18c4a734eb138b8ef4365252817bf1c54bba6704753ba1b369d4949080c7a1cb

Sharing

Copy URL Twitter E-mail

General

Target

18c4a734eb138b8ef4365252817bf1c54bba6704753ba1b369d4949080c7a1cb
Size

2.1MB
MD5

dad18b7f45696b55a77ff993355a0bc6
SHA1

4fd298de5291b03e0a8617e841da56a6a697d721
SHA256

18c4a734eb138b8ef4365252817bf1c54bba6704753ba1b369d4949080c7a1cb
SHA512

def40ab477c9fa0899293f00ad4fd686b1b3939c955e794f52378021aadc650c8d6319e618771395e8965b12634f9b0b71f8af24a82abd6efff0f98c9feb41b0
SSDEEP

24576:mrmoCH/siu9xQBvJ4TyKyCdgjBXj0jHy3WBZ3cRDusH192mdoEtPg+61zpw94I2H:mhxaM+7g+Kzq4I28/1eKle7mLXg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18c4a734eb138b8ef4365252817bf1c54bba6704753ba1b369d4949080c7a1cb

Files

18c4a734eb138b8ef4365252817bf1c54bba6704753ba1b369d4949080c7a1cb
.exe windows:4 windows x86 arch:x86

0dfd18b47f2ad9bb705fc829b2b32c50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
lstrcatA
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
LockResource
LoadResource
FindResourceA
SetEvent
ResumeThread
SetThreadPriority
SuspendThread
GetCurrentThread
GetCPInfo
GetOEMCP
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
GetACP
HeapReAlloc
HeapSize
ExitThread
FatalAppExitA
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
GlobalFlags
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
SetStdHandle
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SizeofResource
BackupWrite
BackupRead
BackupSeek
QueryPerformanceCounter
VirtualQueryEx
InterlockedExchangeAdd
InterlockedExchange
InterlockedCompareExchange
ReadProcessMemory
GetThreadPriority
GetExitCodeThread
TerminateThread
ResetEvent
MoveFileW
GetEnvironmentVariableW
GetTempPathW
GetSystemDirectoryW
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
SetVolumeLabelA
GetDiskFreeSpaceA
FormatMessageW
FindResourceExA
EnumResourceTypesA
EnumResourceLanguagesA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
VirtualProtect
DefineDosDeviceA
GlobalFree
GlobalSize
GlobalAlloc
SetLastError
WaitForMultipleObjects
CreateEventA
ReleaseMutex
CreateMutexA
ReleaseSemaphore
CreateSemaphoreA
SystemTimeToFileTime
LocalFileTimeToFileTime
GetShortPathNameA
lstrcmpiA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
lstrcpynA
lstrcpyA
SetEndOfFile
UnlockFile
LockFile
DuplicateHandle
FileTimeToLocalFileTime
lstrlenW
GlobalLock
GlobalUnlock
FormatMessageA
lstrlenA
InterlockedDecrement
InterlockedIncrement
LoadLibraryW
GetLogicalDriveStringsA
GetVolumeInformationA
GetDiskFreeSpaceExA
OpenMutexA
GetVersionExA
AllocConsole
GetStdHandle
WriteConsoleA
FreeConsole
OutputDebugStringW
SetFilePointer
GetProfileStringA
WideCharToMultiByte
WaitForSingleObject
LocalAlloc
GetTempPathA
GetWindowsDirectoryA
SetCurrentDirectoryA
CreateProcessA
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
SetPriorityClass
GetPriorityClass
GetDriveTypeA
ExpandEnvironmentStringsW
GetLogicalDrives
ExpandEnvironmentStringsA
DeleteCriticalSection
EnumResourceNamesA
InitializeCriticalSection
GetVersion
GetUserDefaultLangID
GetSystemDefaultLangID
MultiByteToWideChar
MulDiv
GetExitCodeProcess
GetProcessTimes
FileTimeToSystemTime
GetWindowsDirectoryW
OutputDebugStringA
SetThreadLocale
OpenFileMappingA
SleepEx
PulseEvent
CopyFileW
GetDiskFreeSpaceExW
GetFileTime
SetFileTime
VirtualQuery
CreateProcessW
GetProcessHeap
HeapAlloc
HeapFree
WriteFile
GetComputerNameA
GetComputerNameW
FlushFileBuffers
CreateDirectoryA
GetFileAttributesExA
GetFileAttributesExW
GetVolumeInformationW
QueryDosDeviceA
DeviceIoControl
Sleep
MoveFileA
SetFileAttributesW
RemoveDirectoryW
MoveFileExW
DeleteFileW
SetFileAttributesA
lstrcmpA
RemoveDirectoryA
DeleteFileA
GetSystemInfo
FindFirstFileA
FindNextFileA
LoadLibraryA
LocalFree
OpenProcess
GetCurrentProcess
CreateThread
GetSystemDirectoryA
GetModuleHandleW
GetFileInformationByHandle
GetCurrentThreadId
GetModuleHandleA
GetFileSize
ReadFile
GetLastError
LoadLibraryExW
LoadLibraryExA
GetProcAddress
FreeLibrary
CreateFileW
GetDriveTypeW
QueryDosDeviceW
GetTickCount
GetFileAttributesW
CreateDirectoryW
GetLocalTime
GetCurrentProcessId
FindFirstFileW
lstrcmpW
FindNextFileW
FindClose
CreateFileA
CloseHandle
CopyFileA
MoveFileExA
GetFileAttributesA
GetCurrentDirectoryW
GetModuleFileNameW
GetCurrentDirectoryA
GetStringTypeA
GetModuleFileNameA

