21d07c74353d2f595540a3b60d721fc468c336384e8a723f2401085d45a76fba

Sharing

Copy URL Twitter E-mail

General

Target

21d07c74353d2f595540a3b60d721fc468c336384e8a723f2401085d45a76fba
Size

4.2MB
MD5

307eeadc97b3acbbc1540684ca2ab5a0
SHA1

466f6945fb62c0a788ba298e5b72e13a4647d503
SHA256

21d07c74353d2f595540a3b60d721fc468c336384e8a723f2401085d45a76fba
SHA512

74e11bc4082e34c67ab46160570c7979d3a2a3b7bb3a3e8eebc54f87c2a9cb38c4b54ceee723da900330d556073bc59183a70d62e820719889c9ea394ebd5542
SSDEEP

98304:Kk+0snIkQyGLr8Sm5mHM2bHkdlu7G6cBAUZLA9xr1:Kk+NI2GLr8Sm5QnIzAG6cVcd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21d07c74353d2f595540a3b60d721fc468c336384e8a723f2401085d45a76fba

Files

21d07c74353d2f595540a3b60d721fc468c336384e8a723f2401085d45a76fba
.exe windows:4 windows x86

316d2d1f33ce25af1528a5b9242a44a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

InitCommonControls

kernel32

CloseHandle
CreateEventA
CreateSemaphoreA
CreateSemaphoreW
DeleteCriticalSection
DeleteFileA
DuplicateHandle
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetACP
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetFileAttributesA
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetStartupInfoA
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseSemaphore
RemoveDirectoryA
ResetEvent
ResumeThread
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte

msvcrt

_close
_fdopen
_fstat
_lseek
_mkdir
_read
_strdup
_stricoll
_write
__getmainargs
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_beginthreadex
_cexit
_endthreadex
_errno
_filbuf
_findclose
_findfirst
_findnext
_flsbuf
_fpreset
_ftime
_fullpath
_iob
_isctype
_onexit
_pctype
_setjmp
_setmode
_strdup
abort
acos
asin
atan
atexit
atoi
calloc
cos
exit
exp
fclose
fflush
fopen
fprintf
fputc
fputs
fread
free
fseek
ftell
fwrite
getenv
getwc
gmtime
iswctype
localeconv
localtime
log10
longjmp
malloc
mbstowcs
memchr
memcmp
memcpy
memmove
memset
pow
puts
putwc
qsort
rand
realloc
rename
setlocale
setvbuf
signal
sin
sprintf
sqrt
srand
sscanf
strchr
strcmp
strcoll
strcpy
strerror
strftime
strlen
strncat
strncmp
strncpy
strrchr
strstr
strtod
strtok
strtoul
strxfrm
system
tan
time
tolower
towlower
towupper
ungetc
ungetwc
vfprintf
vprintf
wcscmp
wcscoll
wcscpy
wcsftime
wcslen
wcstombs
wcsxfrm

shell32

DragAcceptFiles
DragFinish
DragQueryFileW
DragQueryPoint

user32

AdjustWindowRectEx
BringWindowToTop
ChangeDisplaySettingsExW
ClientToScreen
ClipCursor
CloseClipboard
CopyIcon
CreateIconIndirect
CreateWindowExA
CreateWindowExW
DefWindowProcW
DestroyIcon
DestroyWindow
DialogBoxParamA
DispatchMessageW
EmptyClipboard
EndDialog
EnumDisplayDevicesW
EnumDisplaySettingsExW
EnumDisplaySettingsW
GetActiveWindow
GetAsyncKeyState
GetClassLongW
GetClientRect
GetClipboardData
GetCursorPos
GetDC
GetKeyNameTextW
GetKeyState
GetMessageTime
GetPropW
GetRawInputDeviceInfoA
GetRawInputDeviceList
GetSystemMetrics
GetWindowLongW
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
IsIconic
IsWindowVisible
IsZoomed
LoadCursorW
LoadImageW
MoveWindow
MsgWaitForMultipleObjects
OpenClipboard
PeekMessageW
PostMessageW
PtInRect
RegisterClassExW
RegisterDeviceNotificationW
ReleaseCapture
ReleaseDC
RemovePropW
ScreenToClient
SendMessageW
SetCapture
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetPropW
SetRect
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
SystemParametersInfoW
TrackMouseEvent
TranslateMessage
UnregisterClassW
WaitMessage
WindowFromPoint

winmm

mciSendCommandA
timeBeginPeriod
timeEndPeriod

ws2_32

WSAStartup
closesocket
connect
htons
inet_addr
recv
send
socket

gdi32

ChoosePixelFormat
CreateDCW
DeleteDC
DeleteObject
DescribePixelFormat
GetDeviceCaps
SetPixelFormat
SwapBuffers
CreateBitmap
CreateDIBSection
GetDeviceGammaRamp
SetDeviceGammaRamp

libcrypto-1_1

ASN1_INTEGER_set
BIO_ctrl
BIO_free
BIO_new_file
BIO_write
BN_free
BN_new
BN_set_word
ERR_error_string
ERR_get_error
EVP_DigestInit
EVP_DigestUpdate
EVP_DigestVerifyFinal
EVP_DigestVerifyInit
EVP_MD_CTX_free
EVP_MD_CTX_new
EVP_PKEY_assign
EVP_PKEY_new
EVP_PKEY_size
EVP_SignFinal
EVP_sha1
EVP_sha256
OPENSSL_init_crypto
PEM_read_bio_RSAPrivateKey
PEM_write_bio_RSAPrivateKey
PKCS7_SIGNER_INFO_new
PKCS7_SIGNER_INFO_set
PKCS7_add_certificate
PKCS7_add_signer
PKCS7_content_new
PKCS7_ctrl
PKCS7_dataFinal
PKCS7_dataInit
PKCS7_free
PKCS7_new
PKCS7_set_type
RSA_free
RSA_generate_key_ex
RSA_new
SHA256
SHA256_Final
SHA256_Init
SHA256_Update
X509_NAME_ENTRY_create_by_txt
X509_NAME_add_entry
X509_NAME_new
X509_get_serialNumber
X509_getm_notAfter
X509_getm_notBefore
X509_gmtime_adj
X509_new
X509_set_issuer_name
X509_set_pubkey
X509_set_subject_name
X509_set_version
X509_sign
d2i_X509
i2d_PKCS7
i2d_RSAPublicKey
i2d_X509

libssl-1_1

OPENSSL_init_ssl

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 509KB - Virtual size: 508KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 15KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

316d2d1f33ce25af1528a5b9242a44a0

Headers

File Characteristics

Imports

comctl32

kernel32

msvcrt

shell32

user32

winmm

ws2_32

gdi32

libcrypto-1_1

libssl-1_1

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.data Size: 9KB - Virtual size: 8KB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.eh_fram Size: 509KB - Virtual size: 508KB

.bss Size: - Virtual size: 15KB

.idata Size: 10KB - Virtual size: 9KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 512B - Virtual size: 144B

.text
Size: 2.6MB - Virtual size: 2.6MB

.data
Size: 9KB - Virtual size: 8KB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.eh_fram
Size: 509KB - Virtual size: 508KB

.bss
Size: - Virtual size: 15KB

.idata
Size: 10KB - Virtual size: 9KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 512B - Virtual size: 144B