19ad4ba56c17ce8b911b4769d4cbc2483147ac0a78bba458531eb1ac605be558

Sharing

Copy URL Twitter E-mail

General

Target

19ad4ba56c17ce8b911b4769d4cbc2483147ac0a78bba458531eb1ac605be558
Size

944KB
MD5

0d5e3753c7a728e3c38e6d99fd7eab28
SHA1

52d63c25962e81d070528ac20e06fa57e5d2f060
SHA256

19ad4ba56c17ce8b911b4769d4cbc2483147ac0a78bba458531eb1ac605be558
SHA512

10a36766e56141ac3409b3619f7fbc97e2b8c4c1f7553b2ba3659e998192aa64535ee2a60a24baf33cbb22ed9b6cbaeffe07cde2cb517ccc1c2ff25da741159b
SSDEEP

24576:ouG9+hXpxjvOfU0Rla51ThA11MS7HFOON:++bxjvOfLnDHFO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19ad4ba56c17ce8b911b4769d4cbc2483147ac0a78bba458531eb1ac605be558

Files

19ad4ba56c17ce8b911b4769d4cbc2483147ac0a78bba458531eb1ac605be558
.exe windows:4 windows x86 arch:x86

b78064127957a1facffa47a326f77369

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

AdjustWindowRectEx
WindowFromPoint
CreateIconIndirect
DrawFrameControl
MsgWaitForMultipleObjectsEx
DispatchMessageW
TranslateMessage
MsgWaitForMultipleObjects
OemToCharA
CharToOemA
GetWindowTextLengthW
GetWindowTextW
GetSysColor
BeginPaint
FillRect
InflateRect
DrawTextW
FrameRect
DrawEdge
DrawFocusRect
EndPaint
GetDlgCtrlID
GetKeyState
CallWindowProcW
GetPropW
SetPropW
PostMessageW
RegisterWindowMessageW
SetWindowLongW
RemovePropW
MapDialogRect
SystemParametersInfoW
GetForegroundWindow
GetSysColorBrush
UnhookWindowsHookEx
MessageBoxW
SetTimer
KillTimer
PeekMessageW
PostQuitMessage
GetWindowRect
GetParent
ScreenToClient
IsWindowVisible
RegisterClipboardFormatW
UpdateWindow
RedrawWindow
EndDialog
IsDlgButtonChecked
CheckDlgButton
EnableWindow
GetDlgItem
InvalidateRect
GetClientRect
MapWindowPoints
GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SetDlgItemTextW
SendDlgItemMessageW
LoadCursorW
SetCursor
SetWindowTextW
GetSystemMetrics
LoadImageW
GetWindowLongW
SetWindowPos
ShowWindow
DestroyIcon
CharNextW
DestroyWindow
CreateDialogIndirectParamW
CreateDialogParamW
SendMessageW
LoadIconW
DrawIconEx
GetIconInfo
SetWindowRgn
SetCapture
ReleaseCapture
CreateWindowExW
DialogBoxIndirectParamW
DialogBoxParamW
GetCursorPos
PtInRect
GetDC
ReleaseDC
SetFocus

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

comctl32

ord17
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_Remove
ImageList_Draw
ImageList_DrawEx
ImageList_GetImageCount
ImageList_GetIcon
ImageList_Create

