c18df16013c1a039cb7125ee50d26b5f9835f61d3c791d38d5a0f7ad2215e861

Sharing

Copy URL

Twitter E-mail

General

Target

c18df16013c1a039cb7125ee50d26b5f9835f61d3c791d38d5a0f7ad2215e861
Size

820KB
MD5

ba5ded4a384dc6ab600dd6af1ba25884
SHA1

8bad7156fda273bfc789b6810dacabec05207688
SHA256

c18df16013c1a039cb7125ee50d26b5f9835f61d3c791d38d5a0f7ad2215e861
SHA512

5a1d98da409088e0f2e8af57ec5292ce1b2d0149a84e7cdcfa6d8335219eb3c1375d81daf1776f454126256fa536e86ea609621ef027417197d04975764a4a5b
SSDEEP

12288:OKnJXa/rMOPsQ3ykLlf6VEPvgHyBqgiyUDHUgYR9mLzQx:1OLPsQ9faSQNyUD07EH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
c18df16013c1a039cb7125ee50d26b5f9835f61d3c791d38d5a0f7ad2215e861

Files

c18df16013c1a039cb7125ee50d26b5f9835f61d3c791d38d5a0f7ad2215e861
.exe windows:4 windows x86 arch:x86

b48c946ac4bbfb9d36b12a0fc1296afd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineA
TerminateProcess
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
GetLocalTime
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetSystemTime
GetTimeZoneInformation
RtlUnwind
GetFileTime
GetFileSize
GetFileAttributesA
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
DuplicateHandle
GetOEMCP
GetCPInfo
GetThreadLocale
GetProcessVersion
GetLastError
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
LocalAlloc
FormatMessageA
LocalFree
lstrcpynA
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
MulDiv
SetLastError
InterlockedDecrement
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
lstrlenA
WritePrivateProfileStringA
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ExitProcess
LoadLibraryA
GetProcAddress
CreateFileA
WriteFile
VirtualFree
CloseHandle

user32

GetSysColorBrush
CharNextA
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
MessageBeep
CharUpperA
RegisterClipboardFormatA
PostThreadMessageA
LoadCursorA
DestroyMenu
LoadStringA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
ScreenToClient
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDesktopWindow
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
SystemParametersInfoA
GetWindowPlacement
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
wsprintfA
EndDialog
LoadIconA
GetClientRect
GetWindowRect
SendMessageA
AppendMenuA
GetSystemMenu
DrawIcon
GetSystemMetrics
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
PtInRect
GetClassNameA
GetNextDlgTabItem
GetMessageA
IsIconic
SetTimer
InvalidateRect
KillTimer
EnableWindow
TabbedTextOutA
DrawTextA
GrayStringA
PostMessageA
PostQuitMessage
SetCursor
MessageBoxA
GetWindowLongA
IsWindowEnabled
GetLastActivePopup
GetParent
SetWindowsHookExA
GetCursorPos
PeekMessageA
IsWindowVisible
ValidateRect
CallNextHookEx
GetKeyState
GetActiveWindow
DispatchMessageA
TranslateMessage
AdjustWindowRectEx

gdi32

DeleteObject
GetDeviceCaps
GetViewportExtEx
CreatePen
GetTextColor
LineTo
MoveToEx
ScaleWindowExtEx
SetWindowExtEx
GetWindowExtEx
BitBlt
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
Polyline
CreateCompatibleDC
LPtoDP
CreateCompatibleBitmap
GetMapMode
DPtoLP
GetBkColor

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
CoRevokeClassObject

olepro32

ord253

oleaut32

SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysStringLen
SysFreeString

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 472KB - Virtual size: 468KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b48c946ac4bbfb9d36b12a0fc1296afd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 136KB - Virtual size: 135KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 172KB - Virtual size: 182KB

.rsrc Size: 472KB - Virtual size: 468KB

.text
Size: 136KB - Virtual size: 135KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 172KB - Virtual size: 182KB

.rsrc
Size: 472KB - Virtual size: 468KB