18b4dc8f1c1a3225485eb6bb056cf2ff1e2c90c1a91375981725297e018a543d

Sharing

Copy URL Twitter E-mail

General

Target

18b4dc8f1c1a3225485eb6bb056cf2ff1e2c90c1a91375981725297e018a543d
Size

1020KB
MD5

aa422122866f16fddf1db5d84745f064
SHA1

0484193f9106cabfa9a37ab5a0f1cb4c570b54d8
SHA256

18b4dc8f1c1a3225485eb6bb056cf2ff1e2c90c1a91375981725297e018a543d
SHA512

f2a3f15adc23ec0f1bb578710eccd92badc036b0d9775c2f2c292e84949981a12eaa65f53ae4601c485233128a602b27dbf20f99305aaa62b823c4f805370ac6
SSDEEP

24576:qxkkAybuMyeL3+FtujLf4QK6AiGTxB5yCdfZeQXvAUFN4:2k5ojrkTxv5aQXvLY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18b4dc8f1c1a3225485eb6bb056cf2ff1e2c90c1a91375981725297e018a543d

Files

18b4dc8f1c1a3225485eb6bb056cf2ff1e2c90c1a91375981725297e018a543d
.exe windows:5 windows x86 arch:x86

9d7d1690234e93166f5b6a165fb24ee0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
lstrcpyW
FindFirstFileW
lstrcmpiW
DeleteFileW
FindNextFileW
FindClose
RemoveDirectoryW
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
WriteFile
Module32FirstW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
lstrlenW
GetModuleHandleW
GetProcAddress
GetCurrentProcess
FindResourceExW
CreateMutexW
GetLastError
GetCommandLineW
ReleaseMutex
OpenProcess
WaitForSingleObject
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
TerminateProcess
InterlockedExchange
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
RaiseException
InitializeCriticalSectionAndSpinCount
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetACP
ExitProcess
LoadLibraryW
GetCurrentDirectoryW
GetTickCount
GetFileSize
ReadFile
DosDateTimeToFileTime
SetFilePointer
SystemTimeToFileTime
GetFileType
DuplicateHandle
MulDiv
GetLocalTime
RtlUnwind
ExitThread
GetCurrentThreadId
CreateThread
GetCommandLineA
HeapSetInformation
GetStartupInfoW
LCMapStringW
GetCPInfo
IsProcessorFeaturePresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
GetLocaleInfoW
HeapCreate
GetOEMCP
IsValidCodePage
SetHandleCount
GetConsoleCP
GetConsoleMode
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
FlushFileBuffers
WriteConsoleW
SetEndOfFile
GetModuleFileNameW
GetTempPathW
CreateProcessW
CloseHandle
GetUserDefaultUILanguage
FindResourceW
SizeofResource
LoadResource
LockResource
FreeResource

user32

IsZoomed
MessageBoxW
SetWindowRgn
GetKeyState
DestroyWindow
ReleaseDC
GetDC
GetUpdateRect
BeginPaint
EndPaint
IsRectEmpty
UpdateLayeredWindow
InvalidateRect
MapWindowPoints
GetCursorPos
GetFocus
SetTimer
KillTimer
SetCapture
ReleaseCapture
PtInRect
IntersectRect
CharNextW
MoveWindow
CreateCaret
ShowCaret
HideCaret
SetCaretPos
IsIconic
GetSystemMetrics
DrawTextW
SetPropW
SetRect
CharPrevW
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
InvalidateRgn
CreateAcceleratorTableW
DrawIconEx
EnableWindow
GetWindow
IsWindow
SetWindowLongW
CreateWindowExW
DefWindowProcW
LoadCursorW
SetCursor
InflateRect
OffsetRect
LoadImageW
SetWindowPos
MonitorFromWindow
GetMonitorInfoW
GetParent
PostQuitMessage
GetClientRect
ClientToScreen
GetPropW
ScreenToClient
GetWindowRect
DispatchMessageW
TranslateMessage
SetFocus
CallWindowProcW
GetWindowLongW
RegisterClassExW
GetClassInfoExW
RegisterClassW
FillRect
SendMessageW
ShowWindow
PostMessageW
GetSysColor
GetMessageW

advapi32

RegSetValueW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegOpenKeyW
RegDeleteKeyW

shell32

CommandLineToArgvW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
ShellExecuteW
SHChangeNotify

ole32

CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitialize
CLSIDFromString
CLSIDFromProgID
OleLockRunning

shlwapi

SHDeleteKeyW
PathIsDirectoryEmptyW
PathFileExistsW

wininet

InternetOpenW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW

msimg32

AlphaBlend

gdi32

RestoreDC
Rectangle
SetWindowOrgEx
GetTextMetricsW
GetDeviceCaps
SelectClipRgn
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
CombineRgn
CreateDIBSection
BitBlt
SetTextColor
SetBkColor
SetBkMode
SetStretchBltMode
ExtTextOutW
CreateSolidBrush
CreatePenIndirect
MoveToEx
LineTo
RoundRect
GetCharABCWidthsW
DeleteObject
SaveDC
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
CreatePen
CreateFontIndirectW
GetStockObject
GetObjectW
StretchBlt
CreateRoundRectRgn
GetObjectA
TextOutW
GetTextExtentPoint32W

oleaut32

VariantClear
SysAllocString
VariantInit
SysFreeString

comctl32

ord17
_TrackMouseEvent

gdiplus

GdipCloneBrush
GdipAlloc
GdipDrawString
GdiplusStartup
GdiplusShutdown
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetTextRenderingHint
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipCreateLineBrushI
GdipDeleteBrush
GdipFree

Sections

.text
Size: 511KB - Virtual size: 511KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 397KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9d7d1690234e93166f5b6a165fb24ee0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

wininet

msimg32

gdi32

oleaut32

comctl32

gdiplus

Sections

.text Size: 511KB - Virtual size: 511KB

.rdata Size: 92KB - Virtual size: 92KB

.data Size: 12KB - Virtual size: 31KB

.rsrc Size: 397KB - Virtual size: 400KB

.text
Size: 511KB - Virtual size: 511KB

.rdata
Size: 92KB - Virtual size: 92KB

.data
Size: 12KB - Virtual size: 31KB

.rsrc
Size: 397KB - Virtual size: 400KB