57d0bf1dbe8d9b48d9b5547116d352eb00e84b8c2bc86ecb04086570be3b1ca3

Sharing

Copy URL Twitter E-mail

General

Target

57d0bf1dbe8d9b48d9b5547116d352eb00e84b8c2bc86ecb04086570be3b1ca3
Size

124KB
MD5

10e0e0a1c035104eaa0bcd9bd7453a1b
SHA1

1356419d4e3320dab90d85981523cb5b6fd46767
SHA256

57d0bf1dbe8d9b48d9b5547116d352eb00e84b8c2bc86ecb04086570be3b1ca3
SHA512

ea2c616d7c2520bc4962839f5c439f96832523ba59918f4b2f2bba618b8e3dbafa962ad7c17ee2c214beaaa9283315e15750eb2905ef21614f7e1ada8a2e389c
SSDEEP

3072:05XePO3ivbETgBsnhkgmSiw7RQWalBhSbJlLfBHT:QX27D1Kiw9Rc8vF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57d0bf1dbe8d9b48d9b5547116d352eb00e84b8c2bc86ecb04086570be3b1ca3

Files

57d0bf1dbe8d9b48d9b5547116d352eb00e84b8c2bc86ecb04086570be3b1ca3
.exe windows x86

93aa2d27c8ab58063b5ce2d6fbf674f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameW
GetPrivateProfileStringW
GetPrivateProfileIntW
DebugBreak
OutputDebugStringW
lstrlenA
HeapDestroy
GetLastError
CreateMutexW
FreeResource
GlobalFree
GlobalHandle
LockResource
LoadResource
FindResourceW
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
Sleep
LoadLibraryA
GetProcAddress
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
CreateProcessW
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCommandLineA
GetCommandLineW
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapSize
TerminateProcess
SetLastError
TlsAlloc
ExitProcess
GetVersion
GetStartupInfoW
GetModuleHandleA
HeapFree
ExitThread
TlsGetValue
TlsSetValue
CreateThread
WideCharToMultiByte
MultiByteToWideChar
HeapAlloc
HeapReAlloc
RtlUnwind
WaitForSingleObject
GetModuleFileNameW
WritePrivateProfileStringW
GetCurrentThreadId
GlobalAlloc
GlobalLock
GlobalUnlock
InitializeCriticalSection
DeleteCriticalSection
lstrcmpW
EnterCriticalSection
LeaveCriticalSection
lstrcmpiW
InterlockedIncrement
SetProcessWorkingSetSize
WriteFile
InterlockedDecrement
CreateFileW
CloseHandle
GetCurrentProcess
FlushInstructionCache
lstrlenW
SetUnhandledExceptionFilter
InterlockedExchange

user32

FillRect
GetClientRect
BeginPaint
SetWindowLongW
InvalidateRect
PtInRect
DefWindowProcW
GetWindowTextW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
DrawTextW
GetWindowThreadProcessId
CreateDialogIndirectParamW
GetClassInfoW
RegisterClassW
EndDialog
SetCursor
LoadCursorW
GetWindowLongW
CallWindowProcW
GetParent
RegisterClassExW
GetClassInfoExW
RegisterWindowMessageW
GetSysColor
GetDlgItem
ReleaseDC
SendMessageW
SetForegroundWindow
EndPaint
GetDC
SetFocus
CharNextW
wvsprintfW
MessageBoxW
KillTimer
CopyRect
SetTimer
ScreenToClient
DialogBoxParamW
ShowWindow
FindWindowW
PostQuitMessage
GetWindowRect
SystemParametersInfoW
MapWindowPoints
GetSystemMetrics
LoadImageW
IsDialogMessageW
PostMessageW
EqualRect
LoadStringW
wsprintfW
CreateWindowExW
GetWindowTextLengthW
SetWindowTextW
InvalidateRgn
SetCapture
ReleaseCapture
CreateAcceleratorTableW
GetDesktopWindow
RedrawWindow
DestroyWindow
IsWindow
GetClassNameW
SetWindowPos
GetFocus
IsChild
GetWindow

gdi32

SetBkMode
SetTextColor
SelectObject
CreateSolidBrush
CreateFontW
CreateFontIndirectW
DeleteDC
BitBlt
CreateCompatibleBitmap
GetDeviceCaps
GetObjectW
GetStockObject
ExtTextOutW
DeleteObject
CreateCompatibleDC
SetBkColor

advapi32

RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

ShellExecuteW

ole32

CoInitialize
CoUninitialize
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CLSIDFromProgID

oleaut32

OleCreateFontIndirect
SysAllocStringLen
LoadRegTypeLi
SysStringLen
DispCallFunc
VariantClear
SysAllocString
SysFreeString

comctl32

_TrackMouseEvent
InitCommonControlsEx

wininet

InternetSetOptionW
InternetReadFile
InternetOpenW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
InternetCloseHandle
InternetCrackUrlW
HttpQueryInfoW
InternetGetConnectedState

shlwapi

PathFileExistsW
PathCombineW
PathAppendW

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93aa2d27c8ab58063b5ce2d6fbf674f5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

wininet

shlwapi

iphlpapi

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 16KB - Virtual size: 15KB

.rsrc Size: 8KB - Virtual size: 45KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 8KB - Virtual size: 45KB