15b72ecf311cc8936d005fc981e71c5b

Sharing

Copy URL Twitter E-mail

General

Target

15b72ecf311cc8936d005fc981e71c5b
Size

356KB
MD5

15b72ecf311cc8936d005fc981e71c5b
SHA1

8fd160c3c97565a051141a4f66497b52e8d8c84e
SHA256

2bc177e6b0799e441ab71ffc0cb5064891110cce0f16a2e5be1c3d9be7ddc794
SHA512

575a56540766a92ffd8e86b8b23e14a66fa0f1e90b3cdb92a0efc0a7bcc31a2152b4266abdd91cfaa9d408a54d5e647a22b69ce8624254b4636eb5b173070c89
SSDEEP

6144:4Rb+bqJu4bsB5XFwUp8AkXAG7uqvFKidyN+wvAywnDlqL/pHUsqu4/c6EWB:4RqWussBbwo8Aal9vNdrwvD7pHU1uoDH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15b72ecf311cc8936d005fc981e71c5b

Files

15b72ecf311cc8936d005fc981e71c5b
.exe windows:4 windows x86 arch:x86

9217b00416d9ad9b3452319fe03aff72

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdeCmpStringHandles
MapVirtualKeyW
MessageBoxExW
ChangeMenuW
GetInputState
DdeCreateStringHandleW
GetSystemMenu
DdeUninitialize
EndTask
ShowWindow
DdeDisconnect
GetGUIThreadInfo
DlgDirListComboBoxA
SetMenuContextHelpId
RegisterClassA
CreateIconIndirect
GetClassWord
SetProcessDefaultLayout
LoadImageW
SetScrollInfo
DestroyWindow
MessageBoxW
EnumDisplaySettingsExW
DefWindowProcA
SendIMEMessageExA
GetMenuItemID
RegisterClassExA
DeferWindowPos
CreateWindowExW
BroadcastSystemMessageW
EnumWindowStationsW
UnloadKeyboardLayout

comctl32

DrawStatusText
ImageList_DragMove
ImageList_Duplicate
ImageList_ReplaceIcon
CreatePropertySheetPageW
InitCommonControlsEx
ImageList_AddIcon
ImageList_GetIconSize
CreateUpDownControl
ImageList_Draw
CreateToolbarEx
CreateToolbar
ImageList_SetDragCursorImage
_TrackMouseEvent
ImageList_LoadImage
InitMUILanguage
ImageList_Add
ImageList_LoadImageA
DrawStatusTextA
ImageList_GetBkColor
ImageList_SetOverlayImage
ImageList_DrawIndirect

kernel32

InterlockedDecrement
GetPrivateProfileSectionNamesW
WriteConsoleW
OpenMutexA
GetTimeFormatA
GetLogicalDriveStringsA
GetCPInfo
LCMapStringA
GetShortPathNameA
TransmitCommChar
WaitNamedPipeW
GetOEMCP
GetTempFileNameA
GetProfileStringW
ReadConsoleOutputCharacterA
WideCharToMultiByte
VirtualQuery
GetCompressedFileSizeA
WriteFile
GetStartupInfoW
SetConsoleCtrlHandler
SetConsoleActiveScreenBuffer
GetProcAddress
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
GetModuleFileNameA
GetProcessAffinityMask
SetStdHandle
GetUserDefaultLCID
IsDebuggerPresent
ReadConsoleA
LCMapStringW
DuplicateHandle
SetLocaleInfoW
GetStringTypeA
WriteConsoleA
SetLastError
GetEnvironmentStringsW
GetVersionExA
SetFilePointer
CompareStringA
CreateMutexA
GetCurrentDirectoryA
SetTimeZoneInformation
GetCurrentThreadId
lstrlenA
MultiByteToWideChar
LoadLibraryA
VirtualAlloc
GetCurrencyFormatA
CreateDirectoryExW
TlsFree
EnterCriticalSection
GetNumberFormatA
VirtualFree
GlobalFindAtomA
SuspendThread
WritePrivateProfileSectionW
GetCommandLineA
GlobalAlloc
UnlockFileEx
SetUnhandledExceptionFilter
HeapDestroy
ReadConsoleOutputA
GetLocalTime
GetCurrentThread
SetPriorityClass
UnhandledExceptionFilter
DebugBreak
Sleep
HeapSize
GetPriorityClass
EnumDateFormatsW
SetConsoleWindowInfo
SetConsoleTitleA
IsValidLocale
TerminateProcess
CreateMailslotW
CreateFileA
CreateSemaphoreW
FreeEnvironmentStringsA
CompareStringW
SetHandleCount
GetTickCount
lstrcmpiA
OpenWaitableTimerA
VirtualQueryEx
GetStringTypeW
RaiseException
GetConsoleMode
EnumSystemLocalesW
GetProfileSectionW
HeapReAlloc
GetLocaleInfoW
GetEnvironmentStrings
RtlUnwind
FindNextChangeNotification
GetModuleHandleA
TlsAlloc
GetConsoleOutputCP
EnumDateFormatsExA
AddAtomA
CloseHandle
GetLocaleInfoA
FreeEnvironmentStringsW
GetModuleFileNameW
GetCurrencyFormatW
HeapCreate
FlushFileBuffers
GetProcessHeap
GetPrivateProfileStringW
lstrcmpA
GetVersion
TlsSetValue
GetConsoleCP
FileTimeToLocalFileTime
GetLastError
WriteConsoleOutputA
GetCurrentProcess
WriteConsoleInputW
LockFile
GetACP
GetStartupInfoA
SetComputerNameA
LeaveCriticalSection
SetEnvironmentVariableA
InterlockedExchange
SetConsoleCP
GetCommandLineW
SetFileTime
DeleteCriticalSection
EnumCalendarInfoExW
EnumSystemLocalesA
TlsGetValue
GetTimeZoneInformation
ReadFile
CreateToolhelp32Snapshot
VirtualLock
IsValidCodePage
HeapFree
InitializeCriticalSection
LocalCompact
CreateDirectoryExA
GetModuleHandleW
HeapAlloc
FreeLibrary
InterlockedIncrement
ExitProcess
FindResourceExA
SetThreadAffinityMask
EnumSystemCodePagesW
GetDateFormatA
GetStdHandle

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9217b00416d9ad9b3452319fe03aff72

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 132KB - Virtual size: 128KB

.rdata Size: 100KB - Virtual size: 98KB

.data Size: 96KB - Virtual size: 125KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 132KB - Virtual size: 128KB

.rdata
Size: 100KB - Virtual size: 98KB

.data
Size: 96KB - Virtual size: 125KB

.rsrc
Size: 24KB - Virtual size: 20KB