c1828de1ced08d770cec3efb0c794fd6

Sharing

Copy URL

Twitter E-mail

General

Target

c1828de1ced08d770cec3efb0c794fd6
Size

97KB
MD5

c1828de1ced08d770cec3efb0c794fd6
SHA1

b7613d169a743befc91fe44180b69ff21674f052
SHA256

5386651da47dab16e5e05cc4e250c4a5cbc3b180268bf6d1b63e3c3e7fc78dcb
SHA512

15de11bc75afd40b9de62bc1d363ab260b684c3273aa39f4d55e72aca7d800226ab22a279a0fe1bfecd98224ce3a42d53365fc387d22a192bc80db59849f75ab
SSDEEP

1536:z6q5l66GHEFJ5o9PGqjDBFm+kIvVismEetYeeuWFa5QOl/ek:/s64EFJ5o9PGqjTTfoae7WFYQOl/F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1828de1ced08d770cec3efb0c794fd6

Files

c1828de1ced08d770cec3efb0c794fd6
.exe windows:4 windows x86 arch:x86

e33c56f75b672fd1e1aac5f05f48a950

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempFileNameA
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileTime
DeleteFileA
WritePrivateProfileStringA
CopyFileA
WinExec
ExitProcess
OpenFile
SetErrorMode
GetModuleFileNameA
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetOEMCP
GetACP
GetCPInfo
GetLocaleInfoA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
ReadFile
SetFilePointer
WriteFile
_lclose
SetHandleCount
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualProtect
GetCurrentProcess
MultiByteToWideChar
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
WideCharToMultiByte
LCMapStringA
GetStringTypeW
GetStringTypeA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
CreateFileA
GetFileType
SetEndOfFile
CloseHandle
MoveFileA
SetCurrentDirectoryA
SetEnvironmentVariableA
GetFullPathNameA
GetCurrentDirectoryA
HeapFree
HeapAlloc
_lcreat
MoveFileExA
GetTempPathA
GetLocalTime
GetFileAttributesA
HeapSize
FindClose
FindNextFileA
FindFirstFileA
SetFileAttributesA
GetVersionExA
lstrcatA
lstrcpyA
lstrcpynA
GetDriveTypeA
GetSystemDirectoryA
CreateDirectoryA
FreeLibrary
GetPrivateProfileIntA
GetPrivateProfileStringA
MulDiv
RemoveDirectoryA
lstrcmpA
FindResourceA
SizeofResource
LoadResource
LockResource
FreeResource
GetLastError
FormatMessageA
LocalFree
CreateProcessA
WaitForSingleObject
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
lstrcmpiA
GetWindowsDirectoryA
_lopen
_llseek
TerminateProcess
_lwrite
lstrlenA
_lread
LoadLibraryA
GetStdHandle
GetProcAddress

user32

LoadBitmapA
GetMessageA
ExitWindowsEx
SetCursor
IsWindowVisible
MoveWindow
PostMessageA
DdeUninitialize
GetWindowTextA
SetRect
LoadIconA
LoadCursorA
IsDialogMessageA
DdeInitializeA
ScreenToClient
GetParent
GetWindowRect
SendDlgItemMessageA
RegisterClassA
FindWindowA
DialogBoxParamA
SetFocus
EndDialog
DefWindowProcA
GetClientRect
PostQuitMessage
CreateDialogParamA
CreateWindowExA
UpdateWindow
BeginPaint
DrawEdge
EndPaint
LoadStringA
EnumChildWindows
DdeDisconnect
DdeCreateStringHandleA
DdeConnect
DdeGetData
DdeFreeDataHandle
GetDlgItemTextA
SetDlgItemTextA
InvalidateRect
OemToCharA
MessageBoxA
SetWindowTextA
CharNextA
DestroyWindow
GetSysColor
GetDialogBaseUnits
FillRect
DrawIcon
wsprintfA
SendMessageA
GetDC
ReleaseDC
DdeCreateDataHandle
DdeClientTransaction
SetTimer
PeekMessageA
TranslateMessage
DispatchMessageA
KillTimer
GetDlgItem
EnableWindow
ShowWindow

gdi32

PatBlt
BitBlt
CreateFontA
SetBkMode
TextOutA
SetBkColor
SetTextColor
ExtTextOutA
GetStockObject
SelectPalette
RealizePalette
GetObjectA
GetDeviceCaps
CreateFontIndirectA
CreatePen
MoveToEx
LineTo
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
StretchBlt
DeleteObject
DeleteDC
SelectObject
GetTextExtentPointA
CreateBrushIndirect

comdlg32

GetOpenFileNameA

advapi32

RegSetValueExA
RegSetValueA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegEnumKeyExA
DeleteService
ControlService
CloseServiceHandle
OpenServiceA
OpenSCManagerA
RegQueryValueExA
RegDeleteValueA
RegEnumValueA
RegCloseKey

shell32

ShellExecuteA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Exports

Exports

_ItemDlg@16
_MainWndProc@16
_ProgressDlg@16
_PromptDlg@16
_SharedDlg@16

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e33c56f75b672fd1e1aac5f05f48a950

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Exports

Exports

Sections

.text Size: 73KB - Virtual size: 73KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 137KB - Virtual size: 140KB

.text
Size: 73KB - Virtual size: 73KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 137KB - Virtual size: 140KB