218c16fb6296adf94b3b117abef348c6

Sharing

Copy URL

Twitter E-mail

General

Target

218c16fb6296adf94b3b117abef348c6
Size

719KB
MD5

218c16fb6296adf94b3b117abef348c6
SHA1

6d7f9c0ccd8d939eaefb84d5067018a9080159b7
SHA256

84a00933b5b0825c8fd4824f063091b0df78d099e5f5d0752a1b47af0da6af77
SHA512

13669de1e053547ac44d4800bdcc938dcd7cdc62a78c03cc7d6d43aaa5beedc03af206134e4417028842ccda913d6f29ae04070b943a1de5e3036a3f8b919542
SSDEEP

12288:0FX8nlep742kBFcgKWDIZ6qlrcW4CT0TVcDyh5d/r6VICFauHoDZ+p9fW2Oc3GzU:0KEV4VUZnrQCTPDyz96VwZ+p9fKc36U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
218c16fb6296adf94b3b117abef348c6

Files

218c16fb6296adf94b3b117abef348c6
.exe windows:6 windows x86 arch:x86

f1a6c87cdd30e4739f6e1dd90ffba631

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

d3d9

Direct3DCreate9

kernel32

LoadLibraryA
QueryPerformanceFrequency
GetProcAddress
FreeLibrary
QueryPerformanceCounter
GetModuleHandleW
CreateEventW
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WideCharToMultiByte
IsProcessorFeaturePresent
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentProcess
TerminateProcess
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
MultiByteToWideChar
WaitForSingleObjectEx
ResetEvent

user32

PeekMessageW
DispatchMessageW
ShowWindow
RegisterClassExW
UnregisterClassW
CreateWindowExW
PostQuitMessage
DefWindowProcW
TranslateMessage
UpdateWindow
GetKeyState
SetClipboardData
ScreenToClient
GetCapture
ClientToScreen
GetClipboardData
EmptyClipboard
IsChild
TrackMouseEvent
CloseClipboard
OpenClipboard
GetCursorPos
SetCursorPos
ReleaseCapture
DestroyWindow
GetClientRect
SetCursor
GetForegroundWindow
LoadCursorW
SetCapture

imm32

ImmSetCompositionWindow
ImmGetContext
ImmReleaseContext

vcruntime140

memmove
memcpy
memchr
memset
__current_exception_context
__current_exception
strstr
strchr
_except_handler4_common
__std_terminate
__CxxFrameHandler3

api-ms-win-crt-stdio-l1-1-0

ftell
__acrt_iob_func
__p__commode
fclose
_set_fmode
__stdio_common_vsscanf
fread
__stdio_common_vsprintf
_wfopen
fwrite
fseek
fflush

api-ms-win-crt-string-l1-1-0

strncmp
toupper
strncpy

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-heap-l1-1-0

_set_new_mode
free
malloc

api-ms-win-crt-runtime-l1-1-0

__p___argv
_c_exit
_register_thread_local_exe_atexit_callback
_wassert
_exit
terminate
_controlfp_s
_configure_narrow_argv
exit
_initterm_e
_initialize_narrow_environment
_initterm
__p___argc
_get_initial_narrow_environment
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table

api-ms-win-crt-convert-l1-1-0

atof

api-ms-win-crt-math-l1-1-0

_CIfmod
_libm_sse2_acos_precise
_libm_sse2_pow_precise
_libm_sse2_sin_precise
__setusermatherr
_CIatan2
_libm_sse2_cos_precise
_libm_sse2_sqrt_precise
ceil
_libm_sse2_log_precise
floor

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 553KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1a6c87cdd30e4739f6e1dd90ffba631

Headers

DLL Characteristics

File Characteristics

Imports

d3d9

kernel32

user32

imm32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 553KB - Virtual size: 552KB

.rdata Size: 118KB - Virtual size: 118KB

.data Size: 18KB - Virtual size: 23KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 28KB - Virtual size: 27KB

.text
Size: 553KB - Virtual size: 552KB

.rdata
Size: 118KB - Virtual size: 118KB

.data
Size: 18KB - Virtual size: 23KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 28KB - Virtual size: 27KB