1bda8a1e8f0f1ca547b98728c5360df8

Sharing

Copy URL Twitter E-mail

General

Target

1bda8a1e8f0f1ca547b98728c5360df8
Size

1.4MB
MD5

1bda8a1e8f0f1ca547b98728c5360df8
SHA1

dcfeee60f1157210a7a6b8944ebdbe00314891eb
SHA256

d44a2d077b5b8dca6c05ea1406562dad6e7ee4a4bfb70f1cea406bfe8f650b79
SHA512

59130926b37cca9d59c407f908f4f859706aefcc5349e5e13d9463b059a038b91c622260844dcdd2dfd598e4a284ebd3d3c403f99dab2033a5bcbf06f3d1370c
SSDEEP

24576:EakA2JSsnh3N2Z2AOm8DivHwlHs2mF9uDC78f76+CyMAO0eQiUMB80eQiUMBOG:Ea2J9nhd+Om8WvH0mDuemm+xMbyiUMBS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bda8a1e8f0f1ca547b98728c5360df8

Files

1bda8a1e8f0f1ca547b98728c5360df8
.exe windows:4 windows x86 arch:x86

3735754e1f5d211c6ac42689259c8bcc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetUserDefaultLangID
GetComputerNameA
GetDiskFreeSpaceExW
GlobalMemoryStatusEx
DeviceIoControl
CreateFileA
LoadLibraryA
OpenMutexW
OpenEventW
OpenSemaphoreW
GetCurrentProcessId
ExpandEnvironmentStringsW
GetTempPathW
CreateProcessW
GetSystemTime
SetUnhandledExceptionFilter
CreateEventW
CreateThread
SetEvent
ResetEvent
SetFileAttributesW
MoveFileW
GetLogicalDriveStringsW
QueryDosDeviceW
lstrcpyW
lstrcatW
SetCurrentDirectoryW
GetDriveTypeW
FlushFileBuffers
GetCurrentDirectoryA
GetFullPathNameA
FindFirstFileA
GetDriveTypeA
GetVolumeInformationW
ExpandEnvironmentStringsA
FormatMessageA
GetSystemDirectoryA
SleepEx
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
GetStartupInfoA
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
HeapCreate
GetModuleFileNameA
GetStdHandle
ExitProcess
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
GetStartupInfoW
ExitThread
GetSystemTimeAsFileTime
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapReAlloc
HeapDestroy
GetThreadLocale
GetLocaleInfoA
GetACP
GetVersionExA
VirtualAlloc
VirtualFree
HeapAlloc
GetProcessHeap
HeapFree
GetSystemInfo
InterlockedCompareExchange
GetLocalTime
LoadLibraryExW
InterlockedExchange
ProcessIdToSessionId
LocalFree
LocalAlloc
OpenProcess
GetVersionExW
GetSystemDirectoryW
FindFirstFileW
RemoveDirectoryW
FindClose
FindNextFileW
GetTickCount
GetFileAttributesW
SetEndOfFile
WriteFile
CreateDirectoryW
SetFilePointer
SetLastError
GetCurrentProcess
WaitForSingleObject
TerminateThread
DeleteFileW
MoveFileExW
Process32NextW
Sleep
Process32FirstW
CreateToolhelp32Snapshot
GlobalUnlock
UnmapViewOfFile
GetCurrentThreadId
GlobalFree
lstrcmpiW
WideCharToMultiByte
lstrlenW
CloseHandle
MapViewOfFileEx
CreateFileMappingW
FreeResource
GetLastError
FindResourceW
lstrlenA
LoadResource
SizeofResource
GetPrivateProfileStringW
MultiByteToWideChar
GetModuleHandleW
InterlockedDecrement
GetFileSize
FindResourceExW
InterlockedIncrement
LockResource
RaiseException
FreeLibrary
GetPrivateProfileIntW
GlobalAlloc
ReadFile
GetProcAddress
InitializeCriticalSection
GlobalLock
GetWindowsDirectoryW
LoadLibraryW
LeaveCriticalSection
GetModuleFileNameW
EnterCriticalSection
CreateFileW
DeleteCriticalSection
VirtualQuery

user32

ClientToScreen
GetWindowTextW
EnumDisplaySettingsW
EnumDisplayDevicesW
GetSystemMetrics
GetWindowTextLengthW
MoveWindow
LoadCursorW
CopyRect
GetDC
MapWindowPoints
ReleaseDC
FindWindowW
GetClientRect
SetFocus
IsWindowEnabled
GetWindow
IsWindow
DefWindowProcW
GetKeyState
UnregisterClassA
SystemParametersInfoW
DrawTextW
GetScrollPos
MonitorFromWindow
GetMonitorInfoW
RegisterWindowMessageW
GetNextDlgTabItem
ShowWindow
UpdateLayeredWindow
DestroyIcon
EqualRect
PtInRect
DrawIconEx
GetParent
GetWindowRect
SetRectEmpty
InflateRect
SendMessageW
SetCapture
CharNextW
IsWindowVisible
GetDlgItem
LoadImageW
GetWindowLongW
ReleaseCapture
LoadBitmapW
SetWindowPos
SetRect
GetDlgCtrlID
PostThreadMessageW
BeginPaint
CreateWindowExW
LoadIconW
PostMessageW
GetDesktopWindow
DestroyWindow
CallWindowProcW
InvalidateRect
FindWindowExW
EnumDisplayDevicesA
SetWindowTextW
SetForegroundWindow
IsRectEmpty
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
GetCursorPos
ScreenToClient
KillTimer
GetFocus
IsChild
IsDialogMessageW
OffsetRect
RegisterClassExW
EndPaint
SetWindowLongW
SetCursor
SetWindowRgn
WindowFromPoint

