66178dfc32e0e5f2ea4fdb51e6e8c570N

Sharing

Copy URL

Twitter E-mail

General

Target

66178dfc32e0e5f2ea4fdb51e6e8c570N
Size

1.8MB
MD5

66178dfc32e0e5f2ea4fdb51e6e8c570
SHA1

9edc3283c0d4b3d1780b1c342a44fa3f71d4ba81
SHA256

4c5215cb1e7004c5290f42940f4b957e8041f4f845f7f87a2a07993637472b5e
SHA512

96ab039c270d16f5509f61876f6b8ef63d47ea84b494f8bc7fb66ebdd4c76e0efea8484f8f5838ccb778a8613f33382dfc9fd7ec5b82a551360edf1477b32fa8
SSDEEP

24576:XDnooP44SRoz2cFUdXOkepCFH/2QTwdQtGouspBpBgFzGwEa/a7aDGdifWhYmLrU:jCRA2cKdMmG+puGwEmaEGd1hYmc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66178dfc32e0e5f2ea4fdb51e6e8c570N

Files

66178dfc32e0e5f2ea4fdb51e6e8c570N
.exe windows:5 windows x86 arch:x86

2c7c0f6e477a2860f14f2bc13171e272

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\IPMsg_it\Obj\Release\IPMsg.pdb

Imports

comctl32

ImageList_Destroy
ImageList_SetOverlayImage
ord17
ImageList_Create
ImageList_Add
ImageList_AddMasked
CreateStatusWindowW
CreateToolbarEx

imm32

ImmSetOpenStatus
ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

ws2_32

recvfrom
ioctlsocket
connect
socket
WSAStartup
setsockopt
gethostname
sendto
WSAAsyncSelect
listen
bind
accept
WSACleanup
getaddrinfo
freeaddrinfo
closesocket
select
send
recv
htons
WSAStringToAddressA
WSAAddressToStringA
htonl
WSAGetLastError
ntohl

shlwapi

SHStrDupW

iphlpapi

GetAdaptersAddresses

crypt32

CryptUnprotectData
CryptProtectData
CryptBinaryToStringA
CryptStringToBinaryA

kernel32

SetFileAttributesW
MultiByteToWideChar
GetFileInformationByHandle
GetCurrentDirectoryW
GetWindowsDirectoryW
SetCurrentDirectoryW
WideCharToMultiByte
GetDriveTypeW
SetThreadLocale
VirtualProtect
EnterCriticalSection
VirtualFree
ExpandEnvironmentStringsW
InterlockedCompareExchange
OutputDebugStringA
VirtualAlloc
LeaveCriticalSection
InitializeCriticalSection
GetModuleHandleA
GetVersion
OutputDebugStringW
CreateFileA
SetEvent
GetVersionExA
IsDBCSLeadByte
DeleteCriticalSection
IsBadReadPtr
CreateEventA
SetUnhandledExceptionFilter
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
HeapFree
GetDiskFreeSpaceW
LockFile
GetFullPathNameA
SetPriorityClass
UnlockFileEx
GetTempPathW
CreateMutexW
GetCurrentThreadId
GetVersionExW
HeapValidate
HeapSize
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
FlushViewOfFile
WaitForSingleObjectEx
DeleteFileA
HeapReAlloc
GetSystemInfo
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
LockFileEx
GetCurrentProcessId
GetProcessHeap
GetSystemTimeAsFileTime
FormatMessageA
CreateFileMappingW
QueryPerformanceCounter
FlushFileBuffers
FindNextFileW
RtlUnwind
RaiseException
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
GetLocaleInfoW
LCMapStringW
FindFirstFileW
GetCPInfo
DecodePointer
EncodePointer
GetStringTypeW
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
GetModuleHandleW
CreateEventW
ResetEvent
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
SetSystemPowerState
ResumeThread
SuspendThread
SetFileTime
LocalFree
GetComputerNameW
GetSystemTime
SystemTimeToFileTime
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryW
Sleep
FindClose
GetModuleFileNameW
ReadFile
SetFilePointer
GetFileTime
GetFileSizeEx
MapViewOfFile
GetFileSize
CreateFileMappingA
UnmapViewOfFile
GetFileAttributesW
CreateFileW
MulDiv
GetTickCount
DeleteFileW
GetLastError
ExitProcess
LoadLibraryA
ReleaseMutex
WaitForSingleObject
CreateMutexA
GetCommandLineW
GlobalUnlock
GlobalLock
CloseHandle
GlobalFree
GlobalAlloc
WriteFile
GetLocalTime
GetThreadLocale
CreateThread
GetFullPathNameW
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetStdHandle
GetACP
GetFileType
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
FindFirstFileExA
FindNextFileA
WriteConsoleW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
CreateDirectoryW
GetDriveTypeA
GetSystemDefaultLCID
CompareStringW
GetCurrentProcess
SetEndOfFile

