19b405dfc2fa3e19518f5161a20fa9bb

Sharing

Copy URL

Twitter E-mail

General

Target

19b405dfc2fa3e19518f5161a20fa9bb
Size

584KB
MD5

19b405dfc2fa3e19518f5161a20fa9bb
SHA1

89ad82b345f320d31312c9c629803a05d06e8c60
SHA256

b3350818da763f282b0b66a0970743cf7a339679ef1ed989b45b4385e2aaeaa5
SHA512

1904fba243bf530394928d5dfa91206680a7078bd96a1e802f63f56eb8c01987f1f32ec82c433874b1398f41b4c80a881c5d32d7009fb9537efc8778ae7c6c2c
SSDEEP

12288:eKMvIxSoNkmkUyI1XXU9z1ISS9N0c0gOd+VMYoaSUrBz5OG:xnoKTkUdZXU9z2SSv0cNDmUrBz5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19b405dfc2fa3e19518f5161a20fa9bb

Files

19b405dfc2fa3e19518f5161a20fa9bb
.exe windows:4 windows x86 arch:x86

891634503b07a6abd29a36c773c0b8f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetSaveFileNameW
PageSetupDlgA
ReplaceTextA

shell32

ExtractAssociatedIconExA

comctl32

GetEffectiveClientRect
DrawInsert
CreateStatusWindowA
ImageList_SetIconSize
CreateStatusWindow
CreateUpDownControl
ImageList_GetImageCount
ImageList_Replace
ImageList_GetImageRect
InitCommonControlsEx
ImageList_GetImageInfo
DrawStatusTextA
ImageList_Add
ImageList_Copy
ImageList_SetDragCursorImage
ImageList_SetFilter
ImageList_AddIcon
ImageList_LoadImageW
MakeDragList
ImageList_Draw
ImageList_Merge
ImageList_GetBkColor
CreateStatusWindowW

gdi32

PlayMetaFileRecord
CreateFontIndirectA
GetObjectA
GetStockObject
SetBitmapBits
LPtoDP
ResizePalette
AbortPath
PaintRgn
SetBitmapDimensionEx
GetRgnBox
DeleteObject
GetAspectRatioFilterEx
CreateMetaFileA
DeleteDC
AnimatePalette
GetDeviceCaps
CreateDCW
GetCharABCWidthsA

user32

CreateAcceleratorTableW
GetMenuInfo
IsZoomed
CascadeWindows
LoadAcceleratorsW
GetMessageA
CallMsgFilter
PostQuitMessage
SetShellWindow
GetScrollRange
GetQueueStatus
SetMenuItemInfoA
RegisterClassExA
MessageBoxExW
SetWindowLongW
DrawAnimatedRects
GetMenuStringA
LoadIconW
DestroyWindow
MessageBoxW
GetMenuDefaultItem
MonitorFromRect
EnumChildWindows
SetWindowsHookW
OpenClipboard
BlockInput
OpenWindowStationA
RegisterClassA
DdeSetUserHandle
EnumDisplaySettingsW
DestroyCaret
LookupIconIdFromDirectory
GetMenuItemInfoW
DrawTextExA
GetMenuState
DefWindowProcW
SetUserObjectInformationW
VkKeyScanA
SendMessageTimeoutW
wsprintfW
GetClipboardSequenceNumber
CallMsgFilterW
GetMenuStringW
SetDlgItemInt
FlashWindow
GetCaretBlinkTime
RedrawWindow
InSendMessageEx
CheckDlgButton
UnhookWinEvent
DdeCmpStringHandles
LoadAcceleratorsA
GetKeyNameTextW
OemToCharA
SwitchDesktop
CreateWindowExW
LoadCursorFromFileW
CharUpperW
InsertMenuW
LoadIconA
GetTabbedTextExtentA
ShowWindow
LoadBitmapW
IsChild
GetDC
AdjustWindowRect
DrawStateW
GetWindowInfo
ShowWindowAsync
CopyAcceleratorTableA
SetWindowLongA
GetUserObjectSecurity
CharUpperA
BroadcastSystemMessageW
GetPropW
BeginDeferWindowPos
GetWindowLongW
SetTimer
GetMenuItemCount
GetComboBoxInfo
MsgWaitForMultipleObjectsEx
TileWindows
MapWindowPoints
SetRect
CreateMDIWindowW
GetListBoxInfo
CreateCaret
SendMessageA
TranslateMessage
GetGuiResources
FindWindowW
EnumDisplayMonitors
DdeGetData
CharPrevA
SetWindowWord
WinHelpW
DdeSetQualityOfService

