1fd6872c826e4e2057f9387df65e440b3d59ce1bbf16d6d3b8b473927bf23d9d

Sharing

Copy URL Twitter E-mail

General

Target

1fd6872c826e4e2057f9387df65e440b3d59ce1bbf16d6d3b8b473927bf23d9d
Size

4.3MB
MD5

15ef640d3b8d7e9a8f725d5a2cf25ec9
SHA1

f48b84a91e90ad96f652e777c05e41157eb0c666
SHA256

1fd6872c826e4e2057f9387df65e440b3d59ce1bbf16d6d3b8b473927bf23d9d
SHA512

60e768fab0b5cafafe25a26c145e6ee4a486757dc799166051ae92eb9bcd23c45b80e2626ff2333d9a3b09576a956381616079f15444019d092282b268b28c31
SSDEEP

98304:tDM5q6h1+2rYc2M9bWxFQtpfYHwRR9PGqQjpQVBc51/lM1rEzwhhPea:Cr1TWxG79PGqQjiVBqluYQh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1fd6872c826e4e2057f9387df65e440b3d59ce1bbf16d6d3b8b473927bf23d9d

Files

1fd6872c826e4e2057f9387df65e440b3d59ce1bbf16d6d3b8b473927bf23d9d
.exe windows:6 windows x86 arch:x86

f275c12cdce7bfa9047d2a5764c32db8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleW
SetFilePointerEx
OutputDebugStringW
GetDateFormatW
GetTimeFormatW
SetConsoleCtrlHandler
IsValidLocale
EnumSystemLocalesW
WriteConsoleW
SetEnvironmentVariableA
FatalAppExitA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
CreateSemaphoreW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetStdHandle
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
VirtualQuery
VirtualAlloc
HeapReAlloc
GetSystemInfo
HeapQueryInformation
AreFileApisANSI
GetModuleHandleExW
ExitProcess
ExitThread
GetConsoleMode
RtlUnwind
IsProcessorFeaturePresent
IsDebuggerPresent
GetCommandLineW
LocalUnlock
LocalLock
FindResourceExW
VirtualProtect
SearchPathW
Sleep
GetTempPathW
VerifyVersionInfoW
VerSetConditionMask
GetProfileIntW
lstrcpyW
GetWindowsDirectoryW
GetTickCount
SetErrorMode
SetFileAttributesW
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
GetStringTypeExW
MoveFileW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetFileSize
FlushFileBuffers
GetConsoleCP
GetTimeZoneInformation
CreateThread
GetStringTypeW
FindFirstFileW
FindClose
CreateFileW
DeleteFileW
GetCurrentDirectoryW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetThreadLocale
FileTimeToSystemTime
GetAtomNameW
GlobalFlags
GetUserDefaultLCID
SystemTimeToFileTime
ReplaceFileW
SetFileTime
GetTempFileNameW
GetFullPathNameW
GetFileTime
GetFileAttributesW
GetDiskFreeSpaceW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CompareStringA
GetVersionExW
GetCurrentThread
GlobalFindAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
EncodePointer
GlobalGetAtomNameW
GlobalAddAtomW
lstrcmpA
CopyFileW
FormatMessageW
LocalFree
GlobalFree
GlobalSize
GlobalAlloc
ResumeThread
SuspendThread
SetThreadPriority
GetCurrentThreadId
CreateEventW
WaitForSingleObject
SetEvent
CloseHandle
MulDiv
GlobalUnlock
GlobalLock
GetCurrentProcessId
FreeResource
WideCharToMultiByte
LoadLibraryW
LoadLibraryA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
SetLastError
OutputDebugStringA
GetCurrencyFormatW
DeleteCriticalSection
DecodePointer
LockResource
HeapSize
GetLastError
RaiseException
InitializeCriticalSectionEx
MultiByteToWideChar
HeapDestroy
SizeofResource
GetProcessHeap
HeapFree
HeapAlloc
LoadResource
FindResourceW
LCMapStringW

user32

GetUpdateRect
SubtractRect
GetWindowRgn
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
SendNotifyMessageW
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
GetIconInfo
DrawIconEx
DrawFocusRect
IsClipboardFormatAvailable
WaitMessage
GetMenuDefaultItem
RegisterClipboardFormatW
PostThreadMessageW
WindowFromDC
InSendMessage
GetTabbedTextExtentW
SetWindowRgn
DrawIcon
GetDialogBaseUnits
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
CharNextW
CharUpperW
LockWindowUpdate
GetDCEx
SetCapture
SendDlgItemMessageA
CopyImage
UnionRect
RealChildWindowFromPoint
DestroyCursor
LoadCursorW
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
IsZoomed
WindowFromPoint
KillTimer
SetTimer
SetParent
IsRectEmpty
DeleteMenu
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetMonitorInfoW
MonitorFromWindow
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongW
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
EnumChildWindows
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenuEx
TrackPopupMenu
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
WinHelpW
LoadImageW
DestroyIcon
LoadIconW
GetWindow
GetClassNameW
GetDesktopWindow
EqualRect
OffsetRect
SetCursor
SetActiveWindow
InsertMenuItemW
SetMenu
GetMenu
LoadMenuW
TranslateAcceleratorW
LoadAcceleratorsW
ReleaseCapture
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
BringWindowToTop
IsIconic
SetWindowPos
ShowWindow
GetClassInfoW
PostMessageW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
GetMenuItemInfoW
DestroyMenu
RemoveMenu
InsertMenuW
GetMenuStringW
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
UnhookWindowsHookEx
FrameRect
CharUpperBuffW
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
SetClassLongW
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
IntersectRect
InflateRect
ScreenToClient
EndPaint
GetComboBoxInfo
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
IsMenu
DrawFrameControl
RemovePropW
DrawEdge
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongW
MessageBoxW
IsWindowEnabled
SetWindowLongW
PtInRect
SetRectEmpty
GetWindowRect
InvalidateRect
GetClientRect
MapVirtualKeyW
GetKeyNameTextW
IsWindow
SendMessageW
ClientToScreen
UpdateWindow
EnableWindow
GetSystemMenu
FillRect
GetMenuItemID
UnregisterClassW
GetSubMenu
CreateMenu
ModifyMenuW
GetDC
SetRect
AppendMenuW
SystemParametersInfoW
ReleaseDC
GetMenuState
GetSysColor
CreatePopupMenu
GetSysColorBrush
LoadBitmapW
GetMenuItemCount
GetSystemMetrics
CopyRect
GetDlgItemTextW

