1851148aec75f5f3eb8ebe0b3e90bafb

Sharing

Copy URL Twitter E-mail

General

Target

1851148aec75f5f3eb8ebe0b3e90bafb
Size

266KB
MD5

1851148aec75f5f3eb8ebe0b3e90bafb
SHA1

2043ce7a9be01014afed1250c543d868e78a1dff
SHA256

7df3675481c703c386b48858c1d5b8be6a13579f038d9477910a14b379e49e18
SHA512

481ad15ee7c78cdaafc87750f718cc39af2ec7ae30a30134177a263ccc1ea74b58233f3c5b5d3f657180f0919446b85ad694fc12b05c628b083a017f9e22bf7c
SSDEEP

6144:yTLPU+gGwioj4OXWT+rrRZg6bspLy6Y2acV:yTLXaHA6bspG6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1851148aec75f5f3eb8ebe0b3e90bafb

Files

1851148aec75f5f3eb8ebe0b3e90bafb
.exe windows:4 windows x86 arch:x86

3f1290b99ce5e96710be25e8a35cf7d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

InvalidateRect
FindWindowExA
IsIconic
SetClassLongA
ReleaseCapture
GetInputState
HideCaret
GetClassWord
FindWindowExW
EnumDisplayDevicesA
TranslateAcceleratorA
GetClipboardOwner
DdeGetLastError
ReuseDDElParam

comdlg32

FindTextW
LoadAlterBitmap
PageSetupDlgW
PageSetupDlgA
ChooseFontA
GetOpenFileNameA
ChooseColorA
ReplaceTextW
GetSaveFileNameW
ChooseColorW
PrintDlgW
GetSaveFileNameA
FindTextA
ReplaceTextA
GetFileTitleA
GetOpenFileNameW
PrintDlgA
GetFileTitleW

wininet

FindFirstUrlCacheGroup
FindNextUrlCacheContainerA
InternetConfirmZoneCrossingW
SetUrlCacheConfigInfoA
DeleteUrlCacheContainerW
InternetReadFileExA
FindFirstUrlCacheEntryA

gdi32

RectInRegion
Rectangle
GetBoundsRect
GetRandomRgn

kernel32

ExitProcess
HeapLock
HeapReAlloc
InterlockedDecrement
FindAtomA
SetFileTime
TerminateProcess
GetUserDefaultLCID
GetStartupInfoW
LeaveCriticalSection
GetModuleHandleW
TlsGetValue
GetOEMCP
HeapFree
CompareStringA
IsDebuggerPresent
TlsSetValue
LCMapStringW
GetTickCount
SetUnhandledExceptionFilter
DeleteCriticalSection
SetEnvironmentVariableA
GetStringTypeA
LCMapStringA
GetCurrentProcessId
VirtualFree
UnhandledExceptionFilter
MultiByteToWideChar
FlushFileBuffers
VirtualQuery
SetFileAttributesA
SetLastError
GetCommandLineW
EnterCriticalSection
GetLastError
FillConsoleOutputCharacterA
HeapDestroy
GetDateFormatA
GetModuleFileNameA
LoadLibraryA
SetThreadAffinityMask
IsValidLocale
GetStartupInfoA
GetProcAddress
GetTimeZoneInformation
GetThreadTimes
GetEnvironmentStringsW
GetACP
WideCharToMultiByte
HeapAlloc
RemoveDirectoryW
Sleep
LocalFileTimeToFileTime
SetConsoleCtrlHandler
GetModuleHandleA
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
TransmitCommChar
GetSystemTimeAsFileTime
InterlockedIncrement
GetCurrentProcess
GetLocaleInfoA
GetStringTypeW
TlsFree
FreeEnvironmentStringsW
WriteFile
GetFileType
FoldStringA
GetComputerNameA
FileTimeToDosDateTime
GetLocaleInfoW
RtlUnwind
TlsAlloc
GetCPInfo
OpenFileMappingA
HeapSize
GetStdHandle
GetModuleFileNameW
EnumSystemLocalesA
InterlockedExchange
OpenProcess
IsValidCodePage
EnumSystemCodePagesA
ReadConsoleInputA
FreeLibrary
VirtualAlloc
GetCurrentThreadId
CompareStringW
SetHandleCount
GetTimeFormatA
HeapCreate
GetDateFormatW
GetCurrentThread
GetCommandLineA

Sections

.text
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f1290b99ce5e96710be25e8a35cf7d7

Headers

File Characteristics

Imports

user32

comdlg32

wininet

gdi32

kernel32

Sections

.text Size: 142KB - Virtual size: 141KB

.data Size: 114KB - Virtual size: 113KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 142KB - Virtual size: 141KB

.data
Size: 114KB - Virtual size: 113KB

.rsrc
Size: 9KB - Virtual size: 9KB