winmm

timeGetTime

kernel32

CreateThread
TerminateThread
BeginUpdateResourceW
EndUpdateResourceW
UpdateResourceW
TerminateProcess
SetUnhandledExceptionFilter
GetThreadSelectorEntry
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCurrentProcessId
GetVersionExA
LoadLibraryW
FreeLibrary
GetProcAddress
GetVersionExW
GetPrivateProfileStringW
GetSystemDefaultLangID
GetUserDefaultLangID
Sleep
SystemTimeToFileTime
GetSystemTime
GetLocalTime
LocalFileTimeToFileTime
GetDateFormatW
GetTimeFormatW
GetTickCount
GetVolumeInformationW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetEnvironmentVariableW
GetModuleFileNameA
CreateEventW
SetEvent
ResetEvent
WaitForMultipleObjectsEx
GlobalAlloc
QueryPerformanceFrequency
QueryPerformanceCounter
lstrcpyA
GlobalFree
GetTimeZoneInformation
GetVersion
SetFileAttributesA
CreateFileA
GetVolumeInformationA
GetFullPathNameA
FindFirstFileA
FindNextFileA
SetVolumeLabelA
lstrlenA
GetDriveTypeA
GetLocaleInfoA
GetFileAttributesA
GetFileTime
FileTimeToDosDateTime
RtlUnwind
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
HeapAlloc
RaiseException
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
CompareStringA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
IsBadReadPtr
IsBadCodePtr
LoadLibraryA
SetStdHandle
SetEnvironmentVariableA
SetFileTime
OpenFileMappingW
CreateFileMappingW
MapViewOfFile
SetEndOfFile
SetFilePointer
UnmapViewOfFile
FlushFileBuffers
ReadFile
DeleteFileW
WritePrivateProfileStringW
FindNextFileW
SetFileAttributesW
GetWindowsDirectoryW
GetSystemDirectoryW
GetCurrentProcess
ExpandEnvironmentStringsW
GetTempPathW
FindFirstFileW
FindClose
GetFileSize
SetErrorMode
GetFileAttributesW
GlobalLock
GlobalUnlock
GetCommandLineW
MulDiv
FindResourceExW
LoadResource
SizeofResource
LockResource
GetCurrentDirectoryW
LocalAlloc
LocalFree
GetModuleFileNameW
CreateFileW
WriteFile
GetLocaleInfoW
MoveFileW
FormatMessageW
GetModuleHandleW
GetCurrentThreadId
CloseHandle
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
GetThreadLocale
GetStringTypeExW
CompareStringW
MultiByteToWideChar
GetLastError
lstrlenW
DeleteFileA
CreateDirectoryA
GetCurrentDirectoryA

gdi32

ExtCreateRegion
CreateCompatibleBitmap
CreateFontW
EnumFontFamiliesExW
GetTextExtentPoint32W
SaveDC
SelectObject
SetBkMode
CreateCompatibleDC
GetObjectW
SetStretchBltMode
StretchBlt
BitBlt
DeleteDC
GetDIBits
CreatePolygonRgn
SelectClipRgn
GetPixel
CreateDIBSection
GetTextColor
GetBkColor
SetBkColor
DeleteObject
CreateFontIndirectW
GetTextMetricsW
SetTextColor
CreateSolidBrush
RestoreDC
CreateICW
GetStockObject
GetDeviceCaps

comdlg32

ChooseColorW
GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError

advapi32

GetUserNameW
RegSetValueExW
RegCreateKeyW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
CryptDeriveKey
CryptEncrypt
CryptDestroyKey
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptAcquireContextW
CryptReleaseContext

shell32

SHGetFileInfoW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteExW

ole32

RevokeDragDrop
OleUninitialize
CoTaskMemFree
RegisterDragDrop
ReleaseStgMedium
CoCreateInstance
CoInitialize
OleRun
CLSIDFromProgID
CoUninitialize
OleInitialize
CreateStreamOnHGlobal

oleaut32

SysFreeString
VariantClear
SafeArrayPtrOfIndex
VariantInit
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SysAllocString

Sections

.text
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 608KB - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b78064127957a1facffa47a326f77369

Headers

File Characteristics

Imports

user32

version

comctl32

winmm

kernel32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 256KB - Virtual size: 255KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 32KB - Virtual size: 45KB

.rsrc Size: 608KB - Virtual size: 604KB

.text
Size: 256KB - Virtual size: 255KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 32KB - Virtual size: 45KB

.rsrc
Size: 608KB - Virtual size: 604KB