user32

IsIconic
GetWindowPlacement
MoveWindow
SetWindowLongA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
GetSysColor
GetSysColorBrush
LoadCursorA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ScreenToClient
UnhookWindowsHookEx
GetLastActivePopup
IsWindowEnabled
EnableWindow
GetScrollPos
SetScrollPos
wvsprintfA
SetFocus
GetFocus
SetWindowTextA
ClientToScreen
GetWindow
SystemParametersInfoA
GetWindowRect
PtInRect
RemoveMenu
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
LoadStringA
MsgWaitForMultipleObjects
IntersectRect
OffsetRect
RegisterWindowMessageA
GetMessagePos
GetMessageTime
DefWindowProcA
GetSystemMetrics
CharUpperA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CallNextHookEx
wsprintfA
GetWindowTextLengthA
OemToCharA
CharToOemA
SetActiveWindow
GetClassNameA
GetDlgItem
OpenDesktopW
GetMessageA
DispatchMessageA
TranslateMessage
CreateWindowExA
SetWindowsHookExA
DestroyWindow
GetKeyState
SetWindowPlacement
TrackPopupMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
IsChild
GetTopWindow
SetScrollRange
GetScrollRange
ShowScrollBar
SetScrollInfo
GetScrollInfo
ScrollWindow
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
DeferWindowPos
EqualRect
AdjustWindowRectEx
IsWindow
PeekMessageA
MapWindowPoints
UpdateWindow
PostMessageA
LoadIconA
GetCursorPos
ValidateRect
GetActiveWindow
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
LoadBitmapA
GetClientRect
GetUserObjectInformationW
CharToOemBuffA
OemToCharBuffA
SendMessageA
AttachThreadInput
ShowWindow
SetWindowPos
SetForegroundWindow
FindWindowA
GetWindowTextW
GetMenuCheckMarkDimensions
PostQuitMessage
DestroyMenu
ShowOwnedPopups
SetCursor
DeleteMenu
GetDlgCtrlID
GetWindowTextA
GetDesktopWindow
EnumChildWindows
EnumWindows
GetParent
GetWindowLongA
IsWindowVisible
EnumDesktopWindows
SendMessageTimeoutA
MessageBoxW
MessageBoxA
OpenWindowStationA
SetProcessWindowStation
CloseWindowStation
GetForegroundWindow
GetClassNameW
GetWindowThreadProcessId
FindWindowExA
GetProcessWindowStation
GetUserObjectInformationA
OpenInputDesktop
OpenDesktopA
GetThreadDesktop
SetThreadDesktop
CloseDesktop
IsDialogMessageA

