysColorBrush
UnhookWinEvent
DdeCreateStringHandleA
GetMessageTime
GetMenuItemInfoA
DialogBoxIndirectParamW
GetWindowModuleFileNameA
GetNextDlgGroupItem
RegisterClassExA
InsertMenuItemA
DefWindowProcA
CreateDialogParamW
LoadIconW
SetMenuItemBitmaps
ToAscii
DdeSetUserHandle
CreateWindowStationA
LoadStringW
MessageBoxIndirectA
OpenWindowStationW
SetMenuItemInfoA
ChildWindowFromPoint
MessageBoxW
ActivateKeyboardLayout
LoadKeyboardLayoutW
CopyAcceleratorTableW
DrawTextW
GetAltTabInfo
CreateDialogParamA
IsCharAlphaW
ExitWindowsEx
SendMessageW
EnumPropsW
IsDialogMessageW
DdeAccessData
DdeGetData
MessageBoxA
DlgDirSelectExW
EnumDisplaySettingsExA
RegisterClassA
HideCaret
ImpersonateDdeClientWindow
TileChildWindows
CharPrevW
CharPrevExA
RedrawWindow
IsCharLowerA
DdeImpersonateClient
MessageBoxExA
GetClientRect
ShowWindow
CloseDesktop
GetWindowPlacement
FindWindowA
GetPropA
AdjustWindowRectEx
DdeClientTransaction
EditWndProc
GetDlgCtrlID
DrawMenuBar
GetListBoxInfo
GetMenuContextHelpId
SendMessageTimeoutA
DragDetect
InvalidateRect
OpenDesktopA
SetClipboardData
CreateWindowExA
WINNLSEnableIME
EnumWindowStationsA
EnumThreadWindows
DestroyWindow
DdeKeepStringHandle
ChangeClipboardChain
ReleaseDC
ChangeDisplaySettingsExA
AttachThreadInput
GetGUIThreadInfo
InSendMessage
GetOpenClipboardWindow
IsMenu
GetMenuState
DeferWindowPos
GetFocus
SetClassLongA
DdeGetLastError
GetSystemMetrics
SetWindowsHookA
DefWindowProcW
GetUserObjectInformationA
LoadKeyboardLayoutA
DrawStateW

comctl32

CreatePropertySheetPageW
ImageList_DrawIndirect
ImageList_LoadImage
ImageList_GetImageCount
ImageList_Merge
DrawStatusText
CreateStatusWindowA
DrawStatusTextW
CreatePropertySheetPageA
InitCommonControlsEx
ImageList_DragEnter
ImageList_Create
ImageList_Remove
ImageList_ReplaceIcon
CreateUpDownControl

comdlg32

GetFileTitleW
ChooseColorW
FindTextA

advapi32

InitiateSystemShutdownW
RegSetKeySecurity
StartServiceA
LookupPrivilegeNameW
GetUserNameW
LookupAccountNameW
CryptAcquireContextA
LogonUserA
CryptCreateHash
LookupPrivilegeDisplayNameA
CryptHashData
LogonUserW
CryptDuplicateKey

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dfdbe8d47fd6cac8bc703bd2a0b9ecee

Headers

File Characteristics

Imports

shell32

gdi32

kernel32

user32

comctl32

comdlg32

advapi32

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 264KB - Virtual size: 261KB

.data Size: 116KB - Virtual size: 141KB

.rsrc Size: 80KB - Virtual size: 76KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 264KB - Virtual size: 261KB

.data
Size: 116KB - Virtual size: 141KB

.rsrc
Size: 80KB - Virtual size: 76KB