1b37cb67040d54f25d7e43e813dfcbc40529a07bb7dd9433ed2468996315c21f

Sharing

Copy URL Twitter E-mail

General

Target

1b37cb67040d54f25d7e43e813dfcbc40529a07bb7dd9433ed2468996315c21f
Size

852KB
MD5

0cd5d9c5683dddc15bf5b2e9a363fa9f
SHA1

5b3bf27a5c4af6cac6d1a18b480381ea00f8ad9e
SHA256

1b37cb67040d54f25d7e43e813dfcbc40529a07bb7dd9433ed2468996315c21f
SHA512

0244e510a90da7a5f4981c0d86bddd10cc29245f0f41b1ccfeaafff2d76edb37f7a3b92c6e9f129b0621608b8e3074733aee9f53966a37430e65e815e2eb9ce3
SSDEEP

12288:iuaQQytDpEbsvkB07v0UTuxmDPPquDVG/hutn+FRfDEiDEzCz:iuQytDpEbsvFvlTBjRGJJ77

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b37cb67040d54f25d7e43e813dfcbc40529a07bb7dd9433ed2468996315c21f

Files

1b37cb67040d54f25d7e43e813dfcbc40529a07bb7dd9433ed2468996315c21f
.exe windows:5 windows x86 arch:x86

a4e2d1e87df4aac66f7622187b8edff2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
CopyFileW
SetFileAttributesW
LockResource
SizeofResource
FreeResource
LoadResource
FindResourceW
WritePrivateProfileStringW
CreateMutexW
GetTempPathW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetPrivateProfileIntW
MoveFileExW
FindFirstFileW
Sleep
ResumeThread
TerminateProcess
GetCurrentDirectoryA
CreateProcessW
GetCurrentDirectoryW
CreateThread
DeleteFileW
CreateEventA
VirtualFreeEx
WriteProcessMemory
VirtualAllocEx
OpenProcess
WaitForSingleObject
CreateRemoteThread
GetModuleHandleW
GetVersionExW
CreateDirectoryW
GetFileAttributesW
WideCharToMultiByte
ExitProcess
CloseHandle
GetLastError
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateFileW
GetTickCount
GetProcAddress
LoadLibraryW
FreeLibrary
SetUnhandledExceptionFilter
GetModuleFileNameW
MulDiv
MultiByteToWideChar
GetACP
ReadFile
GetFileSize
SetFilePointer
GetFileType
DuplicateHandle
SystemTimeToFileTime
DosDateTimeToFileTime
SetFileTime
WriteFile
InterlockedIncrement
InterlockedDecrement
GetLocalTime
GetSystemTimeAsFileTime
GetTimeZoneInformation
DecodePointer
EncodePointer
GetCommandLineW
HeapSetInformation
GetStartupInfoW
RaiseException
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
UnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DeleteCriticalSection
GetCPInfo
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
IsProcessorFeaturePresent
HeapSize
LCMapStringW
GetStringTypeW
WriteConsoleW
SetStdHandle
SetEndOfFile
GetProcessHeap
CompareStringW
SetEnvironmentVariableA

user32

GetParent
SendMessageW
LoadImageW
GetSystemMetrics
CallWindowProcW
GetPropW
SetPropW
PostMessageW
RegisterClassW
LoadCursorW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
GetKeyState
GetDC
InvalidateRect
SetTimer
KillTimer
SetCapture
ReleaseCapture
PtInRect
ReleaseDC
DestroyWindow
GetFocus
MapWindowPoints
IsRectEmpty
EndPaint
BeginPaint
GetUpdateRect
MonitorFromWindow
FillRect
InvalidateRgn
IntersectRect
CreateAcceleratorTableW
MoveWindow
OffsetRect
InflateRect
SetCursor
wvsprintfW
CharNextW
DrawTextW
CharPrevW
SetRect
CreateCaret
HideCaret
ShowCaret
SetCaretPos
ClientToScreen
GetSysColor
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
DefWindowProcW
GetMonitorInfoW
SetWindowPos
GetWindow
EnableWindow
GetMessageW
SetFocus
TranslateMessage
MessageBoxW
wsprintfW
GetSystemMenu
AppendMenuW
PostQuitMessage
ShowWindow
FindWindowA
DispatchMessageW
GetCursorPos
EndDialog
DialogBoxParamW
SetWindowRgn
GetWindowRect
GetClientRect
ScreenToClient
IsIconic
SetWindowLongW
GetWindowLongW
GetWindowThreadProcessId
IsWindow

gdi32

Rectangle
SetWindowOrgEx
DeleteDC
CreatePen
RestoreDC
BitBlt
SaveDC
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
SelectClipRgn
ExtSelectClipRgn
GetStockObject
GetObjectW
CreateFontIndirectW
GetTextMetricsW
DeleteObject
CreateRoundRectRgn
CreateRectRgnIndirect
GetClipBox
CombineRgn
StretchBlt
CreateDIBSection
SetStretchBltMode
ExtTextOutW
SetBkColor
CreateSolidBrush
LineTo
MoveToEx
CreatePenIndirect
RoundRect
SetTextColor
SetBkMode
TextOutW
GetTextExtentPoint32W
GetCharABCWidthsW
GetObjectA
SelectObject

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken

shell32

ShellExecuteW

ole32

CLSIDFromProgID
CoCreateInstance
OleLockRunning
CoUninitialize
CoInitialize
CLSIDFromString

ws2_32

inet_ntoa
gethostbyname

comctl32

_TrackMouseEvent
ord17

wininet

InternetReadFile
HttpQueryInfoW
InternetOpenUrlW
InternetCloseHandle
InternetOpenW

shell

?FourierTransformationStart@@YAXXZ
?FourierTransformationEnd@@YAXXZ

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

gdiplus

GdipCreateFromHDC
GdipSetTextRenderingHint
GdipDrawString
GdipCreateFontFromLogfontA
GdipCloneBrush
GdipCreateFontFromDC
GdipDeleteBrush
GdiplusShutdown
GdipFree
GdipAlloc
GdipCreateStringFormat
GdipDeleteStringFormat
GdipDeleteGraphics
GdipDeleteFont
GdiplusStartup
GdipCreateLineBrushI
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign

Sections

.text
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 416KB - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4e2d1e87df4aac66f7622187b8edff2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

ws2_32

comctl32

wininet

shell

oleaut32

gdiplus

Sections

.text Size: 304KB - Virtual size: 304KB

.rdata Size: 84KB - Virtual size: 84KB

.data Size: 21KB - Virtual size: 39KB

.rsrc Size: 416KB - Virtual size: 415KB

.reloc Size: 24KB - Virtual size: 24KB

.text
Size: 304KB - Virtual size: 304KB

.rdata
Size: 84KB - Virtual size: 84KB

.data
Size: 21KB - Virtual size: 39KB

.rsrc
Size: 416KB - Virtual size: 415KB

.reloc
Size: 24KB - Virtual size: 24KB