148c16106418d3958a23676933a5dbb5

Sharing

Copy URL Twitter E-mail

General

Target

148c16106418d3958a23676933a5dbb5
Size

191KB
MD5

148c16106418d3958a23676933a5dbb5
SHA1

fd5f1cc0ed5f611381346c13422fb5bc16bc0fa8
SHA256

9c644391df1080ac4cd1a0c4816793132bf23bd5dc0a28e10c908b8d8ca52b3b
SHA512

2c87ee8a3a35913b73447eb900a0b4228e3f9d3ba78595292e63f4c366a2f53b322176ef5cbb543e2640dbb92ddaa088fc050be37b89c8ff3f0fc992e6f9b184
SSDEEP

3072:ST1hPPeBD7kdryHJQuNAtvvjunq2HBhRszH9gPrIScbMPWWrsASwozyeH5QTBwPB:ePkHDRgH9ISUrJcd7v0ZH37f5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
148c16106418d3958a23676933a5dbb5

Files

148c16106418d3958a23676933a5dbb5
.exe windows:4 windows x86 arch:x86

a7ad3ac8ab060d6de256056b2f25b72d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegSetValueExW

kernel32

GetSystemDirectoryW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetThreadContext
GetStartupInfoA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetConsoleCP
SetHandleCount
HeapSize
GetStdHandle
FatalAppExitA
HeapCreate
HeapDestroy
IsValidCodePage
GetOEMCP
GetACP
GetCurrentThread
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
SetLastError
FormatMessageW
GetLastError
FreeLibrary
LoadLibraryW
LocalFree
GetProcAddress
QueryPerformanceCounter
QueryPerformanceFrequency
GetEnvironmentVariableA
GetModuleHandleA
GetModuleHandleW
GetFileAttributesW
GetVersion
CreateSemaphoreW
CloseHandle
ReleaseSemaphore
WaitForSingleObject
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetEvent
OpenEventW
GetModuleFileNameW
OutputDebugStringA
GetTickCount
MultiByteToWideChar
GetTempPathW
GetVersionExW
GetComputerNameExW
GetTimeZoneInformation
GetLocalTime
ReleaseMutex
LoadLibraryA
CreateMutexA
GetVersionExA
WideCharToMultiByte
GetCommandLineW
GetEnvironmentVariableW
SetErrorMode
SetHandleInformation
Sleep
ResetEvent
CreateEventA
GetWindowsDirectoryA
FormatMessageA
GetConsoleMode
GlobalFree
WaitForMultipleObjects
CreateEventW
GetProcessTimes
GetCurrentProcess
GetVolumeInformationA
GetDriveTypeA
VirtualAlloc
VirtualFree
FindFirstFileW
FindFirstFileA
FindNextFileW
FindNextFileA
FindClose
GetPrivateProfileStringA
GetPrivateProfileIntA
CreateFileA
ReadFile
WriteFile
DeviceIoControl
GetCurrentProcessId
GetModuleFileNameA
GetSystemTime
SystemTimeToFileTime
LocalAlloc
GetFileSize
SearchPathA
CreateSemaphoreA
OpenSemaphoreA
TryEnterCriticalSection
SwitchToThread
ResumeThread
CreateThread
TerminateThread
lstrcmpA
lstrcpyA
CreateProcessA
lstrcatA
lstrlenA
IsDBCSLeadByteEx
GetStringTypeW
HeapReAlloc
GetStringTypeA
GetCPInfo
LCMapStringW
LCMapStringA
GetFullPathNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
CreateDirectoryW
DeleteFileW
DeleteFileA
MoveFileW
MoveFileA
CreateFileW
GetFileType
DuplicateHandle
ExitThread
ExitProcess
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDateFormatA
GetTimeFormatA
GetProcessHeap
GetCommandLineA
GetCurrentThreadId
FlushFileBuffers
SetConsoleCtrlHandler
SetEnvironmentVariableW
SetFilePointer
SetStdHandle
GetFileAttributesA
CreatePipe
GetExitCodeProcess
SetEndOfFile
VirtualQuery
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemDirectoryA
CompareStringW
HeapAlloc
HeapFree
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
RaiseException
RtlUnwind
GetFullPathNameW

