1ab6d28a538d7c73b75bb0630d192833

Sharing

Copy URL

Twitter E-mail

General

Target

1ab6d28a538d7c73b75bb0630d192833
Size

344KB
MD5

1ab6d28a538d7c73b75bb0630d192833
SHA1

ffc4376e23c9558260b4fc4e27f656ac09e43e40
SHA256

292b94287648942de88da9bfde3aa2294bfb5ff4b863c06865d1b169c77d10ca
SHA512

2888f428285a77602cfc6304d48267e6c0a07ca854f7a863507a4af452033b959da397e3783cfefb6d1a4f3e6920f882c0b54bc469c67b72d6e5316239857879
SSDEEP

6144:vnlQbTscd4Ru/v13obWEFpHsbmfKrPIhxNciE3m+yaSixJUbaa+:viXs64RAv14bvFFsbmacAiE3xyajxJac

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ab6d28a538d7c73b75bb0630d192833

Files

1ab6d28a538d7c73b75bb0630d192833
.exe windows:4 windows x86 arch:x86

985171edf8d7abfcf8232c67c1f4c45b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateDCW
GetDeviceCaps
ExtCreateRegion
SelectObject
DeleteDC
GetDIBColorTable
SetICMProfileW
OffsetWindowOrgEx
CreatePen
StartPage
StretchBlt
DeleteEnhMetaFile
GetObjectW
GetPixel

wininet

InternetSetDialStateA
InternetGetCertByURLA
FindCloseUrlCache
InternetTimeToSystemTime
HttpAddRequestHeadersW
FreeUrlCacheSpaceA
ShowCertificate

comctl32

ImageList_GetDragImage
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_DragShowNolock
ImageList_GetImageRect
DrawStatusTextW
CreateToolbarEx
InitCommonControlsEx
ImageList_Copy
ImageList_Write
_TrackMouseEvent
ImageList_AddIcon
InitMUILanguage
ImageList_SetDragCursorImage
ImageList_GetImageInfo
ImageList_GetBkColor
ImageList_DrawEx
ImageList_Destroy
ImageList_AddMasked
ImageList_Replace
ImageList_LoadImageW
ImageList_Add
ImageList_Duplicate

comdlg32

GetFileTitleW
ReplaceTextA
PrintDlgA

user32

InSendMessageEx
GetClipboardFormatNameW
UnregisterHotKey
SetUserObjectSecurity
SetWindowWord
DestroyWindow
CallWindowProcW
AnyPopup
ShowWindow
ActivateKeyboardLayout
GetSubMenu
ReleaseDC
RegisterClassA
CreateWindowExA
EnableMenuItem
MessageBoxW
RegisterClassExA
GetGUIThreadInfo
GetPropA
DefWindowProcA
CheckMenuRadioItem
IsWindowVisible
EnumClipboardFormats
RegisterClipboardFormatA
PackDDElParam
VkKeyScanExW
EndPaint
CreateWindowStationA
ModifyMenuA
GetMonitorInfoW
ShowCaret

kernel32

HeapSize
GetACP
FreeLibrary
GetCPInfo
WideCharToMultiByte
IsValidLocale
GetLocaleInfoW
SetComputerNameA
SetFilePointer
GetEnvironmentStringsW
TlsFree
TlsGetValue
SetUnhandledExceptionFilter
GetModuleFileNameA
GetTimeFormatA
TlsAlloc
SetHandleCount
GetLocaleInfoA
ReadFile
CompareStringW
GetProcAddress
GetTimeZoneInformation
EnumSystemLocalesA
WriteFile
SetConsoleCtrlHandler
EnterCriticalSection
GetModuleFileNameW
GetFileType
CreateMutexA
InterlockedIncrement
SetConsoleOutputCP
HeapFree
GetVersionExA
VirtualQuery
MultiByteToWideChar
OpenMutexA
UnhandledExceptionFilter
FlushFileBuffers
CompareStringA
GetDateFormatA
GetCurrentThread
SetEnvironmentVariableA
VirtualFree
LeaveCriticalSection
LCMapStringW
GetStartupInfoW
GetStdHandle
GetStringTypeW
IsValidCodePage
SetStdHandle
GetOEMCP
GetConsoleMode
GetLongPathNameW
FreeEnvironmentStringsA
GetTickCount
GetLastError
TerminateProcess
HeapReAlloc
HeapAlloc
WriteConsoleW
HeapDestroy
HeapCreate
FindResourceExW
GetCurrentThreadId
GetConsoleOutputCP
RtlUnwind
GetUserDefaultLCID
GetStartupInfoA
ReadConsoleA
SetLastError
GetEnvironmentVariableA
GetConsoleCP
IsDebuggerPresent
InitializeCriticalSection
QueryPerformanceCounter
GetCurrentProcess
GetModuleHandleA
VirtualAlloc
GetSystemTimeAsFileTime
GetProcessHeap
GetCommandLineW
WriteConsoleA
InterlockedDecrement
LoadLibraryA
FreeEnvironmentStringsW
GetCommandLineA
CloseHandle
GetStringTypeA
Sleep
ExitProcess
GetCurrentProcessId
TlsSetValue
InterlockedExchange
CreateFileA
DeleteCriticalSection
GetEnvironmentStrings
LCMapStringA

advapi32

DuplicateToken
RegOpenKeyW
RegCreateKeyExA
RegLoadKeyW
CryptSetKeyParam
RegQueryValueA

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

985171edf8d7abfcf8232c67c1f4c45b

Headers

File Characteristics

Imports

gdi32

wininet

comctl32

comdlg32

user32

kernel32

advapi32

Sections

.text Size: 145KB - Virtual size: 145KB

.rdata Size: 70KB - Virtual size: 70KB

.data Size: 93KB - Virtual size: 112KB

.rsrc Size: 34KB - Virtual size: 33KB

.text
Size: 145KB - Virtual size: 145KB

.rdata
Size: 70KB - Virtual size: 70KB

.data
Size: 93KB - Virtual size: 112KB

.rsrc
Size: 34KB - Virtual size: 33KB