178b12f8e21ba0fcf23a09b18181dee4

Sharing

Copy URL Twitter E-mail

General

Target

178b12f8e21ba0fcf23a09b18181dee4
Size

237KB
MD5

178b12f8e21ba0fcf23a09b18181dee4
SHA1

e05481c71e0b2da81cc36a3a8193ebee21f37f6b
SHA256

79f11f617b96c428e073d91856b8f9b1d4c7778dce3e98abae68563350742ec1
SHA512

ff7aec5216fc0d816031de41d321bd71ed42627297f001cd121b0f359f0c4d7651db780f52276558c5976f85dbb6ca8b93e1b52da1ff0c8f35d7703ca528daae
SSDEEP

6144:HGV3yBJecunQYx7veNvKALuVIxlJqtMit:EyBJmLeNxaV0JSt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
178b12f8e21ba0fcf23a09b18181dee4

Files

178b12f8e21ba0fcf23a09b18181dee4
.exe windows:4 windows x86 arch:x86

1cd71d5f9b12ae8416c6fcbbcfcf5af6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

gdi32

DeleteObject
GetStockObject

kernel32

GetCurrentThread
FileTimeToLocalFileTime
GetStringTypeA
TerminateThread
SetStdHandle
CloseHandle
HeapReAlloc
GetCurrentProcess
DeleteFileA
GetEnvironmentStringsW
HeapAlloc
GetACP
CompareStringA
GlobalUnlock
FindResourceA
WinExec
CreateProcessA
TlsFree
VirtualAlloc
FileTimeToSystemTime
LCMapStringW
InitializeCriticalSection
FreeLibrary
GetTempPathA
GetCPInfo
lstrcpyA
LoadResource
GetTimeZoneInformation
GetFileSize
GetCurrentDirectoryA
GetACP
HeapDestroy
FindClose
GetOEMCP
HeapCreate
GetEnvironmentVariableA
GetLocaleInfoW
LoadLibraryA
GetModuleFileNameA
CreateThread
GlobalFree
GetLocaleInfoA
InterlockedIncrement
ExitProcess
GlobalAlloc
SetConsoleCtrlHandler
FreeEnvironmentStringsW
GetDriveTypeA
MultiByteToWideChar
SetFilePointer
FreeEnvironmentStringsA
SetEndOfFile
SetHandleCount
EnumSystemLocalesA
GetProcAddress
SizeofResource
GetFullPathNameA
GetComputerNameA
GetCurrentThreadId
GetFileAttributesA
GetVersionExA
lstrcatA
GetEnvironmentStrings
GetFileType
TlsAlloc
FlushFileBuffers
CreateFileA
EnterCriticalSection
WideCharToMultiByte
GetStdHandle
Sleep
GlobalHandle
GlobalLock
InterlockedDecrement
LCMapStringA
IsBadWritePtr
VirtualFree
WriteFile
SetEnvironmentVariableA
GetTempFileNameA
ReadFile
LeaveCriticalSection
SetCurrentDirectoryA
GetVersion
HeapFree
lstrlenA
RtlUnwind
TlsGetValue
TerminateProcess
IsValidLocale
GetLastError
IsValidCodePage
FatalAppExitA
GetStringTypeW
DeleteCriticalSection
FindFirstFileA
TlsSetValue
CompareStringW
LockResource
GetUserDefaultLCID
GetStartupInfoA
SetLastError
GetSystemDefaultLangID
UnhandledExceptionFilter
ResumeThread

user32

SetDlgItemTextA
EnumWindowStationsA
GetDlgItemTextA
SendMessageA
SetWindowPos
UnregisterClassA
GetWindowRect
EnableWindow
EndDialog
PostMessageA
SetClassLongA
SetForegroundWindow
PostQuitMessage
IsIconic
ShowWindow
UnhookWindowsHookEx
GetSystemMetrics
DialogBoxParamA
FindWindowA
SetWindowTextA
LoadImageA
RegisterClassExA
LoadIconA
GetClientRect
MessageBoxA
DefWindowProcA
SetWindowsHookExA
GetDlgItem

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1cd71d5f9b12ae8416c6fcbbcfcf5af6

Headers

File Characteristics

Imports

gdi32

kernel32

user32

Sections

.text Size: 121KB - Virtual size: 121KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 97KB - Virtual size: 97KB

.rsrc Size: 13KB - Virtual size: 146KB

.text
Size: 121KB - Virtual size: 121KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 97KB - Virtual size: 97KB

.rsrc
Size: 13KB - Virtual size: 146KB