illinkdetector[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

illinkdetector.exe
Size

4.5MB
MD5

d7ef1db4bdea85d2578b7933aac68c0a
SHA1

852ee5b9dd5a423607dc223639ceb3d96d73e988
SHA256

2deb054102330e472d1b8367a1a297f15dadfb02b181139c1df844f92bf7632a
SHA512

18bc1f9352d8bf2dd3a3948bd3734c2024d5123e150e973630ac65389d925fae7d726a7336506088a278c5b52dfeb2d422866cb75882c571a2166bd1b7dc3df3
SSDEEP

98304:2zIV+MHtGwC7neJMgTrRMzmtxBxlEvxRuA02/+RtFl9O:2zwSqFrezmxlmWRHO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
illinkdetector.exe

Files

illinkdetector.exe
.exe windows:4 windows x86 arch:x86

be37150f494af84ee3e2e5536566cdce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutGetNumDevs

mpr

WNetCloseEnum

comctl32

PropertySheetW

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo

kernel32

GetOverlappedResult
GetPrivateProfileIntW
GetPrivateProfileSectionNamesW
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetShortPathNameW
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTime
GetTempPathW
GetThreadContext
GetThreadPriority
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExA
GetVersionExW
GlobalAlloc
GlobalFree
GlobalLock
GlobalSize
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InterlockedDecrement
InterlockedExchangeAdd
InterlockedIncrement
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LoadLibraryExW
GetOEMCP
LoadResource
LocalFree
LockResource
lstrlenA
MapViewOfFile
MoveFileExW
MoveFileW
MulDiv
MultiByteToWideChar
OpenFileMappingW
OpenProcess
PeekNamedPipe
QueryPerformanceFrequency
RaiseException
ReadFile
ReadProcessMemory
ReleaseMutex
RemoveDirectoryW
ResetEvent
ResumeThread
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetFileAttributesW
SetHandleCount
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLogicalDriveStringsW
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFileType
GetFileTime
GetFileAttributesW
GetExitCodeProcess
GetEnvironmentVariableW
GetEnvironmentVariableA
GetEnvironmentStringsW
GetDriveTypeW
GetDiskFreeSpaceExW
GetCurrentProcess
GetCurrentDirectoryW
GetCurrentDirectoryA
GetCPInfo
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetComputerNameW
GetCommandLineW
GetACP
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FlushFileBuffers
FindResourceW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitProcess
EnumSystemLocalesA
DuplicateHandle
DisconnectNamedPipe
DeviceIoControl
DeleteFileW
DeleteCriticalSection
CreateThread
CreateProcessW
CreatePipe
CreateNamedPipeW
CreateMutexW
CreateFileW
CreateFileMappingW
CreateFileA
CreateDirectoryW
CopyFileW
ConnectNamedPipe
GetStartupInfoW
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalAlloc
CreateEventW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
LoadLibraryW

user32

MapVirtualKeyW
MapWindowPoints
MessageBoxW
MoveWindow
MsgWaitForMultipleObjects
OffsetRect
OpenClipboard
PeekMessageW
PostMessageW
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropW
ScreenToClient
ScrollWindowEx
SendDlgItemMessageW
SendMessageW
SetActiveWindow
SetCapture
SetClassLongW
SetClipboardData
SetCursor
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetMenuDefaultItem
SetMenuItemInfoW
SetPropW
SetScrollInfo
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowsHookExW
SetWindowTextW
ShowScrollBar
ShowWindow
SystemParametersInfoW
TrackPopupMenu
TranslateMessage
UnhookWindowsHookEx
UpdateWindow
WaitForInputIdle
WindowFromDC
WindowFromPoint
wsprintfW
keybd_event
IsZoomed
IsWindowVisible
IsWindowEnabled
IsIconic
IsDlgButtonChecked
IsDialogMessageW
IsClipboardFormatAvailable
IsCharAlphaW
InvalidateRect
InsertMenuW
InsertMenuItemW
InflateRect
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
MapDialogRect
GetWindowLongW
GetWindowDC
GetWindow
GetUpdateRect
GetSystemMetrics
GetSysColorBrush
GetSubMenu
GetScrollInfo
GetPropW
GetParent
GetNextDlgGroupItem
GetMessageW
GetMenuStringW
GetMenuItemInfoW
GetKeyState
GetKeyNameTextW
GetKeyboardState
GetIconInfo
GetForegroundWindow
GetFocus
GetDlgItemTextW
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursor
GetClipboardData
GetClientRect
GetClassNameW
GetClassNameA
GetClassInfoW
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowW
FindWindowExW
EnumChildWindows
EndPaint
EndDialog
EnableWindow
EnableMenuItem
EmptyClipboard
DrawTextW
DrawStateW
DrawIconEx
DrawFocusRect
DrawEdge
DispatchMessageW
DialogBoxParamW
DialogBoxIndirectParamW
DestroyWindow
DestroyMenu
DestroyIcon
DeleteMenu
DefWindowProcW
CreateWindowExW
CreatePopupMenu
CreateDialogParamW
CreateDialogIndirectParamW
CloseClipboard
ClientToScreen
CheckMenuRadioItem
CheckMenuItem
CheckDlgButton
CallWindowProcW
CallNextHookEx
BeginPaint
AppendMenuW
GetKeyboardType
LoadStringW
LoadImageW
LoadCursorW
GetWindowPlacement
KillTimer
FillRect

gdi32

GetObjectW
GetStockObject
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
SetTextColor
GetCurrentObject
SetTextAlign
SetStretchBltMode
SetPixel
SetDIBits
SetBrushOrgEx
SetBkMode
SetBkColor
GetObjectA
SelectClipRgn
PolyPolyline
Polygon
MoveToEx
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetTextMetricsW
GetTextMetricsA
CreateRectRgnIndirect
CreatePen
CreatePatternBrush
CreateFontW
CreateFontIndirectW
SelectObject
GetDIBits
CreateDIBSection
CreateDIBitmap
CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
ExtTextOutW
DeleteDC
CreateSolidBrush
GetTextExtentPoint32W

winspool.drv

OpenPrinterW
EnumPrintersW
DocumentPropertiesW
ClosePrinter

advapi32

SetFileSecurityW
RegSetValueExW
RegSetKeySecurity
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
PrivilegeCheck
OpenServiceW
OpenSCManagerW
OpenProcessToken
LookupPrivilegeValueW
LookupAccountSidW
InitializeSid
InitializeAcl
GetUserNameW
GetSidSubAuthority
GetSidLengthRequired
GetLengthSid
GetAce
FreeSid
EnumDependentServicesW
DuplicateTokenEx
ControlService
CloseServiceHandle
AllocateAndInitializeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
StartServiceW

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_except_handler3
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_exit
_controlfp

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1020KB - Virtual size: 1017KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.arch4
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

be37150f494af84ee3e2e5536566cdce

Headers

File Characteristics

Imports

winmm

mpr

comctl32

setupapi

kernel32

user32

gdi32

winspool.drv

advapi32

msvcrt

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 4.0MB

.rsrc Size: 1020KB - Virtual size: 1017KB

.arch4 Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 4.0MB

.rsrc
Size: 1020KB - Virtual size: 1017KB

.arch4
Size: 1.2MB - Virtual size: 1.2MB