18f98111e911a38eca787551bfdf620f

Sharing

Copy URL Twitter E-mail

General

Target

18f98111e911a38eca787551bfdf620f
Size

108KB
MD5

18f98111e911a38eca787551bfdf620f
SHA1

0525cae37f5486163cd8c4935e73d40a6a9dbc23
SHA256

0565f4310bda63fad99ba6a4a93c2f2f9bbff82f308a443c1c60d12570992658
SHA512

95fdcf04e7e86c81635b5224c47b07c15f2603de9f80908ebe14033cb35995a294fd61e8c371cbe7670c29c9bc65dde1d89a8d5e541fc9c5955ab6da12dfcc71
SSDEEP

1536:lqIvFr30Lfjt49uMdEkmS9nqZsn/C5e/wGs9jpyE8ETg+9YQozcDVwK6s:Hr3k4wP3dgdsT58ET39yWK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18f98111e911a38eca787551bfdf620f

Files

18f98111e911a38eca787551bfdf620f
.exe windows:4 windows x86 arch:x86

719197b93c3251ea9f327d66d18bfd22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

EnableMenuItem
GetSubMenu
SetWindowPos
PostQuitMessage
GetMessageA
SetWindowTextA
UnhookWindowsHookEx
GetSysColorBrush
EnumWindows
GetSysColor
FrameRect
GetScrollPos
EqualRect

kernel32

GetTempPathA
RtlUnwind
GetTimeZoneInformation
FileTimeToSystemTime
GetACP
ExitProcess
GetFileAttributesA
SetUnhandledExceptionFilter
GetOEMCP
QueryPerformanceCounter
GetStartupInfoA
GetCurrentProcessId
GetTickCount
VirtualAllocEx
InterlockedExchange
GetThreadLocale

gdi32

FillRgn
SelectClipPath
CopyEnhMetaFileA
GetMapMode
CreateCompatibleBitmap
CreateICW
ExcludeClipRect
DPtoLP
SetViewportExtEx

ole32

StgOpenStorage
CoTaskMemRealloc
CoInitialize
CoRevokeClassObject
CoInitializeSecurity
DoDragDrop
CoCreateInstance
StringFromGUID2
OleRun

advapi32

CryptHashData
RegCreateKeyA
RegQueryValueExW
CheckTokenMembership
GetSecurityDescriptorDacl
QueryServiceStatus
FreeSid
GetUserNameA
AdjustTokenPrivileges
RegCreateKeyExW

msvcrt

_strdup
strncpy
__getmainargs
iswspace
__setusermatherr
signal
_CIpow
raise
strcspn
fflush
puts
fprintf
_flsbuf
_lock
__initenv
_mbscmp
strlen
_fdopen

comctl32

ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_SetIconSize
InitCommonControls
ImageList_DrawEx
ImageList_GetBkColor
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_DragEnter
ImageList_Destroy
CreatePropertySheetPageA
ImageList_GetIconSize
ImageList_Write

shell32

ExtractIconW
DoEnvironmentSubstW
SHBrowseForFolderA
DragQueryFileW
ExtractIconExW
DragQueryFileA
ShellExecuteEx
SHGetPathFromIDList
CommandLineToArgvW
ShellExecuteW
DragAcceptFiles

oleaut32

VariantCopy
SafeArrayPtrOfIndex
SafeArrayCreate
SafeArrayPutElement
SafeArrayRedim
SysReAllocStringLen
SafeArrayUnaccessData
SafeArrayGetUBound

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

719197b93c3251ea9f327d66d18bfd22

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 32KB - Virtual size: 31KB

.data Size: 41KB - Virtual size: 40KB

.rsrc Size: 34KB - Virtual size: 112KB

.text
Size: 32KB - Virtual size: 31KB

.data
Size: 41KB - Virtual size: 40KB

.rsrc
Size: 34KB - Virtual size: 112KB