advapi32

DuplicateTokenEx
AbortSystemShutdownA
LookupSecurityDescriptorPartsW
CryptCreateHash
AbortSystemShutdownW
LookupPrivilegeNameW
CryptGenRandom
RegEnumKeyExA
CryptSetProviderA
CryptGetDefaultProviderW
RegOpenKeyExW
CryptGetProvParam
CreateServiceW
RegQueryInfoKeyA
RegEnumKeyA
CryptSetProviderExW

kernel32

WriteConsoleW
WriteFileEx
GetConsoleOutputCP
GetProcAddress
VirtualFree
GetTimeFormatA
GetLastError
GetStdHandle
GetCurrentProcess
WriteConsoleA
ResumeThread
WaitForDebugEvent
RemoveDirectoryW
SetEnvironmentVariableA
MultiByteToWideChar
TlsGetValue
SetHandleCount
LCMapStringW
GetConsoleMode
GetDateFormatA
ReleaseSemaphore
IsValidCodePage
SetStdHandle
ReadFile
EnumSystemLocalesA
Sleep
SetConsoleCursorPosition
GetModuleFileNameA
WideCharToMultiByte
GetEnvironmentStringsW
HeapSize
GetOEMCP
CreateRemoteThread
CreateMutexA
GetStringTypeW
GetCurrentProcessId
LCMapStringA
IsDebuggerPresent
CloseHandle
InterlockedDecrement
SetConsoleCtrlHandler
WriteFile
ReadConsoleA
GetTickCount
UnhandledExceptionFilter
MoveFileW
GetSystemTimeAsFileTime
CreateFileA
CreateNamedPipeW
GetACP
GetCommandLineA
HeapReAlloc
FlushFileBuffers
QueryPerformanceCounter
InterlockedExchange
FreeEnvironmentStringsW
SetConsoleTextAttribute
DeleteFiber
VirtualAlloc
InterlockedIncrement
IsValidLocale
CompareStringA
GetCurrentThreadId
SetLastError
TlsSetValue
HeapCreate
GetCommandLineW
GetModuleFileNameW
GetStartupInfoW
OpenMutexA
TlsAlloc
GetConsoleCP
HeapFree
GetLocaleInfoA
GetCPInfo
EnterCriticalSection
TerminateProcess
FillConsoleOutputAttribute
TlsFree
GetLocaleInfoW
CompareStringW
LoadLibraryA
ExitProcess
VirtualQuery
GetStartupInfoA
LocalReAlloc
HeapDestroy
FreeLibrary
SetUnhandledExceptionFilter
GetCurrentThread
SetFilePointer
RtlUnwind
GetStringTypeExA
GetFileType
HeapAlloc
GetStringTypeA
GetTimeZoneInformation
LeaveCriticalSection
DeleteCriticalSection
CopyFileA
GetModuleHandleA
OpenSemaphoreA
GetUserDefaultLCID
InitializeCriticalSectionAndSpinCount
GetModuleHandleW

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

891634503b07a6abd29a36c773c0b8f5

Headers

File Characteristics

Imports

comdlg32

shell32

comctl32

gdi32

user32

advapi32

kernel32

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 248KB - Virtual size: 247KB

.data Size: 120KB - Virtual size: 144KB

.rsrc Size: 40KB - Virtual size: 38KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 248KB - Virtual size: 247KB

.data
Size: 120KB - Virtual size: 144KB

.rsrc
Size: 40KB - Virtual size: 38KB