70186eaf907a229dabb61ac569452c77

Sharing

Copy URL Twitter E-mail

General

Target

70186eaf907a229dabb61ac569452c77
Size

1.1MB
MD5

70186eaf907a229dabb61ac569452c77
SHA1

74d134d96636bded320bcb88f9fbc58754beb9c9
SHA256

cd694c6a66d24970c3e8a2b231c61f030a0b540dca23512788890ac433f58820
SHA512

e7eb8bea630e223ef62028fa4dc68e4e984746928571bae39552a06d76822d71f212dda4ef1f1514c8dd570a3ea887bab43e640d4b8a452616d5fed08d7db876
SSDEEP

24576:oTLetAVPmFYJTT14uFmHpPJZCaKkLP2jy1kM5:mjTOtHlHwiP2+f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70186eaf907a229dabb61ac569452c77

Files

70186eaf907a229dabb61ac569452c77
.exe windows:4 windows x86 arch:x86

83d525611de2ee5a60755f9158b9526c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
wcsncpy
wcslen
wcscpy
memcpy
log10
fopen
fseek
fclose
_wcsicmp
wcscat
memmove
strlen
strcpy
strcat
memcmp
atoi
sprintf
_stricmp
_setjmp3
fread
malloc
free
longjmp
ftell
swprintf
wcscmp
wcsncmp
_wfopen
_itow
_wcsnicmp
localtime
mktime
gmtime
towupper
towlower
_snprintf
abort
_CIpow
_iob
fprintf
fwrite
fflush
strtod
exit
getenv
sscanf

kernel32

GetModuleHandleW
HeapCreate
HeapDestroy
ExitProcess
Beep
CreateMutexW
GetLastError
CloseHandle
GetModuleFileNameW
GetEnvironmentVariableW
HeapFree
HeapAlloc
EnterCriticalSection
WaitForSingleObject
LeaveCriticalSection
InitializeCriticalSection
CreateThread
FreeLibrary
Sleep
LoadLibraryW
GetProcAddress
GetCommandLineW
GetCurrentProcess
DuplicateHandle
CreatePipe
GetStdHandle
CreateProcessW
PeekNamedPipe
ReadFile
TerminateProcess
SetEnvironmentVariableW
CreateFileW
SetFilePointer
SetEndOfFile
WriteFile
GetFileSize
MultiByteToWideChar
WideCharToMultiByte
GetTickCount
HeapReAlloc
GetCurrentProcessId
MulDiv
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc
OpenProcess
GetCurrentThreadId
FindClose
FindFirstFileW
FindNextFileW
GetDriveTypeW
GetFileAttributesW
DeleteFileW
MoveFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
CopyFileW
GetLocalTime
WaitForMultipleObjects
ResetEvent
SetEvent
TlsGetValue
TlsSetValue
GetCurrentThread
TlsAlloc
CreateEventA