gdi32

SetViewportOrgEx
CreateRectRgnIndirect
RoundRect
GetDeviceCaps
GetCurrentObject
GetClipRgn
ExtTextOutW
CreateDIBSection
SetBkColor
CreateCompatibleDC
RestoreDC
DeleteDC
SelectClipRgn
TextOutW
SetBkMode
GetStockObject
GetObjectW
GetViewportOrgEx
Rectangle
BitBlt
CreateRectRgn
GetTextExtentPoint32W
RectInRegion
CreateCompatibleBitmap
CreateBitmap
StretchBlt
GetTextColor
CreateFontIndirectW
SetTextColor
CreatePen
SaveDC
MoveToEx
DeleteObject
LineTo
SelectObject
SetStretchBltMode
CreateRoundRectRgn
OffsetRgn
ExtSelectClipRgn
CombineRgn
CreateFontW

advapi32

RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
DuplicateTokenEx
OpenProcessToken
RegOpenKeyW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegQueryValueExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

shell32

ShellExecuteW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFolderPathW
SHGetMalloc
Shell_NotifyIconW
SHGetSpecialFolderLocation

ole32

CoUninitialize
CoSetProxyBlanket
CoInitializeEx
CoInitializeSecurity
CoTaskMemRealloc
CoCreateInstance
CoTaskMemAlloc
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateGuid

oleaut32

VarUI4FromStr
SysFreeString
SysStringLen
VariantInit
SysAllocString
SafeArrayUnlock
SafeArrayLock
VariantClear

shlwapi

StrToIntW
PathFindFileNameW
PathFindExtensionW
PathAppendW
PathRemoveFileSpecW
PathFileExistsW
StrToIntA
PathAddBackslashW

comctl32

InitCommonControlsEx
_TrackMouseEvent

msimg32

AlphaBlend

gdiplus

GdipAddPathStringI
GdipDrawImageI
GdipFillRectangle
GdipGetFontSize
GdipFillPath
GdipLoadImageFromStream
GdipCreateBitmapFromStream
GdipGetFontCollectionFamilyList
GdipDrawPath
GdipAddPathArcI
GdipDrawRectangleI
GdipSetPenDashStyle
GdipDrawLine
GdipSetPenMode
GdipSetPenEndCap
GdipSetCompositingQuality
GdipSetPixelOffsetMode
GdipGetFamily
GdipCloneFontFamily
GdipDeletePath
GdipSetStringFormatAlign
GdipDrawImageRectRect
GdipCreateFont
GdipCreatePath
GdipCreateHBITMAPFromBitmap
GdipFree
GdipMeasureString
GdipDeleteFontFamily
GdipGetImageWidth
GdipCreateFontFromLogfontW
GdipDrawImagePointsRectI
GdipGetImageHeight
GdipSetStringFormatLineAlign
GdipCreateSolidFill
GdipTranslateWorldTransform
GdipSetStringFormatFlags
GdipDeleteGraphics
GdipCloneBrush
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipRotateWorldTransform
GdipSetStringFormatTrimming
GdipCreateFromHDC
GdipAddPathRectangleI
GdipCreateBitmapFromScan0
GdipResetWorldTransform
GdipDeleteBrush
GdipGetImagePixelFormat
GdipGetImageGraphicsContext
GdipDeletePen
GdipGraphicsClear
GdipAddPathPieI
GdipDeleteFont
GdipCreatePen1
GdipCloneImage
GdipDrawImageRectI
GdipNewPrivateFontCollection
GdipLoadImageFromFile
GdipSetClipPath
GdipCloneBitmapArea
GdipDeletePrivateFontCollection
GdipDisposeImage
GdipDrawString
GdipCreateLineBrushI
GdiplusStartup
GdipPrivateAddFontFile
GdipDrawImageRectRectI
GdipGetFontCollectionFamilyCount
GdipCreateImageAttributes
GdipSetTextRenderingHint
GdipDrawLinesI
GdipAlloc
GdipDisposeImageAttributes
GdiplusShutdown
GdipFillRectangleI
GdipImageRotateFlip
GdipCreateStringFormat
GdipClosePathFigure
GdipSetImageAttributesColorMatrix
GdipDeleteStringFormat
GdipSetPenStartCap

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

rasapi32

RasEnumConnectionsW

iphlpapi

IcmpSendEcho
IcmpCloseHandle
GetAdaptersInfo
IcmpCreateFile

psapi

GetProcessImageFileNameW
GetModuleFileNameExW

Sections

.text
Size: 692KB - Virtual size: 689KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 536KB - Virtual size: 532KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3735754e1f5d211c6ac42689259c8bcc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

version

rasapi32

iphlpapi

psapi

Sections

.text Size: 692KB - Virtual size: 689KB

.rdata Size: 144KB - Virtual size: 142KB

.data Size: 20KB - Virtual size: 33KB

.rsrc Size: 536KB - Virtual size: 532KB

.text
Size: 692KB - Virtual size: 689KB

.rdata
Size: 144KB - Virtual size: 142KB

.data
Size: 20KB - Virtual size: 33KB

.rsrc
Size: 536KB - Virtual size: 532KB