1b154e8eab12e28189a6e978a25483116dcc363df6f0c645d316aae28da95beb

Sharing

Copy URL Twitter E-mail

General

Target

1b154e8eab12e28189a6e978a25483116dcc363df6f0c645d316aae28da95beb
Size

320KB
MD5

9b93bdcc65ea75147987e7f06ca8b080
SHA1

0930935b0930fa0da0e650f4801959d37d90ad2d
SHA256

1b154e8eab12e28189a6e978a25483116dcc363df6f0c645d316aae28da95beb
SHA512

d4c25af8149d0ecbbb15e30b15b986cc8d8f509f0bf5f64f690f894cd364c4a9398ba759997808794b75a688bc124eaae59760aae2baf18d1824b82d06bfd7c1
SSDEEP

6144:uhPwxFAhZFxRAV7khH8ctxDWMhBpI2uVhroNuT+FEiB:ZxFAh9uChHRxCMERotF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b154e8eab12e28189a6e978a25483116dcc363df6f0c645d316aae28da95beb

Files

1b154e8eab12e28189a6e978a25483116dcc363df6f0c645d316aae28da95beb
.exe windows:4 windows x86 arch:x86

4032d171b2d17bd59e63199af4db15e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
RaiseException
HeapFree
HeapAlloc
TerminateProcess
SetStdHandle
GetFileType
HeapSize
HeapReAlloc
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStartupInfoA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetDriveTypeA
Sleep
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetACP
RtlUnwind
GetProfileStringA
InterlockedExchange
GetTickCount
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
GetCurrentDirectoryA
WritePrivateProfileStringA
FileTimeToLocalFileTime
FileTimeToSystemTime
SizeofResource
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalAlloc
GetCurrentThread
FindNextFileA
FindFirstFileA
GetLastError
FindClose
GlobalFree
FormatMessageA
LocalFree
lstrcpynA
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalUnlock
MulDiv
SetLastError
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetStdHandle
CreateProcessA
WaitForSingleObject
lstrcmpA
GetModuleHandleA
GetCurrentProcess
GetProcAddress
CloseHandle
GetModuleFileNameA
lstrcatA
lstrlenA
WinExec
lstrcpyA
FreeLibrary
LoadLibraryA
SetHandleCount

user32

RegisterClipboardFormatA
PostThreadMessageA
GetMenuState
ModifyMenuA
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
SetFocus
AdjustWindowRectEx
CopyRect
IsWindowVisible
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CharUpperA
RemovePropA
DefWindowProcA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
KillTimer
SendMessageA
GetClientRect
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
IsIconic
GetWindowPlacement
GetSystemMetrics
MessageBoxA
PostMessageA
SendMessageTimeoutA
LoadIconA
EnableWindow
LoadCursorA
GetWindowRect
GetParent
GetDC
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
wsprintfA
CharNextA
ReleaseDC
InflateRect
IsWindow
GetSysColor
SetCursor
GetMessagePos
ScreenToClient
PtInRect
InvalidateRect
SetTimer
DefDlgProcA
IsWindowUnicode
SetWindowLongA
MessageBeep
LoadStringA
DestroyMenu
GetSysColorBrush
GetDesktopWindow
GetClassNameA
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
GetCursorPos
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
CallWindowProcA
GetWindowDC
ClientToScreen
GetMenuCheckMarkDimensions
LoadBitmapA
SetMenuItemBitmaps

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
SetViewportExtEx
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetMapMode
PatBlt
DPtoLP
GetTextColor
GetBkColor
LPtoDP
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetStockObject
GetObjectA
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegDeleteValueA
RegOpenKeyA
RegEnumKeyA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleUninitialize

olepro32

ord253

oleaut32

VariantCopy
VariantClear
SysAllocStringLen
SysFreeString
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysStringLen
VariantTimeToSystemTime

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4032d171b2d17bd59e63199af4db15e8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 168KB - Virtual size: 165KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 20KB - Virtual size: 36KB

.rsrc Size: 88KB - Virtual size: 88KB

.text
Size: 168KB - Virtual size: 165KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 20KB - Virtual size: 36KB

.rsrc
Size: 88KB - Virtual size: 88KB