1cac56ebfa5b82381439195362c90553

Sharing

Copy URL Twitter E-mail

General

Target

1cac56ebfa5b82381439195362c90553
Size

169KB
MD5

1cac56ebfa5b82381439195362c90553
SHA1

0a9ef2ec0ce1988de7e4266370c7a84967a5a0b8
SHA256

dc0392f018a7125343329f94294dd82e6e9a9bcca1cef8fb71ee4dbe1ea23abe
SHA512

cd80c9cf75c0b4c9551e9b9869500c9b77f063fcd9ef950841ed9fde7cf5146ea5569083459396b396936c184a9c14fa0130d36d00b216223a9c4b1515d98398
SSDEEP

1536:ci6vjOFlWXSe9HrdAJXu6brM3V8P3E+dJYHKnmnpos0d0AkWZe2TLm8O2DQ+7iNB:cf7Oz6vHczdEMcV2MWZe38O2Mdx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1cac56ebfa5b82381439195362c90553

Files

1cac56ebfa5b82381439195362c90553
.exe windows:4 windows x86 arch:x86

a05655664c64df5f1b17e47bd1f60fba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysStringLen
GetErrorInfo
SysReAllocStringLen
SafeArrayGetUBound
VariantCopyInd

comdlg32

GetOpenFileNameA
ChooseColorA
FindTextA
GetSaveFileNameA
GetFileTitleA

gdi32

SetBkMode
GetBitmapBits
BitBlt
SetTextColor

shlwapi

SHDeleteValueA
SHQueryValueExA
PathIsContentTypeA
SHStrDupA
PathFileExistsA
SHDeleteKeyA
SHEnumValueA
PathGetCharTypeA
PathIsDirectoryA

comctl32

ImageList_DrawEx
ImageList_GetBkColor
ImageList_Read

user32

GetMenuItemCount
GetMenuItemID
GetMenuStringA
TrackPopupMenu
GetKeyNameTextA
FillRect
CharNextA
GetLastActivePopup
GetIconInfo
GetWindowTextA
DispatchMessageA
IsMenu
GetDlgItem
CreateWindowExA
EnumChildWindows
CharLowerBuffA
EnableWindow
FrameRect
ShowWindow
GetSysColor
IsWindowVisible
GetKeyState
SetWindowLongA
GetSubMenu
MessageBoxA
RegisterClassA
CallWindowProcA
IsWindowEnabled
EqualRect
GetActiveWindow
CreateIcon
GetScrollInfo
GetFocus
GetClassInfoA
EnableMenuItem

shell32

Shell_NotifyIconA
SHGetSpecialFolderLocation
SHFileOperationA

kernel32

DeleteCriticalSection
CloseHandle
ExitThread
MoveFileA
SizeofResource
RaiseException
GetVersionExA
lstrcmpiA
LocalAlloc
CreateFileA
LoadLibraryExA
ExitProcess
FreeLibrary
GetLocalTime
VirtualAllocEx
GetModuleHandleA
MoveFileExA
GetStringTypeW
GetUserDefaultLCID
GlobalFindAtomA
lstrcpyA
SetHandleCount
WaitForSingleObject
LocalReAlloc
GetSystemDefaultLangID
DeleteFileA
VirtualAlloc
FindFirstFileA
lstrlenA
GetOEMCP
GlobalAddAtomA
LoadLibraryA
GlobalAlloc

ole32

CoCreateFreeThreadedMarshaler
CoGetMalloc
CreateBindCtx
PropVariantClear
CoGetObjectContext
CoRevokeClassObject
StringFromIID
CoReleaseMarshalData
ReleaseStgMedium

msvcrt

memmove
calloc
wcstol
clock
memcpy
exit
time
wcscspn
strncmp
strcmp
sqrt
atol

Sections

.CODE
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a05655664c64df5f1b17e47bd1f60fba

Headers

File Characteristics

Imports

oleaut32

comdlg32

gdi32

shlwapi

comctl32

user32

shell32

kernel32

ole32

msvcrt

Sections

.CODE Size: 40KB - Virtual size: 40KB

.idata Size: 114KB - Virtual size: 114KB

.bss Size: 10KB - Virtual size: 10KB

.rdata Size: 512B - Virtual size: 72KB

.init Size: 1KB - Virtual size: 1KB

.CODE
Size: 40KB - Virtual size: 40KB

.idata
Size: 114KB - Virtual size: 114KB

.bss
Size: 10KB - Virtual size: 10KB

.rdata
Size: 512B - Virtual size: 72KB

.init
Size: 1KB - Virtual size: 1KB