18398ffb44c1bb39026041e50d831d1e

Sharing

Copy URL Twitter E-mail

General

Target

18398ffb44c1bb39026041e50d831d1e
Size

407KB
MD5

18398ffb44c1bb39026041e50d831d1e
SHA1

61a3a5973c71a81f6bff279eb81ca61902af04d9
SHA256

c55e694e3a9f68702e55d54932084541d886a6b3ba53f82e655403a1c2ef861c
SHA512

c05cbf49b327895779e76910c237d54e52d40fec5df44859666c5b0da8db7b78c337cda3bf6675c77bd4b7856773544c287acfae0d1df37c9a86f2c0986e4b77
SSDEEP

12288:2xKvChIcb0Gzgk7TlGAbrNYeMU3bOB3fo:2KahXb04nRPqeM20Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18398ffb44c1bb39026041e50d831d1e

Files

18398ffb44c1bb39026041e50d831d1e
.exe windows:4 windows x86 arch:x86

f7647f2baad14f2db3e28af5e9d6777d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpQueryInfoA
FindNextUrlCacheEntryExW

shell32

DuplicateIcon
SHInvokePrinterCommandA
ShellAboutW

user32

PaintDesktop
SetMenuInfo
BeginDeferWindowPos
IsRectEmpty
EnableMenuItem
EnumPropsExW
LoadImageW
SystemParametersInfoW
CheckRadioButton
GetPriorityClipboardFormat
SetUserObjectSecurity
CreateIcon
SetRectEmpty
SetActiveWindow
GetKeyboardState
InsertMenuItemA
IsChild
SetScrollPos
ToUnicodeEx
CreateAcceleratorTableW
GetWindowTextW
LoadMenuIndirectW
GetUserObjectSecurity
ToAsciiEx
LookupIconIdFromDirectory

advapi32

DuplicateTokenEx
RegConnectRegistryA
CryptEnumProvidersA
InitializeSecurityDescriptor
CryptEnumProviderTypesW
CryptEncrypt

kernel32

VirtualFree
GetVersionExA
GetCurrentThreadId
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
SetHandleCount
GetOEMCP
HeapFree
GetCurrentThread
GetStdHandle
FindFirstFileExW
GetCurrentProcess
IsBadWritePtr
GetLastError
GetSystemDirectoryA
GetLocaleInfoA
HeapCreate
GetStringTypeW
GetCPInfo
GetModuleFileNameA
GetTimeFormatA
GetTickCount
IsValidLocale
EnumSystemLocalesA
GetDateFormatA
GetStringTypeA
GetCommandLineA
RtlUnwind
GetEnvironmentStrings
GetModuleHandleA
GetACP
WriteFile
FlushViewOfFile
GetSystemInfo
LoadLibraryA
HeapAlloc
GetUserDefaultLCID
TlsSetValue
LCMapStringW
WideCharToMultiByte
GetFileType
GetLocaleInfoW
lstrcpyn
GetEnvironmentStringsW
CompareStringA
GetCurrentProcessId
InterlockedExchange
GetFullPathNameA
CompareStringW
GetProcAddress
TerminateProcess
VirtualProtect
FreeEnvironmentStringsA
UnhandledExceptionFilter
FreeEnvironmentStringsW
VirtualAlloc
HeapReAlloc
SetLastError
ExitProcess
HeapSize
TlsFree
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetStartupInfoA
LCMapStringA
InitializeCriticalSection
SetEnvironmentVariableA
DeleteCriticalSection
GetSystemDirectoryW
HeapDestroy
OutputDebugStringW
VirtualQuery
QueryPerformanceCounter
IsValidCodePage
MultiByteToWideChar
TlsAlloc

comdlg32

FindTextA
ReplaceTextA
GetOpenFileNameW
PrintDlgA
PageSetupDlgW
LoadAlterBitmap
GetSaveFileNameA
GetFileTitleW
PrintDlgW
ChooseColorA
GetSaveFileNameW
ReplaceTextW
ChooseFontA
GetOpenFileNameA
GetFileTitleA
PageSetupDlgA
ChooseFontW

Sections

.text
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 271KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7647f2baad14f2db3e28af5e9d6777d

Headers

File Characteristics

Imports

wininet

shell32

user32

advapi32

kernel32

comdlg32

Sections

.text Size: 125KB - Virtual size: 124KB

.data Size: 271KB - Virtual size: 270KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 125KB - Virtual size: 124KB

.data
Size: 271KB - Virtual size: 270KB

.rsrc
Size: 10KB - Virtual size: 9KB