262181dff0ba3c583400c970472512429da4bc69947ed66f461ba756cac45b04

Sharing

Copy URL

Twitter E-mail

General

Target

262181dff0ba3c583400c970472512429da4bc69947ed66f461ba756cac45b04
Size

2.0MB
MD5

8bbfd4e188bc3dd73e9f226361de329f
SHA1

13ea8ac2dcf59e143d95c9050f8ec1b7d3eb777f
SHA256

262181dff0ba3c583400c970472512429da4bc69947ed66f461ba756cac45b04
SHA512

bfe2fc248582fe191c99978dd53123e4a45bee1dda60967ee88e9eee42e31a039d687e684d43d9a176885b44223e932fc4f7542c5fa7b102bd5fe0d0c353b6f5
SSDEEP

49152:ZE4x8LTYEGoGymIlzp3GAeH8mfOGtXIu4/MWmnb7D2CzW5S:aXYEGg99mfttXI+p0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
262181dff0ba3c583400c970472512429da4bc69947ed66f461ba756cac45b04

Files

262181dff0ba3c583400c970472512429da4bc69947ed66f461ba756cac45b04
.exe windows:5 windows x86 arch:x86

ab5838fa620a4d9a05b1cf53ac4ed627

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\notepad4\notepad4\build\bin\Release\Win32\Notepad4.pdb

Imports

comctl32

InitCommonControlsEx
ImageList_GetIconSize
ord8
ImageList_Draw
ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon
ImageList_AddMasked
ord412
ord410
CreateStatusWindowW
ord413

shlwapi

StrCmpLogicalW
UrlUnescapeW
StrFormatByteSizeW
StrRetToBufW
StrStrW
StrCatBuffW
PathFindExtensionW
PathUnquoteSpacesW
PathIsUNCW
StrTrimW
SHAutoComplete
StrStrIW
PathRemoveFileSpecW
PathFindFileNameW
PathQuoteSpacesW
PathCombineW
PathRenameExtensionW
PathIsDirectoryW
StrRChrW
PathRemoveExtensionW
PathCompactPathExW
PathStripToRootW
PathGetDriveNumberW
PathCommonPrefixW
PathCanonicalizeW
PathIsRootW
PathUnExpandEnvStringsW
PathIsPrefixW
PathRelativePathToW
StrDupW
StrStrIA
StrDupA
UrlEscapeW
StrTrimA
PathMatchSpecW
PathIsRelativeW
PathAppendW
StrChrW

imm32

ImmEscapeW
ImmGetCompositionStringW
ImmSetCompositionWindow
ImmSetCompositionFontW
ImmReleaseContext
ImmSetCompositionStringW
ImmNotifyIME
ImmGetContext
ImmSetCandidateWindow

