24ed38df3c3550115f540c7c5113e1ec3c9aea5f373e1abcb9af97a22933992a

Sharing

Copy URL Twitter E-mail

General

Target

24ed38df3c3550115f540c7c5113e1ec3c9aea5f373e1abcb9af97a22933992a
Size

77KB
MD5

87c28dd16338da66f1befc4ccb88f33c
SHA1

33abbbabc5e2f8e0e3fd1526e94eaec8020ea3cf
SHA256

24ed38df3c3550115f540c7c5113e1ec3c9aea5f373e1abcb9af97a22933992a
SHA512

18bf86f8fdafb2bfbf200bffca5ad46da31f93164eb5bbac99922f3256040dcc25122fb85704dd845cd66a83caed22f2618c4867e5fc8904514009fd837a128b
SSDEEP

1536:R7nLIkYOIrZjGgl/rG/R/aaRCfUQiI5oKZ:9yXNaMbfUQiI5oKZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24ed38df3c3550115f540c7c5113e1ec3c9aea5f373e1abcb9af97a22933992a

Files

24ed38df3c3550115f540c7c5113e1ec3c9aea5f373e1abcb9af97a22933992a
.exe windows x86

323cd2e567eafe7ae461a4e547af5bf8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

ResetEvent
GetLastError
CreateDirectoryA
GetTickCount
GetTempPathA
CreateEventA
ProcessIdToSessionId
GetCurrentProcessId
CreateMutexA
RaiseException
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
GetExitCodeThread
FindResourceExA
MultiByteToWideChar
GetSystemDefaultLangID
GetPrivateProfileStringA
SetLastError
GetPrivateProfileIntA
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
CloseHandle
SetEvent
WaitForSingleObject
GetVersionExA
FindResourceA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedCompareExchange
GetProcAddress
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InitializeCriticalSection
DeleteCriticalSection
ExitThread
CreateThread
RtlUnwind
GetCommandLineA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
Sleep
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetFilePointer

user32

EndDialog
SetWindowLongA
wsprintfA
SetWindowTextA
ShowWindow
SetDlgItemTextA
PostMessageA
SendMessageA
UnregisterClassA
GetActiveWindow
DialogBoxParamA
MessageBoxA
GetDlgItem

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

ShellExecuteExA
ord680

ole32

CoUninitialize
CoInitialize

urlmon

URLDownloadToFileA

wininet

DeleteUrlCacheEntry

wintrust

WinVerifyTrust

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

323cd2e567eafe7ae461a4e547af5bf8

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

advapi32

shell32

ole32

urlmon

wininet

wintrust

Sections

.text Size: 57KB - Virtual size: 56KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 1024B - Virtual size: 784B

.text
Size: 57KB - Virtual size: 56KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 1024B - Virtual size: 784B