18bb616dd56caa73c9d5e09d1bc325c6

Sharing

Copy URL Twitter E-mail

General

Target

18bb616dd56caa73c9d5e09d1bc325c6
Size

576KB
MD5

18bb616dd56caa73c9d5e09d1bc325c6
SHA1

7a431ab7d31abe75be1970446b8dabaf294669f4
SHA256

a711b60f1d5f7c9b096e48d85f4bf7f9d59c5d575d455fd9f7151db424e6a068
SHA512

b3d19f55713c8092ee81d28effa9a42db12bdc0b15b550564673b8dc9ea7cdfc3dcaba7e52a7989e541b192879a7ea60d43ff5944775c6305be7d3fb3e965d98
SSDEEP

12288:ebCaJxFuEarslg2Jm5p5vaNjtNTlQlV9VBLXwL9Z0CqnmNGiz2u:UCazFjl7JgvvaNzmn9VBIZ0C1/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18bb616dd56caa73c9d5e09d1bc325c6

Files

18bb616dd56caa73c9d5e09d1bc325c6
.exe windows:4 windows x86 arch:x86

be0606b9f354f223e8bea850796e7160

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawTextW
CopyIcon
ReleaseCapture
CreateMenu
CreateCaret
DdeKeepStringHandle
DefMDIChildProcW
UnpackDDElParam
PostThreadMessageW
DdeUnaccessData
SetWindowsHookW
GetParent
ShowCursor
CallMsgFilterA
DestroyWindow
EndTask
CreateCursor
InvalidateRect
RedrawWindow
CreateIconFromResource
UnregisterClassW
CreateDialogParamA
EnumPropsExA
WindowFromPoint
RegisterClipboardFormatA
GetMenuContextHelpId
GetScrollInfo
EndMenu
DrawTextA
CharNextA
OemToCharBuffW
GetMessageExtraInfo
DdeConnect
GetKeyNameTextW
GetDlgCtrlID
CreateWindowExW
GetWindowLongA
SetMenuItemBitmaps
SubtractRect
GetDlgItem
MonitorFromPoint
TranslateAcceleratorW
VkKeyScanExA
wvsprintfA
ScrollWindowEx
DdeCmpStringHandles
LoadCursorA
SetDoubleClickTime
RegisterWindowMessageW
LoadImageA
SetCaretPos
GetCaretBlinkTime
DragObject
CreateIconIndirect
UnionRect
MonitorFromRect
DefWindowProcW
BringWindowToTop
SetWindowRgn
MessageBoxW
RegisterClassExA
DdeUninitialize
IsCharLowerA
OemToCharW
GetMenuItemInfoA
TranslateAcceleratorA
OpenDesktopA
CheckRadioButton
SetClassWord
DefDlgProcW
DdeQueryStringW
SendMessageA
SetScrollRange
SendIMEMessageExA
MessageBoxIndirectA
TranslateMDISysAccel
FindWindowExW
GetNextDlgGroupItem
CascadeChildWindows
GetClassInfoExA
DdeInitializeW
WaitMessage
PeekMessageA
SwapMouseButton
GetUpdateRgn
NotifyWinEvent
DlgDirSelectExW
GetDlgItemInt
DispatchMessageA
RegisterClassA
PostMessageA
ToAsciiEx
DefWindowProcA
SendNotifyMessageA
ShowWindow
GetClipCursor
SendMessageTimeoutA
LoadImageW
WaitForInputIdle
LoadMenuIndirectW

wininet

FtpRemoveDirectoryW
GetUrlCacheConfigInfoA

advapi32

CryptGenKey
CryptEnumProvidersW
RegOpenKeyExA
CryptVerifySignatureW
AbortSystemShutdownA
CryptGenRandom
LookupPrivilegeNameA
CryptSignHashA
ReportEventW
RegReplaceKeyW
LookupAccountNameA
RegOpenKeyW
LookupPrivilegeNameW
RegEnumKeyA
RegCreateKeyExA
CryptGetUserKey
LookupPrivilegeValueA
CryptSetProvParam