uxtheme

GetThemeSysFont
IsAppThemed
CloseThemeData
OpenThemeData
SetWindowTheme

kernel32

GetModuleHandleW
FreeLibrary
QueryPerformanceCounter
MulDiv
LoadLibraryExW
Sleep
GlobalSize
GlobalAlloc
GlobalLock
WideCharToMultiByte
GetTickCount
GlobalUnlock
HeapFree
lstrlenW
GetLocaleInfoW
lstrcatW
GetLocalTime
GetTimeFormatW
GetDateFormatW
WritePrivateProfileStringW
lstrcpynW
GetPrivateProfileIntW
GetModuleFileNameW
GetFileAttributesW
GetVersionExW
FormatMessageW
GlobalFree
GetNativeSystemInfo
HeapAlloc
GetCurrentDirectoryW
LocalFree
lstrcpyW
CompareStringW
ReadFile
GetFileSizeEx
IsDBCSLeadByteEx
GetFullPathNameW
WriteFile
SetEndOfFile
LocalAlloc
CreateFileW
GetACP
HeapSize
GetPrivateProfileStringW
GetTimeZoneInformation
QueryPerformanceFrequency
GlobalMemoryStatusEx
GetOEMCP
IsValidCodePage
SizeofResource
InterlockedExchange
GetCurrentProcess
GetPrivateProfileSectionW
GetPrivateProfileSectionNamesW
FreeResource
GetFileInformationByHandle
LockResource
ResetEvent
LoadResource
FindResourceW
GetWindowsDirectoryW
WritePrivateProfileSectionW
GetCommandLineW
GetLongPathNameW
SetErrorMode
FindFirstChangeNotificationW
GetVersion
SetFileAttributesW
GetFileAttributesExW
FindCloseChangeNotification
DeleteFileW
FindNextChangeNotification
SetCurrentDirectoryW
GetCurrentProcessId
GetProcessHeap
CreateProcessW
GetSystemTimeAsFileTime
GetSystemTime
CloseHandle
WaitForSingleObject
CreateWaitableTimerW
SetWaitableTimer
LCMapStringW
GetUserDefaultLCID
MultiByteToWideChar
GetStringTypeExW
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentThreadId
GetProcAddress
InterlockedCompareExchange
ExpandEnvironmentStringsW
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
DeleteCriticalSection
GetCurrentThread
SetEvent
CreateEventW
QueueUserWorkItem
GetLastError
SetThreadPriority
InitializeSListHead
TerminateProcess
RtlUnwind
RaiseException
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
GetModuleHandleExW
GetStdHandle
GetStringTypeW
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
HeapReAlloc
SetFilePointerEx
WriteConsoleW
CreateThread
DecodePointer

user32

GetMenu
FindWindowExW
GetWindow
GetSystemMenu
DeferWindowPos
DrawAnimatedRects
IsIconic
RegisterWindowMessageW
EnableMenuItem
PostQuitMessage
IsZoomed
CheckMenuItem
TrackPopupMenuEx
FindWindowW
TranslateAcceleratorW
IntersectRect
EnumWindows
SetMenu
GetForegroundWindow
SetMenuDefaultItem
CountClipboardFormats
SetWindowPlacement
ChangeClipboardChain
DestroyIcon
IsDialogMessageW
OffsetRect
IsWindow
GetSubMenu
LoadAcceleratorsW
GetWindowPlacement
ShowOwnedPopups
SetClipboardViewer
EqualRect
IsWindowVisible
InsertMenuItemW
CheckMenuRadioItem
MapVirtualKeyW
ShowWindowAsync
LoadMenuW
GetMessageW
GetMessagePos
GetMenuItemInfoW
SetActiveWindow
OpenClipboard
SetTimer
GetKeyboardLayoutNameW
GetDlgCtrlID
CloseClipboard
EmptyClipboard
IsChild
CreateCaret
ValidateRect
TrackMouseEvent
GetKeyboardLayout
DispatchMessageW
SetFocus
GetClipboardData
DestroyCaret
SetClipboardData
IsClipboardFormatAvailable
GetCaretBlinkTime
ShowCaret
KillTimer
PtInRect
GetWindowLongW
DefWindowProcW
AdjustWindowRectEx
MonitorFromPoint
GetWindowRect
DestroyWindow
InflateRect
GetDC
SetWindowPos
CopyImage
MonitorFromRect
MonitorFromWindow
FillRect
CreateWindowExW
GetIconInfo
SendMessageW
GetSystemMetrics
UnregisterClassW
CreatePopupMenu
RegisterClassExW
DestroyCursor
TrackPopupMenu
ShowWindow
DrawTextA
GetMonitorInfoW
CreateIconIndirect
ClientToScreen
MapWindowPoints
GetDoubleClickTime
FrameRect
GetSysColor
DestroyMenu
LoadCursorW
SetCapture
SetCursor
SetWindowLongW
GetClientRect
DrawTextW
SystemParametersInfoW
GetParent
ReleaseCapture
LoadImageW
InvalidateRect
ReleaseDC
GetCursorPos
BeginPaint
EndPaint
RedrawWindow
PeekMessageW
DialogBoxIndirectParamW
SetLayeredWindowAttributes
GetMenuStringW
TranslateMessage
GetClassNameW
InsertMenuW
SetRect
CreateDialogIndirectParamW
SetForegroundWindow
GetNextDlgTabItem
IsCharLowerW
CharUpperW
CharLowerW
GetFocus
GetCapture
GetComboBoxInfo
ChildWindowFromPoint
IsCharUpperW
GetWindowTextW
GetWindowTextLengthW
CheckRadioButton
GetPropW
MessageBoxExW
EndDialog
RemovePropW
SetWindowTextW
MessageBeep
GetActiveWindow
BeginDeferWindowPos
wvsprintfW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
IsWindowEnabled
IsDlgButtonChecked
IsCharAlphaNumericW
SetPropW
LoadIconW
EndDeferWindowPos
GetDlgItemInt
CheckDlgButton
GetSysColorBrush
SetDlgItemInt
EnableWindow
LoadStringW
SendDlgItemMessageW
wsprintfW
GetDlgItem
UpdateWindow
SetCursorPos
SetScrollInfo
SetCaretPos
GetKeyState
GetUpdateRgn
PostMessageW
HideCaret
ScreenToClient
NotifyWinEvent
GetScrollInfo
GetMessageTime
MsgWaitForMultipleObjects
RegisterClipboardFormatW

