07956c0cff70a3e49b8dc10216468bb77127b1f0d51ff277736e5e0cd4407c31

Sharing

Copy URL Twitter E-mail

General

Target

07956c0cff70a3e49b8dc10216468bb77127b1f0d51ff277736e5e0cd4407c31
Size

869KB
MD5

0d30f75fabc2d7caef9705750ea912e0
SHA1

df15582b7977099d4c474479bca1490fa3ee6e17
SHA256

07956c0cff70a3e49b8dc10216468bb77127b1f0d51ff277736e5e0cd4407c31
SHA512

43ac753c5553cde41ad1a44975a3af2517a370f3c6bf269439b6c6287467d6a18c0045fe88f35a405f2ae6cbd61a9fa1819e6d9365cc3c9a3f9df69347bf4fa1
SSDEEP

12288:R2o2HmVH6xU3KYTL73z1w2ZH03SgKCBxno5+RIbeHF+kRZuTLP:RQm0W3zH3RwmUi/zM+beHzGLP

Score

N/A

Malware Config

Signatures

Files

07956c0cff70a3e49b8dc10216468bb77127b1f0d51ff277736e5e0cd4407c31
.exe windows x86

f928fc509f5dc08caac3d1fd9222ec11

Code Sign

b9:be:17:70:64:e0:6f:50:fd:3c:77:a6:ac:65:ab:ae:97:0b:60:2b
Signer

Actual PE Digest

b9:be:17:70:64:e0:6f:50:fd:3c:77:a6:ac:65:ab:ae:97:0b:60:2b

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

NO CERTIFICATE

01/01/0001, 00:00
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpEndRequestA

kernel32

GetVersion
WriteFile
VirtualAlloc
CreateFileMappingA
SetEndOfFile
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetProcAddress
GetVersionExA
GetCommandLineA
CloseHandle
lstrcmpiA
QueryPerformanceCounter
GetTickCount
CreateFileA
CreateThread
TlsGetValue
ReadFile
GetCurrentProcessId
ExitProcess
GetStartupInfoA
GetSystemTimeAsFileTime
CreateDirectoryW
GetLastError
SetErrorMode
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
SetFilePointer
HeapFree
GetModuleHandleA

user32

GetSystemMetrics
RegisterClassExA
CreateWindowExA
ShowWindow
MessageBoxA
ShowScrollBar
ShowCursor
ShowOwnedPopups
TranslateMessage
ValidateRect
WaitMessage
WindowFromPoint
SetScrollPos
SetScrollRange
SetWindowLongA
SetWindowPlacement
SetWindowPos

gdi32

SetAbortProc
GetLogColorSpaceW
DeleteMetaFile
OffsetWindowOrgEx
TextOutW
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetEnhMetaFileBits
SetPixel
SetROP2
StretchBlt
UnrealizeObject
Rectangle

comdlg32

ChooseFontA
ReplaceTextW
GetSaveFileNameA
GetOpenFileNameA
FindTextW

advapi32

AllocateAndInitializeSid
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA
StrStrIA

ole32

CoTaskMemAlloc

oleaut32

VarDecRound
VarRound
VarNumFromParseNum
SafeArrayRedim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayPutElement
VariantInit

Sections

.text
Size: 700KB - Virtual size: 696KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f928fc509f5dc08caac3d1fd9222ec11

Code Sign

b9:be:17:70:64:e0:6f:50:fd:3c:77:a6:ac:65:ab:ae:97:0b:60:2bSigner

Signature Validations

Verification

01/01/0001, 00:00 Valid: false

Headers

File Characteristics

Imports

wininet

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 700KB - Virtual size: 696KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 18KB

.rsrc Size: 148KB - Virtual size: 145KB

b9:be:17:70:64:e0:6f:50:fd:3c:77:a6:ac:65:ab:ae:97:0b:60:2b
Signer

01/01/0001, 00:00
Valid: false

.text
Size: 700KB - Virtual size: 696KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 18KB

.rsrc
Size: 148KB - Virtual size: 145KB