comctl32

InitCommonControls
CreateStatusWindowW
InitCommonControlsEx

user32

SystemParametersInfoW
GetSystemMetrics
LoadCursorW
SetWindowRgn
SetClassLongW
SetWindowPos
InvalidateRect
SendMessageW
GetDC
ShowScrollBar
GetSysColorBrush
FillRect
DrawIconEx
GetCursorPos
SetFocus
GetAsyncKeyState
SetCursor
IsWindowEnabled
GetWindowLongW
SetWindowLongW
RedrawWindow
EnableWindow
GetPropW
GetParent
GetClientRect
CallWindowProcW
SetPropW
DestroyWindow
SendMessageA
GetWindowRect
BeginPaint
EndPaint
DefWindowProcW
LoadIconW
RegisterClassExW
CreateWindowExW
SetMenu
DestroyMenu
GetMenuItemInfoW
ModifyMenuW
SetMenuItemInfoW
CreatePopupMenu
AppendMenuW
EnableMenuItem
CreateMenu
SetForegroundWindow
TrackPopupMenu
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetWindow
GetSysColor
PostMessageW
ScreenToClient
GetIconInfo
UpdateWindow
ReleaseCapture
DrawStateW
SetCapture
MapWindowPoints
MoveWindow
GetFocus
FrameRect
DrawFocusRect
ReleaseDC
GetScrollPos
SetScrollInfo
SetScrollPos
GetScrollRange
RemovePropW
PeekMessageW
TranslateMessage
DispatchMessageW
SetActiveWindow
UnregisterClassW
DestroyAcceleratorTable
GetMenu
AdjustWindowRectEx
IsZoomed
IsIconic
ShowWindow
RegisterClassW
AdjustWindowRect
GetActiveWindow
CreateAcceleratorTableW
MsgWaitForMultipleObjects
GetMessageW
TranslateAcceleratorW
GetForegroundWindow
GetWindowThreadProcessId
EnumChildWindows
DefFrameProcW
SetCursorPos
LoadImageW
GetKeyState
IsWindowVisible
IsChild
GetClassNameW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
DestroyIcon
CreateIconFromResourceEx
CreateIconFromResource
CopyImage
EnumWindows

gdi32

CreateSolidBrush
DeleteObject
CreateRoundRectRgn
SetBkMode
TextOutW
CreatePatternBrush
StretchBlt
SetTextColor
GetStockObject
SetBkColor
GetObjectType
GetObjectW
CreateRectRgn
SelectClipRgn
CreateDCW
GetDeviceCaps
CreateFontW
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
SelectPalette
RealizePalette
GetDIBits
SetDIBits
BitBlt
SetStretchBltMode
SetBrushOrgEx
CreateDIBSection
CreatePen
SetTextAlign
SetROP2
SetPixelV
Rectangle
StretchDIBits
MoveToEx
GetTextExtentPoint32W
Ellipse

comdlg32

ChooseColorW
GetSaveFileNameW
GetOpenFileNameW

advapi32

OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges

shell32

Shell_NotifyIconW
ShellExecuteExW

ole32

RevokeDragDrop
CoInitialize
CoTaskMemFree

wininet

InternetOpenW
InternetConnectW
InternetSetOptionW
HttpOpenRequestW
HttpSendRequestW
HttpQueryInfoW
InternetReadFile
InternetCloseHandle

Sections

.code
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 175KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.flat
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ltrqlnf
Size: 99KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qistefj
Size: 99KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

meoztyv
Size: 103KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tqmczhz
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ggaydji
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ysokmrz
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 128KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

83d525611de2ee5a60755f9158b9526c

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

user32

gdi32

comdlg32

advapi32

shell32

ole32

wininet

Sections

.code Size: 53KB - Virtual size: 52KB

.text Size: 232KB - Virtual size: 231KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 175KB - Virtual size: 181KB

.rsrc Size: 12KB - Virtual size: 12KB

.flat Size: 47KB - Virtual size: 48KB

ltrqlnf Size: 99KB - Virtual size: 100KB

qistefj Size: 99KB - Virtual size: 100KB

meoztyv Size: 103KB - Virtual size: 104KB

tqmczhz Size: 107KB - Virtual size: 108KB

ggaydji Size: 31KB - Virtual size: 32KB

ysokmrz Size: 4KB - Virtual size: 4KB

.text Size: 128KB - Virtual size: 132KB

.code
Size: 53KB - Virtual size: 52KB

.text
Size: 232KB - Virtual size: 231KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 175KB - Virtual size: 181KB

.rsrc
Size: 12KB - Virtual size: 12KB

.flat
Size: 47KB - Virtual size: 48KB

ltrqlnf
Size: 99KB - Virtual size: 100KB

qistefj
Size: 99KB - Virtual size: 100KB

meoztyv
Size: 103KB - Virtual size: 104KB

tqmczhz
Size: 107KB - Virtual size: 108KB

ggaydji
Size: 31KB - Virtual size: 32KB

ysokmrz
Size: 4KB - Virtual size: 4KB

.text
Size: 128KB - Virtual size: 132KB