gdi32

DeleteDC
CreatePatternBrush
GetTextMetricsW
GetDeviceCaps
GetTextExtentExPointA
Polyline
GetStockObject
StretchBlt
GdiAlphaBlend
MoveToEx
CreateCompatibleDC
GetTextExtentPoint32A
CreateDIBSection
SelectObject
ExtTextOutA
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CombineRgn
CreateBitmap
CreateRectRgn
CreateRectRgnIndirect
EndPage
DPtoLP
StartDocW
CreateFontW
EndDoc
StartPage
TranslateCharsetInfo
SetMapMode
EnumFontFamiliesExW
SetTextColor
SetBkMode
LineTo
CreatePen
ExtCreatePen
GetObjectW
SaveDC
SetBkColor
Ellipse
RestoreDC
DeleteObject
CreateSolidBrush
CreateFontIndirectW
SetTextAlign
RoundRect
ExtTextOutW
Polygon
GetTextExtentExPointW
IntersectClipRect

comdlg32

ChooseFontW
GetSaveFileNameW
GetOpenFileNameW
PageSetupDlgW
PrintDlgW
ChooseColorW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
IsTextUnicode
GetTokenInformation
OpenProcessToken
RegSetValueExW
RegDeleteKeyW

shell32

SHGetPathFromIDListW
SHGetDataFromIDListW
SHGetDesktopFolder
ord180
SHAppBarMessage
SHOpenFolderAndSelectItems
ShellExecuteExW
ord190
DragQueryFileW
Shell_NotifyIconW
SHCreateDirectoryExW
DragAcceptFiles
DragFinish
SHAddToRecentDocs
ShellExecuteW
SHBrowseForFolderW
SHGetFileInfoW
SHGetFolderPathW

ole32

OleUninitialize
CoCreateGuid
OleInitialize
CoTaskMemFree
RevokeDragDrop
RegisterDragDrop
DoDragDrop
ReleaseStgMedium
CLSIDFromProgID
CoCreateInstance
CoTaskMemAlloc

oleaut32

SysAllocStringLen
SysFreeString

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 645KB - Virtual size: 644KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab5838fa620a4d9a05b1cf53ac4ed627

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

shlwapi

imm32

uxtheme

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 645KB - Virtual size: 644KB

.data Size: 44KB - Virtual size: 124KB

.rsrc Size: 106KB - Virtual size: 106KB

.reloc Size: 52KB - Virtual size: 52KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 645KB - Virtual size: 644KB

.data
Size: 44KB - Virtual size: 124KB

.rsrc
Size: 106KB - Virtual size: 106KB

.reloc
Size: 52KB - Virtual size: 52KB