18aa1b79bbeee6a731b897377233d54b1b2464eeb9a25dafc0debfc43af8c04f

Sharing

Copy URL

Twitter E-mail

General

Target

18aa1b79bbeee6a731b897377233d54b1b2464eeb9a25dafc0debfc43af8c04f
Size

93KB
MD5

bc305b3260557f2be7f92cbbf9f82975
SHA1

d93b5a5e3f5b420b359517a216b81384b0a6f962
SHA256

18aa1b79bbeee6a731b897377233d54b1b2464eeb9a25dafc0debfc43af8c04f
SHA512

975f7d57f5ad9e7dbd18412ce4a677ab84f5dc563d9cb4ebca53d8dd391fd95a5e371f84207d77035e3ba2dd1369f1fb7e02ec0f21b28302523a19eea18c513e
SSDEEP

1536:XkFdl1tEKhPjzS6sgwXWDRP+NqaXhAGuF1BSDpWv:Xi3zsg0WDl+Nq+AZFv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18aa1b79bbeee6a731b897377233d54b1b2464eeb9a25dafc0debfc43af8c04f

Files

18aa1b79bbeee6a731b897377233d54b1b2464eeb9a25dafc0debfc43af8c04f
.exe windows:5 windows x86 arch:x86

9f086e1462541b6cd5c433d95d41b5a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemTextA
PostMessageA
DefFrameProcA
PeekMessageA
SetScrollRange
SendMessageW
GetClipboardSequenceNumber
wsprintfW
MessageBeep
DialogBoxParamW
GetWindowLongW
UnionRect

ole32

ReleaseStgMedium

gdi32

GetBkColor

crypt32

CertFreeCertificateContext

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringW
GetLocaleInfoA
MultiByteToWideChar
HeapSize
RtlUnwind
HeapReAlloc
VirtualAlloc
Sleep
GetOEMCP
LCMapStringA
GetModuleFileNameA
lstrlenW
TlsAlloc
SetSystemTimeAdjustment
GetTimeFormatA
GetProcessId
LocalAlloc
GetProcessIoCounters
UnhandledExceptionFilter
TerminateProcess
LockResource
lstrcpynW
FreeEnvironmentStringsW
ResetWriteWatch
GetCurrentProcessId
GetCommMask
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSection
GetCPInfo
GetACP

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/1031/MENU/300
.rsrc/1033/MANIFEST/1
.xml
.rsrc/1033/version.txt
.text

Sharing

General

Malware Config

Signatures

Files

9f086e1462541b6cd5c433d95d41b5a1

Headers

DLL Characteristics

File Characteristics

Imports

user32

ole32

gdi32

crypt32

kernel32

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 43KB - Virtual size: 61KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 43KB - Virtual size: 61KB

.rsrc
Size: 5KB - Virtual size: 4KB