kernel32

GetAtomNameW
HeapDestroy
FlushFileBuffers
VirtualLock
GetCurrentProcess
lstrlenA
FlushConsoleInputBuffer
EnumResourceLanguagesA
FindAtomW
EnumResourceNamesA
FlushInstructionCache
SetThreadContext
GetNamedPipeHandleStateW
MoveFileA
OpenWaitableTimerA
WriteConsoleOutputCharacterW
FreeEnvironmentStringsW
SetLocaleInfoA
GlobalReAlloc
lstrcpyA
GetPrivateProfileStringA
SetUnhandledExceptionFilter
IsBadWritePtr
LoadLibraryW
EnumDateFormatsExW
GetCommandLineW
GetStringTypeA
GetStartupInfoA
CreateRemoteThread
ExitProcess
DeleteCriticalSection
OpenFileMappingW
LocalCompact
GetModuleFileNameW
SetConsoleCursorInfo
TerminateProcess
GetEnvironmentVariableW
LeaveCriticalSection
GetProfileIntW
GetSystemTimeAsFileTime
GetAtomNameA
SetEnvironmentVariableA
GetLastError
QueryPerformanceCounter
LocalUnlock
WaitForSingleObject
GetStringTypeW
LCMapStringW
HeapReAlloc
LoadLibraryA
TlsGetValue
TlsAlloc
GetCommandLineA
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObjectEx
EnterCriticalSection
GlobalGetAtomNameA
GetTimeZoneInformation
GetThreadPriorityBoost
VirtualQueryEx
TlsSetValue
GetProcAddress
WriteConsoleInputA
GetTickCount
VirtualUnlock
CompareStringA
HeapFree
GetEnvironmentStrings
VirtualQuery
ReadFile
GetCPInfo
GetModuleFileNameA
DebugBreak
WriteFile
VirtualAlloc
SetStdHandle
LCMapStringA
GlobalCompact
HeapCreate
VirtualFree
CreateNamedPipeA
GetSystemTime
GetModuleHandleA
HeapAlloc
UnhandledExceptionFilter
GlobalHandle
RtlUnwind
PulseEvent
SetFilePointer
FreeEnvironmentStringsA
CompareStringW
GetExitCodeProcess
InterlockedExchange
GetProcAddress
IsDebuggerPresent
WritePrivateProfileStringW
LockFile
GetEnvironmentStringsW
InterlockedIncrement
SetHandleCount
GlobalGetAtomNameW
InitializeCriticalSection
GetCurrentThread
GetThreadTimes
GetCurrentProcessId
FillConsoleOutputAttribute
CreateMutexA
InterlockedDecrement
SetSystemTime
SetLastError
ReadConsoleOutputCharacterW
GetStartupInfoW
LoadResource
FindAtomA
CloseHandle
OpenMutexA
GetFileType
GetLocalTime
TlsFree
GetVersion
GetThreadPriority
GetCurrentThreadId
RtlZeroMemory
GetPrivateProfileSectionW
GetStdHandle

comctl32

ImageList_GetImageCount
ImageList_SetImageCount
ImageList_BeginDrag
ImageList_DrawEx
CreatePropertySheetPageA
ImageList_DragLeave
ImageList_Merge
_TrackMouseEvent
MakeDragList
CreateToolbarEx
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_Replace
ImageList_SetDragCursorImage
GetEffectiveClientRect
ImageList_LoadImageW
ImageList_Add
DrawStatusTextW
ImageList_DrawIndirect
CreateToolbar
ImageList_GetDragImage
ImageList_AddIcon
InitCommonControlsEx

shell32

DoEnvironmentSubstW
ExtractAssociatedIconExA
InternalExtractIconListW

gdi32

AddFontResourceA
PolyTextOutA
SetBitmapBits
GetPaletteEntries
GetStretchBltMode
GetObjectW
CreateICA
CreateDCA
CreateRoundRectRgn
SetWindowExtEx
DeleteObject
CreateBitmap
GetRandomRgn
DeleteDC
DeleteMetaFile
GetKerningPairsA
GetDeviceCaps

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be0606b9f354f223e8bea850796e7160

Headers

File Characteristics

Imports

user32

wininet

advapi32

kernel32

comctl32

shell32

gdi32

Sections

.text Size: 136KB - Virtual size: 136KB

.rdata Size: 302KB - Virtual size: 301KB

.data Size: 124KB - Virtual size: 134KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 136KB - Virtual size: 136KB

.rdata
Size: 302KB - Virtual size: 301KB

.data
Size: 124KB - Virtual size: 134KB

.rsrc
Size: 12KB - Virtual size: 12KB