user32

DefWindowProcW
GetWindowTextLengthW
GetWindowThreadProcessId
DialogBoxParamW
IsDialogMessageA
EndDialog
CreateDialogParamW
DispatchMessageA
RegisterClassW
DefWindowProcA
TranslateMessage
PeekMessageA
LoadStringA
CreateWindowExW
LoadStringW
GetMenuStringW
FindWindowW
IntersectRect
AnimateWindow
SetDlgItemTextW
SendDlgItemMessageA
GetClientRect
GetDlgItem
GetWindowRect
CopyImage
ExitWindowsEx
DeferWindowPos
GetSystemMenu
IsWindowVisible
HideCaret
InvalidateRgn
BeginDeferWindowPos
IsWindowEnabled
EndDeferWindowPos
UnregisterHotKey
MonitorFromPoint
MonitorFromWindow
RegisterHotKey
GetMonitorInfoA
EnumClipboardFormats
GetMessagePos
CallWindowProcW
SendMessageW
GetWindowPlacement
SetWindowPlacement
DestroyWindow
EnableWindow
GetMenuItemCount
SetWindowWord
ShowWindow
IsWindow
GetAsyncKeyState
TranslateAcceleratorA
DestroyIcon
LockWorkStation
GetForegroundWindow
SystemParametersInfoA
PostQuitMessage
CreateMenu
InvalidateRect
LoadImageA
GetWindow
CreateWindowExA
CheckMenuItem
FrameRect
ModifyMenuW
LoadMenuA
DeleteMenu
ScreenToClient
CreatePopupMenu
TrackPopupMenu
GetSubMenu
LoadBitmapA
DestroyMenu
InsertMenuW
SetCursor
AppendMenuW
EnableMenuItem
PtInRect
SetForegroundWindow
SetScrollInfo
GetKeyState
SetWindowPos
SetActiveWindow
SetWindowTextW
GetScrollInfo
GetDlgItemTextA
SetTimer
GetMonitorInfoW
SetWindowLongA
GetMessageA
GetWindowTextA
GetWindowLongA
SetWindowTextA
AttachThreadInput
GetDlgItemTextW
GetWindowWord
SendDlgItemMessageW
MoveWindow
IsDlgButtonChecked
MessageBeep
PostMessageW
MessageBoxW
IsIconic
LoadAcceleratorsA
GetSystemMetrics
PostMessageA
EndPaint
BeginPaint
GetCursorPos
ReleaseDC
GetDesktopWindow
BringWindowToTop
SetDlgItemTextA
GetDlgItemInt
SetWindowLongW
CheckDlgButton
SetDlgItemInt
GetWindowTextW
GetSysColor
DrawTextW
SetClassLongA
SetClipboardData
SendMessageA
SetFocus
EmptyClipboard
CloseClipboard
ClientToScreen
OpenClipboard
GetDC
InflateRect
LoadCursorA
LoadIconA
MessageBoxA
RegisterWindowMessageA
ReleaseCapture
GetParent
KillTimer
SetCapture
GetClipboardData
GetFocus
UpdateWindow

gdi32

GetTextExtentExPointW
EnumFontFamiliesExW
PatBlt
GetTextExtentExPointA
Rectangle
CreateBrushIndirect
GetDeviceCaps
GetTextMetricsA
DPtoLP
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
GetStockObject
CreateRectRgn
DeleteDC
GetTextExtentPoint32W
SetTextColor
SetBkMode
LineTo
CreatePen
SelectClipRgn
MoveToEx
CreateSolidBrush
ExtSelectClipRgn
RoundRect
GetObjectA
CreateFontIndirectA
SelectObject
DeleteObject

comdlg32

GetSaveFileNameW
GetOpenFileNameW
ChooseFontA

advapi32

CryptImportKey
CryptDestroyKey
CryptHashData
CryptCreateHash
CryptExportKey
CryptDestroyHash
GetUserNameW
RegSetValueExW
LsaFreeMemory
LsaQueryInformationPolicy
LsaOpenPolicy
LsaClose
CryptGetHashParam
RegCloseKey
RegQueryValueExA
RegDeleteKeyW
RegQueryValueW
RegCreateKeyExW
RegQueryValueA
RegEnumKeyExW
CryptGenKey
RegSetValueExA
RegOpenKeyExW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CryptGetUserKey
CryptAcquireContextA
CryptReleaseContext
CryptVerifySignatureA
CryptEncrypt
CryptGenRandom
CryptSignHashA
CryptDecrypt

shell32

ord190
ord155
SHOpenFolderAndSelectItems
ShellExecuteExW
DragQueryFileW
DragFinish
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteA
SHGetMalloc
ExtractIconW
Shell_NotifyIconW
ShellExecuteW
ord680
DragAcceptFiles

ole32

CreateStreamOnHGlobal
ReleaseStgMedium
OleSetContainedObject
OleDuplicateData
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleCreateStaticFromData
PropVariantClear
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

VariantInit
SysFreeString
SysAllocString
VariantClear

msimg32

TransparentBlt
AlphaBlend

gdiplus

GdipSaveImageToStream
GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipDeleteBrush
GdipAlloc
GdipCreateBitmapFromStream
GdipCloneImage
GdipCreateBitmapFromFile
GdipCreatePen1
GdipDeletePen
GdipGetImageWidth
GdipDeleteGraphics
GdipFillRectangleI
GdipCreateFromHDC
GdipCreateSolidFill
GdipGetDC
GdipDrawImageRectI
GdiplusStartup
GdipLoadImageFromFile
GdipGetImageHeight
GdipDrawRectangleI
GdipFree

winmm

PlaySoundW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c7c0f6e477a2860f14f2bc13171e272

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

imm32

ws2_32

shlwapi

iphlpapi

crypt32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

msimg32

gdiplus

winmm

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 165KB - Virtual size: 165KB

.data Size: 52KB - Virtual size: 85KB

.gfids Size: 1024B - Virtual size: 536B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 213KB - Virtual size: 212KB

.reloc Size: 51KB - Virtual size: 50KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 165KB - Virtual size: 165KB

.data
Size: 52KB - Virtual size: 85KB

.gfids
Size: 1024B - Virtual size: 536B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 213KB - Virtual size: 212KB

.reloc
Size: 51KB - Virtual size: 50KB