gdi32

GetDCOrgEx
TextOutA
CreateBitmap
RectVisible
PtVisible
CreateDIBPatternBrushPt
CreatePatternBrush
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePen
GetWindowExtEx
GetViewportExtEx
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
CreateRectRgn
GetClipRgn
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
GetCurrentPositionEx
Escape
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
CreateFontIndirectW
GetDeviceCaps
GetObjectW
GetStockObject
CopyMetaFileA
CreateDCA
DeleteObject
DeleteDC
StartDocA
SaveDC
RestoreDC
SelectObject
SelectPalette
SetBkColor
SetMapperFlags
ExtTextOutA
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetMapMode
SetViewportOrgEx
GetObjectA
SetViewportExtEx
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetBitmapBits
OffsetViewportOrgEx

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegConnectRegistryA
RegCreateKeyW
RegSetKeySecurity
GetUserNameA
DeregisterEventSource
ReportEventA
RegisterEventSourceA
EnumServicesStatusA
RegSetValueA
QueryServiceStatus
LockServiceDatabase
UnlockServiceDatabase
RegCreateKeyExA
ControlService
DeleteService
CreateServiceA
ChangeServiceConfig2A
StartServiceA
QueryServiceConfig2A
OpenSCManagerA
OpenServiceA
QueryServiceConfigA
ChangeServiceConfigA
CloseServiceHandle
RegQueryInfoKeyA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
GetAclInformation
GetLengthSid
InitializeAcl
GetAce
AddAce
AddAccessAllowedAce
GetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
LookupAccountNameW
GetFileSecurityW
SetFileSecurityW
GetFileSecurityA
AllocateAndInitializeSid
EqualSid
FreeSid
SetFileSecurityA
RegSetValueExA
RegOpenKeyA
GetUserNameW
GetTokenInformation
LookupAccountSidW
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyA
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW
RegSetValueExW
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyA

shell32

SHGetSpecialFolderPathW
DragAcceptFiles
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetPathFromIDListW
SHGetSpecialFolderPathA

comctl32

ord17

ole32

ReadClassStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
CoTaskMemAlloc
OleDuplicateData
CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
StringFromCLSID
CoTreatAsClass
ReleaseStgMedium
CoDisconnectObject
ReadFmtUserTypeStg
CoInitializeEx

oleaut32

SysFreeString
SetErrorInfo
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
CreateErrorInfo
SystemTimeToVariantTime
GetErrorInfo
SafeArrayCopy
SysReAllocStringLen
SysAllocStringLen
SysStringLen
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantInit
VarBstrFromDate
VarDateFromStr
VarBstrFromCy
VarCyFromStr
SysStringByteLen
VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
SafeArrayRedim
VariantClear
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound

mpr

WNetGetConnectionW
WNetGetConnectionA

setupapi

SetupInstallFileA

ws2_32

ntohl
inet_addr
inet_ntoa
WSAStartup
gethostbyname
htonl

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

rpcrt4

UuidToStringW
UuidCreate
UuidFromStringW
RpcStringFreeW
UuidToStringA
RpcStringFreeA

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 192KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0dfd18b47f2ad9bb705fc829b2b32c50

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

mpr

setupapi

ws2_32

version

rpcrt4

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 232KB - Virtual size: 231KB

.data Size: 192KB - Virtual size: 249KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 232KB - Virtual size: 231KB

.data
Size: 192KB - Virtual size: 249KB

.rsrc
Size: 4KB - Virtual size: 1KB