gdi32

DeleteObject
SelectObject
StretchBlt
GetDIBColorTable
SetDIBColorTable
GetObjectW
GetStockObject
RemoveFontMemResourceEx
CreateDIBSection
DeleteDC
Rectangle
CreateSolidBrush
SetWindowOrgEx
SetViewportOrgEx
LPtoDP
GetDeviceCaps
CreateDCW
CreateRectRgnIndirect
SetMapMode
SaveDC
RestoreDC
GdiFlush
BitBlt
GetGlyphOutlineW
CreateFontW
AddFontMemResourceEx
CreateCompatibleDC

user32

ToUnicode
GetMessageExtraInfo
ScreenToClient
TrackMouseEvent
CreateWindowExW
ShowWindow
UpdateWindow
CharNextW
UnionRect
IntersectRect
OffsetRect
RegisterClassExW
IsDialogMessageW
GetClassInfoExW
GetKeyState
IsChild
SetWindowRgn
GetWindowDC
UnregisterClassA
CallWindowProcW
GetPropW
EndDialog
DialogBoxIndirectParamW
DefWindowProcW
SystemParametersInfoW
HideCaret
GetDlgItem
GetDlgCtrlID
GetParent
IsDlgButtonChecked
WindowFromPoint
IsWindow
MsgWaitForMultipleObjects
GetMonitorInfoW
MonitorFromWindow
CheckDlgButton
EnableWindow
EndPaint
TrackPopupMenu
MapWindowPoints
GetClientRect
GetWindowRect
GetActiveWindow
EqualRect
PtInRect
MessageBoxW
GetSysColor
SetRect
ClientToScreen
DialogBoxParamW
NotifyWinEvent
UnregisterClassW
GetCaretBlinkTime
GetDoubleClickTime
GetSystemMetrics
GetFocus
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
EmptyClipboard
MsgWaitForMultipleObjectsEx
ReleaseCapture
SetCapture
DestroyWindow
GetDesktopWindow
SetFocus
SetCursor
WindowFromDC
InvalidateRect
DestroyMenu
RegisterClassW
LoadCursorW
SetRectEmpty
TranslateMessage
PeekMessageW
DispatchMessageW
CharLowerBuffW
GetCursorPos
SetPropW
GetSubMenu
RemoveMenu
SetMenuItemInfoW
LoadMenuIndirectW
KillTimer
SetWindowTextW
SetTimer
BeginPaint
SetClipboardData
GetKeyboardLayout
PostMessageW
FindWindowW
RegisterWindowMessageW
PostThreadMessageW
GetWindowLongW
SetWindowLongW
GetForegroundWindow
EnumDisplayDevicesW
SendMessageW
SetWindowPos
GetDC
ReleaseDC
GetKeyboardState
RemovePropW
GetWindowTextW
GetWindow

shell32

ShellExecuteExW
ShellExecuteW
SHFileOperationW
SHGetFolderPathW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

comctl32

InitCommonControlsEx

ole32

CoCreateInstance
OleRegGetMiscStatus
OleSaveToStream
OleLoadFromStream
OleRegEnumVerbs
OleRegGetUserType
WriteClassStm
CoTaskMemRealloc
CreateOleAdviseHolder
StringFromGUID2
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CreateBindCtx
CreateStreamOnHGlobal
CoInitialize
CoGetMalloc

oleacc

LresultFromObject

pdh

PdhGetFormattedCounterValue
PdhCollectQueryData
PdhAddCounterW
PdhMakeCounterPathW
PdhLookupPerfNameByIndexW
PdhCloseQuery
PdhOpenQueryW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

winmm

timeGetDevCaps
timeEndPeriod
timeBeginPeriod
timeGetTime

crypt32

CertVerifyCertificateChainPolicy

setupapi

SetupIterateCabinetW

oleaut32

DispGetIDsOfNames
DispGetIDsOfNames
VarI2FromR8
SetErrorInfo

Sections

.text
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 306B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7ad3ac8ab060d6de256056b2f25b72d

Headers

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

shell32

comdlg32

comctl32

ole32

oleacc

pdh

version

winmm

crypt32

setupapi

oleaut32

Sections

.text Size: 138KB - Virtual size: 137KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 41KB - Virtual size: 41KB

.reloc Size: 512B - Virtual size: 306B

.text
Size: 138KB - Virtual size: 137KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 41KB - Virtual size: 41KB

.reloc
Size: 512B - Virtual size: 306B