gdi32

SetArcDirection
ExtCreatePen
MoveToEx
TextOutW
ExtTextOutW
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
CopyMetaFileW
CreateDCW
GetTextExtentPoint32W
GetBkColor
GetTextMetricsW
GetViewportOrgEx
Rectangle
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetTextColor
GetRgnBox
CreateEllipticRgn
Ellipse
LPtoDP
GetROP2
GetNearestColor
SelectClipPath
GetStretchBltMode
GetTextAlign
GetWindowOrgEx
GetTextFaceW
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetDIBits
StretchBlt
SetDIBColorTable
CreatePolygonRgn
Polygon
Polyline
EnumFontFamiliesExW
OffsetRgn
CreateRoundRectRgn
GetCurrentObject
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
SetGraphicsMode
SetMapperFlags
SetBkMode
SetBkColor
PolyDraw
ArcTo
StartDocW
SetColorAdjustment
SetMapMode
ModifyWorldTransform
SetWorldTransform
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
SetTextAlign
SetTextColor
SetTextCharacterExtra
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
GetPolyFillMode
CreateSolidBrush
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetDeviceCaps
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
CreateDIBPatternBrushPt
CreateBitmap
GetObjectW
StretchDIBits
GetCharWidthW
CreateFontW
CreateCompatibleBitmap
PatBlt
CreateRectRgnIndirect
BitBlt
GetBkMode
DeleteDC
CreateDIBSection
CreateFontIndirectW
SetPixel
DeleteObject
SelectObject
CreateCompatibleDC
CreatePen
SetLayout

msimg32

AlphaBlend
TransparentBlt

winspool.drv

GetJobW
ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyW
RegSetValueW
RegOpenKeyExW
RegEnumKeyExW
RegEnumValueW
SetFileSecurityW
GetFileSecurityW
RegQueryValueW
RegCloseKey
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW

shell32

SHBrowseForFolderW
DragFinish
SHAddToRecentDocs
ExtractIconW
SHGetFileInfoW
ShellExecuteW
SHGetPathFromIDListW
ShellExecuteExW
SHAppBarMessage
DragQueryFileW
SHGetMalloc
SHGetDesktopFolder
SHGetSpecialFolderLocation

comctl32

ImageList_AddMasked
ImageList_Draw
ImageList_SetBkColor

shlwapi

PathFindFileNameW
PathRemoveExtensionW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
PathFindExtensionW
StrFormatKBSizeW

uxtheme

OpenThemeData
GetWindowTheme
GetThemeSysColor
GetCurrentThemeName
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
GetThemeColor
DrawThemeText
CloseThemeData
GetThemePartSize
IsAppThemed

ole32

OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleRegEnumVerbs
OleRegGetMiscStatus
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
StringFromGUID2
PropVariantCopy
CLSIDFromProgID
CLSIDFromString
OleGetIconOfClass
CoCreateInstance
CoCreateGuid
CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
IsAccelerator
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
CreateBindCtx
CoTreatAsClass
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleLockRunning
OleSetContainedObject
OleSaveToStream
OleSave
OleLoad
OleCreateFromFile
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleCreate
WriteClassStm
CreateItemMoniker
CreateGenericComposite
OleUninitialize
OleInitialize
RevokeDragDrop
RegisterDragDrop
DoDragDrop
OleSetMenuDescriptor
OleQueryCreateFromData
OleQueryLinkFromData
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
CoGetMalloc
CreateOleAdviseHolder
CreateDataAdviseHolder
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
OleGetClipboard
OleIsRunning
GetRunningObjectTable
CreateFileMoniker
CoLockObjectExternal
ReadFmtUserTypeStg
GetHGlobalFromILockBytes
CoFreeUnusedLibraries
OleRun
CoInitialize
CoInitializeEx

oleaut32

SysFreeString
OleCreateFontIndirect
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
VarDecFromStr
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VariantCopy
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysReAllocStringLen
SysAllocString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SafeArrayGetElemsize

oledlg

OleUIBusyW

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 531KB - Virtual size: 531KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f275c12cdce7bfa9047d2a5764c32db8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 531KB - Virtual size: 531KB

.data Size: 35KB - Virtual size: 65KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.reloc Size: 174KB - Virtual size: 174KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 531KB - Virtual size: 531KB

.data
Size: 35KB - Virtual size: 65KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.reloc
Size: 174KB - Virtual size: 174KB