Malicious_1133a3f13e93032a45100cf8b31e47c773d4787253e3a82507023a660beb9c73[.]dontrunthis

Sharing

Copy URL Twitter E-mail

General

Target

Malicious_1133a3f13e93032a45100cf8b31e47c773d4787253e3a82507023a660beb9c73.dontrunthis
Size

2.1MB
MD5

274c1e9fd713c841d606fbed91f23398
SHA1

8b22a6b18c159bc6a3dbf6a57065b8830ff247e1
SHA256

4f9d962e01bff9f264263b8a56c8253539b330a5bc8a71501983a41b3f59ddbb
SHA512

b67bbf361fdfc3b5c9f5cc2495faef799c2bd73d118b475c0f158dfe8e5e6a0aff7e3b8d06e03f6edb4a59c74809a553817f7d42b867613d10ff07a4d5fe8981
SSDEEP

24576:Cf8hAXlD2FNTPaPhpWTEDl6ffr+4ArTEJe/MKny14rR+6PMBquI+7yNbnZOD:EDAFS2TEUeTD/McU4rQaMvI+7yRZa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Malicious_1133a3f13e93032a45100cf8b31e47c773d4787253e3a82507023a660beb9c73.dontrunthis

Files

Malicious_1133a3f13e93032a45100cf8b31e47c773d4787253e3a82507023a660beb9c73.dontrunthis
.exe windows x86

1830114513f6f597435f788e3b228d52

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSAStartup
WSACleanup

kernel32

CreateFileA
TerminateProcess
MoveFileExA
GetCurrentThread
MapViewOfFile
CreateEventA
UnmapViewOfFile
LeaveCriticalSection
CreateFileMappingA
CreateThread
InitializeCriticalSection
WaitForSingleObject
DeleteCriticalSection
EnterCriticalSection
SetEvent
GetModuleHandleA
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentProcessId
VirtualFree
VirtualAlloc
MoveFileExW
CompareStringA
InterlockedExchange
SetLastError
GetVolumeInformationA
CreateProcessA
SetEnvironmentVariableA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
CreatePipe
GetFileAttributesA
GetConsoleOutputCP
WriteConsoleA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapCreate
HeapDestroy
FlushFileBuffers
GetTickCount
SetHandleCount
SetFilePointer
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
GetACP
GetConsoleMode
GetConsoleCP
WriteFile
ReadFile
GetStringTypeA
LCMapStringA
MoveFileA
DuplicateHandle
GetFileType
SetStdHandle
ExitThread
GetFullPathNameA
GetDriveTypeA
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
GetProcessHeap
HeapAlloc
HeapFree
SetEndOfFile
SetFileAttributesA
GlobalLock
EnumResourceNamesA
OutputDebugStringA
Process32First
CreateMutexA
OpenProcess
Sleep
GetWindowsDirectoryA
FreeLibrary
DeleteFileA
GlobalUnlock
Process32Next
GetExitCodeProcess
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
ResumeThread
CloseHandle
LoadLibraryA
GetLastError
SetThreadPriority
CreateDirectoryA
GetThreadPriority
VirtualQuery
VirtualProtect
GlobalAlloc
CopyFileA
OpenMutexA
OpenFileMappingA
WaitForMultipleObjects
ReleaseMutex
OpenEventA
CreateToolhelp32Snapshot
GetModuleFileNameA
GetCommandLineW
HeapSize
GetVersionExA
FindClose
FindFirstFileA
SetFileTime
FindNextFileA
GetTimeZoneInformation
ReadConsoleInputA
GetConsoleCursorInfo
FreeConsole
SetConsoleTextAttribute
PeekConsoleInputA
GetCurrentThreadId
SetConsoleTitleA
SetConsoleCursorInfo
GetConsoleScreenBufferInfo
SetConsoleCursorPosition
AllocConsole
MulDiv
GetStdHandle
SetConsoleCtrlHandler
GetFileTime

user32

WindowFromPoint
CreateCursor
FillRect
DestroyWindow
CreateWindowExA
GetQueueStatus
DestroyCursor
SetFocus
PostThreadMessageA
AdjustWindowRect
GetWindowTextA
GetSystemMetrics
PeekMessageA
IsWindowVisible
ReleaseDC
ShowWindow
SetCaretPos
CreatePopupMenu
LoadCursorA
SetTimer
DestroyCaret
HideCaret
GetClientRect
GetMessageA
GetDesktopWindow
GetForegroundWindow
PostQuitMessage
EnumDisplayMonitors
DispatchMessageA
GetWindowTextLengthA
TrackPopupMenu
SendMessageA
IntersectRect
GetCursor
SetWindowTextA
GetWindowRect
IsIconic
OpenIcon
LoadImageA
ShowCaret
GetWindowThreadProcessId
MessageBoxA
GetCursorPos
RegisterClassA
AppendMenuA
ClientToScreen
RegisterWindowMessageA
CreateCaret
CloseClipboard
GetDC
OpenClipboard
IsWindow
GetWindowPlacement
PostMessageA
MoveWindow
SetForegroundWindow
TranslateMessage
GetClassNameA
DefWindowProcA
EnumWindows
BringWindowToTop
UnregisterClassA
GetSystemMenu
FlashWindowEx
GetParent
GetFocus
DeleteMenu
DrawMenuBar
SetCursor
ReleaseCapture
SetCapture
EndPaint
BeginPaint
SetClipboardData
ScreenToClient

gdi32

SetTextColor
SelectClipRgn
SetBkMode
StretchBlt
GdiFlush
GetStockObject
GetDeviceCaps
SetDIBitsToDevice
GetTextMetricsA
IntersectClipRect
GetObjectA
DeleteDC
DeleteObject
CreateDIBSection
SelectObject
CreateCompatibleDC
BitBlt
GetCharABCWidthsA
CreateFontA
CreateFontIndirectA

advapi32

RegQueryValueExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegEnumValueA
RegCreateKeyExA

shell32

ShellExecuteA

ole32

CoInitializeSecurity
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysFreeString
SysAllocStringByteLen

wininet

InternetReadFile
InternetConnectA
HttpSendRequestA
InternetCloseHandle
InternetOpenA
HttpOpenRequestA
HttpQueryInfoA

winmm

timeBeginPeriod
PlaySoundA
timeEndPeriod
timeGetTime

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 56KB - Virtual size: 425KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 488KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1830114513f6f597435f788e3b228d52

Headers

File Characteristics

Imports

wsock32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

wininet

winmm

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 292KB - Virtual size: 289KB

.data Size: 56KB - Virtual size: 425KB

.rsrc Size: 488KB - Virtual size: 488KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 292KB - Virtual size: 289KB

.data
Size: 56KB - Virtual size: 425KB

.rsrc
Size: 488KB - Virtual size: 488KB