5251360deca79553a0712912541e526aa63913dfdb447a6fc294abea825c49b9

Sharing

Copy URL Twitter E-mail

General

Target

5251360deca79553a0712912541e526aa63913dfdb447a6fc294abea825c49b9
Size

932KB
MD5

1734dbb0b341b4dc2b04fbed7a93a80d
SHA1

036f67ff1aee8956f4a5747cac941cfcfc6b885c
SHA256

5251360deca79553a0712912541e526aa63913dfdb447a6fc294abea825c49b9
SHA512

a323c3d242dd77a3aa8b40b647079b6b62db5ccb92e71b9c335bcc966db419d9ab5c2ae5308980d01e847cf35c5af7d5b70479c0c43da416796af3c4a205d0d4
SSDEEP

12288:ZjMY+Y6reG0v/9+WrrRqjs9alTcHXjcNWKbHmCsq7NM8Eecm+pDV4oBU:ZjMY+prn0RGlQKb7JM8ADte

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5251360deca79553a0712912541e526aa63913dfdb447a6fc294abea825c49b9

Files

5251360deca79553a0712912541e526aa63913dfdb447a6fc294abea825c49b9
.exe windows x86

b6e7843ac437aa34cdd21130e3d90ff7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

winhttp

WinHttpOpen
WinHttpSendRequest
WinHttpOpenRequest
WinHttpSetTimeouts
WinHttpQueryDataAvailable
WinHttpCloseHandle
WinHttpConnect
WinHttpReadData
WinHttpReceiveResponse

psapi

GetProcessImageFileNameW

kernel32

SetPriorityClass
SetThreadPriority
GetCurrentThread
SetCurrentDirectoryW
WinExec
ExitProcess
MoveFileW
MoveFileExW
GetCurrentProcessId
CreateProcessW
CreateMutexW
GetACP
LoadLibraryW
GetCurrentDirectoryW
FindResourceW
LoadResource
FreeResource
SizeofResource
LockResource
GetFileSize
ReadFile
DosDateTimeToFileTime
SetFilePointer
SystemTimeToFileTime
WriteFile
GetFileType
DuplicateHandle
MulDiv
GetLocalTime
FreeLibrary
GetConsoleCP
GetConsoleMode
GetCurrentThreadId
GetOEMCP
IsValidCodePage
HeapSize
GetProcessHeap
GetStdHandle
GetModuleHandleExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
IsProcessorFeaturePresent
HeapReAlloc
RtlUnwind
GetCommandLineW
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
OutputDebugStringW
IsDebuggerPresent
LocalFree
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
EncodePointer
LoadLibraryExA
GetTickCount
Sleep
GetWindowsDirectoryA
CreateThread
GetExitCodeProcess
CreateProcessA
WriteConsoleW
SetStdHandle
LoadLibraryExW
TerminateProcess
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
RemoveDirectoryW
CopyFileW
GetTempPathW
GetModuleFileNameA
GetTempPathA
GetSystemInfo
FindClose
FindNextFileW
SetLastError
lstrlenW
GetCurrentProcess
GetVersionExW
GetFullPathNameW
GetModuleFileNameW
WaitForSingleObject
DecodePointer
InterlockedDecrement
InterlockedIncrement
FindFirstFileW
SetFileAttributesW
DeleteFileW
CreateFileW
GetModuleHandleW
CloseHandle
GetProcAddress
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
SetFilePointerEx
FlushFileBuffers
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW

user32

ReleaseCapture
MessageBoxW
EnableWindow
LoadImageW
RegisterClassW
GetClassInfoExW
CallWindowProcW
SetPropW
GetPropW
ClientToScreen
IntersectRect
CharNextW
CreateCaret
HideCaret
SetCaretPos
GetWindow
SetCapture
GetFocus
DispatchMessageW
TranslateMessage
GetMessageW
GetCursorPos
MapWindowPoints
InvalidateRect
UpdateLayeredWindow
IsRectEmpty
EndPaint
BeginPaint
GetSysColor
GetCaretPos
FillRect
DrawTextW
SetRect
CharPrevW
SetWindowTextW
GetWindowTextLengthW
InvalidateRgn
CreateAcceleratorTableW
PtInRect
PostQuitMessage
GetSystemMetrics
SetTimer
KillTimer
GetWindowTextW
IsWindow
IsWindowVisible
GetWindowLongW
PostMessageW
EnumWindows
wsprintfW
SetWindowLongW
IsIconic
GetUpdateRect
SetFocus
GetDC
ReleaseDC
GetKeyState
SendMessageW
SetCursor
InflateRect
OffsetRect
GetParent
GetWindowRgn
MoveWindow
DestroyWindow
SetWindowPos
CreateWindowExW
RegisterClassExW
LoadCursorW
DefWindowProcW
ShowWindow
IsZoomed
MonitorFromWindow
GetMonitorInfoW
SetWindowRgn
GetWindowRect
GetClientRect
ScreenToClient
ShowCaret

gdi32

GetStockObject
GetObjectW
PtInRegion
CreateRectRgn
DeleteDC
SelectObject
CreateCompatibleDC
CreateDIBSection
DeleteObject
CreateRoundRectRgn
SetStretchBltMode
CreateFontIndirectW
ExtTextOutW
CreateSolidBrush
CreatePenIndirect
MoveToEx
LineTo
RoundRect
SetBkMode
SetTextColor
GetCharABCWidthsW
GetTextExtentPoint32W
TextOutW
CreatePen
CreateCompatibleBitmap
SaveDC
RestoreDC
BitBlt
Rectangle
SetWindowOrgEx
GetTextMetricsW
GetDeviceCaps
SelectClipRgn
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
CombineRgn
SetBkColor
StretchBlt

advapi32

RegOpenKeyExW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
RegCreateKeyW
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExW

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteW
CommandLineToArgvW
ShellExecuteA
SHChangeNotify

ole32

CoTaskMemFree
CoUninitialize
OleLockRunning
CLSIDFromProgID
CoInitialize
CoCreateInstance
CLSIDFromString

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

comctl32

_TrackMouseEvent
ord17

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext

shlwapi

PathFileExistsW
StrStrIA
PathFileExistsA
SHDeleteKeyA
StrStrIW
PathAppendW
PathRemoveFileSpecW
PathAddBackslashW

Sections

.text
Size: 449KB - Virtual size: 449KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 736KB - Virtual size: 735KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6e7843ac437aa34cdd21130e3d90ff7

Headers

DLL Characteristics

File Characteristics

Imports

iphlpapi

winhttp

psapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

imm32

shlwapi

Sections

.text Size: 449KB - Virtual size: 449KB

.rdata Size: 92KB - Virtual size: 91KB

.data Size: 11KB - Virtual size: 23KB

.rsrc Size: 736KB - Virtual size: 735KB

.reloc Size: 25KB - Virtual size: 25KB

.text
Size: 449KB - Virtual size: 449KB

.rdata
Size: 92KB - Virtual size: 91KB

.data
Size: 11KB - Virtual size: 23KB

.rsrc
Size: 736KB - Virtual size: 735KB

.reloc
Size: 25KB - Virtual size: 25KB