4f6cd3d828290cc5772b93774345a0958e91a91714ee3e5638862d9794897db2

Sharing

Copy URL

Twitter E-mail

General

Target

4f6cd3d828290cc5772b93774345a0958e91a91714ee3e5638862d9794897db2
Size

848KB
MD5

7f84e0082e85574e9baf8a813873453b
SHA1

2c4ee0c330e2ea626c19004eba75eab2170332ef
SHA256

4f6cd3d828290cc5772b93774345a0958e91a91714ee3e5638862d9794897db2
SHA512

2a167061b1100649c1e371b792a1744d054c9bd2b6ce273b41a6b5f1c597e1f437b89bb70718c1e924edae721e2f49ccd44cee65e2362bf9d8384375208ba385
SSDEEP

12288:g69GTOzBBzMDQeAe1FBnslE+65iFqPFBjvHfBOjF6RjlZ5JJRlYZbd:ncT7QGClErTjv/A4jlZLNYz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f6cd3d828290cc5772b93774345a0958e91a91714ee3e5638862d9794897db2

Files

4f6cd3d828290cc5772b93774345a0958e91a91714ee3e5638862d9794897db2
.exe windows x86

cccaf25134e5ff35641acdce93898def

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

winhttp

WinHttpCloseHandle
WinHttpConnect
WinHttpOpen
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpOpenRequest
WinHttpSetStatusCallback
WinHttpSetOption
WinHttpAddRequestHeaders
WinHttpSetTimeouts
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpReadData
WinHttpWriteData
WinHttpQueryDataAvailable
WinHttpCrackUrl

kernel32

DeleteCriticalSection
GetPrivateProfileStringW
CreateSemaphoreA
ReleaseSemaphore
GetSystemTimeAsFileTime
WaitForMultipleObjectsEx
GetACP
SetUnhandledExceptionFilter
IsBadCodePtr
CreateFileW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetVersionExW
FreeLibrary
GetModuleHandleW
GetModuleHandleExW
GetCurrentThread
lstrlenA
CreateEventW
SetErrorMode
OpenProcess
WaitForSingleObject
OpenEventW
TerminateProcess
SetLastError
lstrcmpiW
LeaveCriticalSection
EnterCriticalSection
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
CreateSemaphoreW
CreateProcessW
CreateThread
GlobalFree
LoadLibraryA
GetTempPathA
GetTempFileNameA
DeleteFileA
DuplicateHandle
LocalFree
ReadFile
WriteFile
FlushFileBuffers
DecodePointer
CreateDirectoryW
GetWindowsDirectoryW
Sleep
ResumeThread
GetTickCount
GetStdHandle
GetFileType
GetModuleHandleA
IsDebuggerPresent
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
LoadLibraryExA
GetCPInfo
LCMapStringW
CompareStringW
TlsFree
IsValidLocale
TlsSetValue
TlsGetValue
TlsAlloc
GetStringTypeW
UnhandledExceptionFilter
QueryPerformanceCounter
GetStartupInfoW
OpenEventA
SetWaitableTimer
CreateWaitableTimerA
SystemTimeToFileTime
FormatMessageA
RtlUnwind
GetLocalTime
RaiseException
InitializeCriticalSectionEx
WaitForSingleObjectEx
GetModuleFileNameW
OutputDebugStringW
GetProcAddress
LoadLibraryW
GetFileSize
GetLocaleInfoW
EnumSystemLocalesW
DeleteFileW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
FindClose
FindNextFileW
FindFirstFileW
ExitThread
FreeLibraryAndExitThread
ExitProcess
SetEvent
HeapFree
GetProcessHeap
HeapAlloc
CloseHandle
CreateEventA
GetLastError
HeapReAlloc
HeapSize
GetEnvironmentVariableW
MultiByteToWideChar
WideCharToMultiByte
GetUserDefaultLCID
GetUserDefaultUILanguage
GetConsoleCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
SetStdHandle
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
GetTimeZoneInformation
SetEndOfFile
ResetEvent

user32

SetWindowTextW
RemovePropW
SetPropW
MoveWindow
PostMessageW
EndDialog
GetProcessWindowStation
DestroyIcon
GetSystemMetrics
LoadImageW
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
GetParent
MapWindowPoints
SetWindowPos
CallWindowProcW
GetWindowLongW
SendMessageW
GetDlgItem
InvalidateRect
GetUserObjectInformationW
MessageBoxA
FillRect
LoadBitmapW
SetWindowLongW
DialogBoxParamW
DestroyWindow
GetActiveWindow
DefWindowProcW
SetForegroundWindow
ShowWindow
IsIconic
GetPropW
IsWindow
GetDesktopWindow
CharNextW
GetClientRect
UnregisterClassW
wsprintfW
GetWindow

advapi32

GetSecurityDescriptorControl
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
DeregisterEventSource
RegisterEventSourceA
ReportEventA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
CoCreateGuid
CoUninitialize
CoInitialize

shell32

SHGetFolderPathW
ord165
CommandLineToArgvW

oleaut32

VariantClear
VarUI4FromStr
SysAllocString

shlwapi

PathFindFileNameA
PathStripPathW
PathRemoveFileSpecW
PathFileExistsW

comctl32

InitCommonControlsEx
_TrackMouseEvent

gdi32

DeleteDC
CreateCompatibleDC
SelectObject
GetStockObject
SetBkMode
CreateSolidBrush
BitBlt
DeleteObject

userenv

GetAllUsersProfileDirectoryW

rpcrt4

RpcStringFreeW
UuidToStringW

ws2_32

inet_addr
gethostname
getnameinfo
freeaddrinfo
getaddrinfo
WSAStartup

urlmon

URLDownloadToFileA

Sections

.text
Size: 506KB - Virtual size: 506KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cccaf25134e5ff35641acdce93898def

Headers

DLL Characteristics

File Characteristics

Imports

version

winhttp

kernel32

user32

advapi32

ole32

shell32

oleaut32

shlwapi

comctl32

gdi32

userenv

rpcrt4

ws2_32

urlmon

Sections

.text Size: 506KB - Virtual size: 506KB

.rdata Size: 178KB - Virtual size: 177KB

.data Size: 13KB - Virtual size: 22KB

.gfids Size: 1024B - Virtual size: 724B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 118KB - Virtual size: 117KB

.reloc Size: 30KB - Virtual size: 30KB

.text
Size: 506KB - Virtual size: 506KB

.rdata
Size: 178KB - Virtual size: 177KB

.data
Size: 13KB - Virtual size: 22KB

.gfids
Size: 1024B - Virtual size: 724B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 118KB - Virtual size: 117KB

.reloc
Size: 30KB - Virtual size: 30KB