2d18fa1b8ebf5e6ccbe467604f5353ae3c63b1d29dc0e9773d110a6d142cff42

Sharing

Copy URL Twitter E-mail

General

Target

2d18fa1b8ebf5e6ccbe467604f5353ae3c63b1d29dc0e9773d110a6d142cff42
Size

1.7MB
MD5

0794bc4f27bc79aa6122860d9ebb0d75
SHA1

82ea4df607b64e9842de26cd2b9f65175a27be10
SHA256

2d18fa1b8ebf5e6ccbe467604f5353ae3c63b1d29dc0e9773d110a6d142cff42
SHA512

2ea8c3005212eb29fdd9139a62e54dad3857063c9eb4b6ae8d6250aa09f255821b6054f531685e620a44b25307d76610056bf569f0e43c5e500f650dc0e8bfe0
SSDEEP

12288:uKvkE4rg/ol2lS1zje1lODk2vtPNJZ7D9p5zuldXnXf3auHbGqndVFbkV:uKvktQlS1OIDVv7DxAZquHPH9k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d18fa1b8ebf5e6ccbe467604f5353ae3c63b1d29dc0e9773d110a6d142cff42

Files

2d18fa1b8ebf5e6ccbe467604f5353ae3c63b1d29dc0e9773d110a6d142cff42
.exe windows:4 windows x86 arch:x86

0f7ac5493acb33ba652cd61e27bc6b5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA
mciSendStringA

version

VerInstallFileA
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

ole32

CoInitialize
CoCreateInstance

dunzip32

dunzip

kernel32

RtlUnwind
GetTimeZoneInformation
GetSystemTime
SetEnvironmentVariableA
HeapAlloc
HeapFree
GetFileType
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
HeapReAlloc
HeapSize
GetACP
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
SetStdHandle
SetHandleCount
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEndOfFile
FlushFileBuffers
WriteFile
GetWindowsDirectoryA
CreateDirectoryA
SetCurrentDirectoryA
Sleep
CloseHandle
GlobalUnlock
SetErrorMode
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
WideCharToMultiByte
InterlockedIncrement
GlobalFindAtomA
MulDiv
GlobalFree
LockResource
FindResourceA
LoadResource
InterlockedDecrement
lstrcatA
lstrcpyA
lstrcpynA
GlobalGetAtomNameA
GlobalAddAtomA
GetVersion
GlobalDeleteAtom
lstrcmpA
LocalFree
GetCurrentThread
GetCurrentThreadId
SetLastError
GetCurrentProcess
TerminateProcess
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
LocalAlloc
LoadLibraryA
FreeLibrary
WinExec
GetPrivateProfileIntA
GetShortPathNameA
GetModuleFileNameA
lstrlenA
GetPrivateProfileStringA
GetVersionExA
MultiByteToWideChar
GetTempFileNameA
MoveFileExA
GetSystemDirectoryA
ExpandEnvironmentStringsA
GetDriveTypeA
MoveFileA
GetVolumeInformationA
GetModuleHandleA
GetProcAddress
GetDiskFreeSpaceA
GetCurrentDirectoryA
CompareFileTime
GetFileAttributesA
SetFileAttributesA
GetLastError
FindFirstFileA
FindNextFileA
FindClose
RemoveDirectoryA
DeleteFileA
GetFileTime
FileTimeToLocalFileTime
GetLocalTime
lstrcmpiA
WriteProfileStringA
WritePrivateProfileStringA
CopyFileA
CreateFileA
ReadFile
GlobalAlloc
GlobalLock
SetFilePointer
FreeEnvironmentStringsA

user32

ClientToScreen
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
GrayStringA
GetWindowPlacement
SystemParametersInfoA
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
RegisterClassA
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
AdjustWindowRectEx
MapWindowPoints
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
LoadStringA
IsIconic
EqualRect
GetMenuItemCount
GetSubMenu
GetMenuItemID
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
GetMenu
GetClassInfoA
LoadMenuA
DestroyMenu
IsWindow
GetDesktopWindow
GetWindow
GetCapture
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
GetDlgCtrlID
ScreenToClient
GetWindowTextA
IsDialogMessageA
GetDlgItemTextA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
GetActiveWindow
GetKeyState
UnregisterClassA
ValidateRect
IsWindowVisible
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
SetCursor
ShowOwnedPopups
PostQuitMessage
PeekMessageA
TranslateMessage
DispatchMessageA
ExitWindowsEx
WaitForInputIdle
SetWindowPos
DdeConnect
DdeClientTransaction
DdeDisconnect
DdeFreeStringHandle
DdeUninitialize
DdeInitializeA
DdeCreateStringHandleA
GetWindowThreadProcessId
SetForegroundWindow
AttachThreadInput
FrameRect
GetClientRect
OffsetRect
CopyRect
SetRect
DrawTextA
SendDlgItemMessageA
SetDlgItemTextA
LoadBitmapA
EmptyClipboard
SetClipboardData
GetForegroundWindow
SetTimer
KillTimer
SetWindowTextA
CharLowerA
GetParent
GetWindowRect
InvalidateRect
ShowWindow
GetWindowLongA
SetWindowLongA
IsCharAlphaNumericA
OpenClipboard
GetClipboardData
CloseClipboard
EndDialog
CreateDialogIndirectParamA
DestroyWindow
UnhookWindowsHookEx
LoadIconA
EnableWindow
GetSysColor
GetDlgItem
SetFocus
GetDC
ReleaseDC
SendMessageA
BringWindowToTop
InflateRect
FillRect
CharUpperA
wsprintfA
GetSystemMetrics
UpdateWindow
PostMessageA
MessageBoxA
GetCursorPos
CallNextHookEx

gdi32

DeleteObject
CreateSolidBrush
GetDeviceCaps
CreateFontIndirectA
DPtoLP
GetTextExtentPoint32A
SetTextColor
Rectangle
SetBkMode
CreatePen
GetStockObject
AddFontResourceA
DeleteMetaFile
GetTextMetricsA
CreateFontA
CreateCompatibleBitmap
GetCharABCWidthsA
SetMetaFileBitsEx
RestoreDC
PlayMetaFile
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetMapMode
SaveDC
SetPixel
GetPixel
CreateBitmap
SetBkColor
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetClipBox
CreateBrushIndirect
SetTextAlign
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetStretchBltMode
RealizePalette
StretchBlt
CreateCompatibleDC
SelectObject
GetObjectA
BitBlt
DeleteDC
CreatePalette
CreateDIBitmap
SelectPalette

comdlg32

GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
FreeSid
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegQueryValueA
RegOpenKeyA
RegDeleteKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
AllocateAndInitializeSid

shell32

DragFinish
DragQueryFileA
ShellExecuteA

comctl32

ord17

Sections

.text
Size: 236KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0f7ac5493acb33ba652cd61e27bc6b5f

Headers

File Characteristics

Imports

winmm

version

ole32

dunzip32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 236KB - Virtual size: 232KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 36KB - Virtual size: 244KB

.rsrc Size: 1.4MB - Virtual size: 2.0MB

.text
Size: 236KB - Virtual size: 232KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 36KB - Virtual size: 244KB

.rsrc
Size: 1.4MB - Virtual size: 2.0MB