c18cd86a9bd5571f02df72f69bed09c1

Sharing

Copy URL Twitter E-mail

General

Target

c18cd86a9bd5571f02df72f69bed09c1
Size

171KB
MD5

c18cd86a9bd5571f02df72f69bed09c1
SHA1

6e4f16456b8fdf864cfd2b79526e1e591738d5e8
SHA256

eced4f0bd718fd65717de2f4a4d51761c014547fb82b45b86ec82ef7b12cde14
SHA512

8a2b27f02653d7fd5b61bc7ea78aecc184294cf8f1230763d529fc1b460450eef82572bc22dd8a1b07df9ae5ac7a61bf95db781c133df3df966c5b218c32b93d
SSDEEP

3072:xJzM5Axy4qOhsUZBz7DK6D66j9035orbNkNEzaaUcNHHA:DoGxJBZBzK+66ja2NkNExPH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c18cd86a9bd5571f02df72f69bed09c1

Files

c18cd86a9bd5571f02df72f69bed09c1
.exe windows:4 windows x86 arch:x86

227ecc1620302606147043075ed4cc02

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCalendarInfoW
ConvertDefaultLocale
FindClose
FindNextFileW
GetCurrentDirectoryW
EnumResourceLanguagesW
lstrcpyW
GetSystemDefaultLangID
SetFileTime
GetThreadContext
GetVersion
DeleteFileW
InterlockedDecrement
SetFilePointer
RemoveDirectoryW
LoadLibraryW
WideCharToMultiByte
ReadFile
CreateDirectoryW
EnumResourceNamesA
WriteFile
SystemTimeToFileTime
LocalFileTimeToFileTime
CreateFileW
GetCurrentProcessId
ExitProcess
GetLocaleInfoW
MultiByteToWideChar
FindFirstFileW
GetModuleFileNameW
GetFileAttributesW
MoveFileW
GetProcAddress

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

shlwapi

PathFindExtensionW
PathRemoveFileSpecW
PathStripToRootW
PathFileExistsW
PathFindFileNameW
PathIsUNCW
PathAppendW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

GetNextDlgTabItem
CopyAcceleratorTableW
RegisterWindowMessageW
CharUpperW
SetPropW
RemovePropW
WinHelpW
GetClassLongW
InvalidateRgn
SendDlgItemMessageA
CharNextW
GetPropW
GetNextDlgGroupItem
IsRectEmpty
MessageBeep
SetRect
InvalidateRect
GetClassInfoExW
CreateWindowExW
DestroyMenu

gdi32

SelectObject
ScaleWindowExtEx
GetStockObject
PtVisible
RectVisible
ExtSelectClipRgn
ExtTextOutW
SetWindowExtEx
GetMapMode
TextOutW
DeleteDC
SetViewportOrgEx
GetDeviceCaps
OffsetViewportOrgEx
GetBkColor
Escape
GetTextColor
ScaleViewportExtEx
GetRgnBox

advapi32

RegQueryValueW
RegSetValueExW
RegOpenKeyW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegEnumKeyW
RegCreateKeyExW
RegQueryValueExW

ole32

CoUninitialize
OleUninitialize
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleIsCurrentClipboard
CoGetClassObject
CLSIDFromProgID
CoCreateInstance
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoRevokeClassObject
CoInitialize
CoTaskMemAlloc
OleInitialize
OleFlushClipboard
CoTaskMemFree
CLSIDFromString

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

227ecc1620302606147043075ed4cc02

Headers

File Characteristics

Imports

kernel32

shell32

shlwapi

oleacc

user32

gdi32

advapi32

ole32

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 68KB - Virtual size: 67KB

.edata Size: 1024B - Virtual size: 96KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 68KB - Virtual size: 67KB

.edata
Size: 1024B - Virtual size: 96KB