ac01b17218258d8f417b038c00459163

Sharing

Copy URL Twitter E-mail

General

Target

ac01b17218258d8f417b038c00459163
Size

221KB
MD5

ac01b17218258d8f417b038c00459163
SHA1

a60c68038452503affe2fd8048397970bcc49af5
SHA256

aea4e08583074ae803be8c0e2e8d444a1e4f1ec2088e3e3547ca0039b1520175
SHA512

564847ac6dbc0ed1b838e68a95add345d913600163b773c1aca470ffdb07fc938fe4a4c8ee7420ac24fd7d5859c85c299617b08ad5e1a2d152ec4b8c8feac245
SSDEEP

3072:Bu7BSoTIOnRo+kr1hNlpJY504qf7GeeXkYHJ1ZP47QPK5yIB+20yw/MQUcIsQxlN:M7xBRsBVf4qFw9HJi3yo+AnFlR3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac01b17218258d8f417b038c00459163

Files

ac01b17218258d8f417b038c00459163
.exe windows:5 windows x86 arch:x86

d6c8d25b31a0d3deaa22f5793a49f9c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\wykmdfBHasks\cpNfolluDZ\VwtczzotmQcp.pdb

Imports

gdi32

CreateCompatibleDC
SetLayout
SetBitmapBits
GetClipBox
GetNearestPaletteIndex
AddFontResourceW
GetTextAlign
DPtoLP
StartDocW
CreateFontIndirectW
Escape
GetViewportOrgEx
GetBkMode
RemoveFontResourceW
BitBlt
GetDeviceCaps
CreateDIBSection
GetTextFaceW
GetRgnBox
PtInRegion
CreateSolidBrush
GetLayout
Polygon
CreateDiscardableBitmap
CreateRoundRectRgn
StretchBlt
SetDIBits
ExtTextOutA
GetBitmapBits
EndPath
ResizePalette
RectInRegion
TextOutW
GetTextExtentPoint32W
StretchDIBits
SelectObject
CreateFontA
GetPaletteEntries
PathToRegion
SetPixel
GetDIBits
CreateHatchBrush
GetPixel
GetFontData

psapi

GetProcessImageFileNameW

comctl32

PropertySheetA
CreateStatusWindowW
ImageList_ReplaceIcon
ImageList_Draw
CreateToolbarEx
InitCommonControlsEx

msvcrt

_controlfp
gmtime
exit
__set_app_type
free
getc
__p__fmode
fprintf
wcstok
wcslen
bsearch
iswalpha
qsort
wcscmp
ftell
rand
gets
iswctype
islower
setvbuf
printf
__p__commode
_amsg_exit
fread
_initterm
strchr
swscanf
_ismbblead
strtok
putchar
strrchr
_XcptFilter
_exit
iswspace
wcscpy
iswprint
localtime
towlower
_cexit
wcscspn
__setusermatherr
fputc
fwrite
__getmainargs

comdlg32

ChooseColorW
ChooseFontW
GetOpenFileNameA
FindTextW
ReplaceTextW

user32

DrawFrameControl
DrawEdge
BringWindowToTop
FindWindowA
DrawStateA
DeleteMenu
wvsprintfA
ScreenToClient
WaitForInputIdle
CharToOemBuffA
ShowWindow
GetWindowTextA
ShowCursor
CheckDlgButton
CheckMenuItem
DestroyCaret
SetLastErrorEx
MonitorFromRect
SetDlgItemInt
CopyImage
GetAsyncKeyState
CharToOemW
DrawIcon
MessageBoxA
GetWindowTextLengthW
CreateAcceleratorTableW
RegisterClassExW
IsWindowUnicode
DestroyIcon
ModifyMenuW
DragObject
TranslateAcceleratorW
SetCursor
InvalidateRgn
GetNextDlgGroupItem
ChangeMenuW
GetMessageW
GetClassLongA
CharLowerW
InsertMenuItemW
InternalGetWindowText
SetWindowTextA
GetTopWindow
OpenDesktopW
ShowWindowAsync
CreatePopupMenu
ToUnicodeEx
CopyAcceleratorTableW
GetMenuItemRect
CallWindowProcA
GetUserObjectInformationA
DialogBoxIndirectParamA
SetMenuDefaultItem
GetDoubleClickTime
CascadeWindows
OemToCharBuffA
GetCursorPos
PostMessageA
SwitchToThisWindow
IsMenu
PeekMessageA
PostThreadMessageW
GetMonitorInfoW
DestroyMenu
SetScrollPos
GetMenuItemCount
FillRect
GetActiveWindow
SetScrollInfo
GetMessagePos
SendMessageTimeoutW
GetLastActivePopup
CreateCursor
FindWindowExW
MapWindowPoints
ReleaseDC
SendMessageA
RemovePropW
CharUpperBuffA
DeferWindowPos
PostQuitMessage
SetClassLongW
HiliteMenuItem
DestroyCursor
MoveWindow
FrameRect
WindowFromPoint
IsWindowEnabled
DefFrameProcA
LookupIconIdFromDirectory
CharUpperBuffW
GetFocus
MapVirtualKeyA
DrawMenuBar
DrawStateW
SystemParametersInfoW
LockWindowUpdate
UnloadKeyboardLayout
LoadStringW
GetClientRect
PostMessageW
CheckMenuRadioItem
GetUpdateRgn
GetWindowLongW
CreateCaret
GetShellWindow
IsCharUpperA
DispatchMessageA
CallWindowProcW

kernel32

GetDateFormatW
CreateSemaphoreW
GlobalUnlock
GlobalFree
SetLocalTime
GetDateFormatA
HeapAlloc
CancelIo
GetThreadTimes
ConnectNamedPipe
DeleteCriticalSection
OpenEventA
SetSystemTimeAdjustment
SetThreadContext
GetTimeFormatW
HeapFree
lstrcpyW
lstrcmpiW
DeleteFileA
GetCompressedFileSizeW
ResumeThread
SetFileApisToOEM
OpenSemaphoreW
DisconnectNamedPipe
GetFullPathNameA
LoadLibraryExW
GetFileAttributesExW
lstrcatW
VirtualProtect
GetProcessHeap
GetTempPathA
ClearCommBreak
GetModuleHandleA
GlobalCompact
IsDBCSLeadByteEx
MoveFileExA
FindResourceW
lstrcmpA
OpenEventW
GlobalDeleteAtom
SetThreadLocale
GetSystemDefaultUILanguage
GetHandleInformation
IsBadReadPtr
EnumResourceLanguagesA
FreeResource
GetTimeZoneInformation
LoadResource
GlobalFindAtomW
GetModuleFileNameW
SetPriorityClass
SetFileAttributesW
GetVersionExW
GetWindowsDirectoryA
RemoveDirectoryW

Exports

Exports

?AddTask@@YGEPAJ]A
?LoadKeyNameW@@YGPAFPAHPAHF]A

Sections

.text
Size: 194KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.packed
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6c8d25b31a0d3deaa22f5793a49f9c1

Headers

File Characteristics

PDB Paths

Imports

gdi32

psapi

comctl32

msvcrt

comdlg32

user32

kernel32

Exports

Exports

Sections

.text Size: 194KB - Virtual size: 194KB

.packed Size: 13KB - Virtual size: 13KB

.data Size: 9KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 194KB - Virtual size: 194KB

.packed
Size: 13KB - Virtual size: 13KB

.data
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB