11570060391bee8a53c65b975cba365ee4a1766cf86541554946ca43d65fc601

Sharing

Copy URL Twitter E-mail

General

Target

11570060391bee8a53c65b975cba365ee4a1766cf86541554946ca43d65fc601
Size

11.9MB
MD5

4938d7fd66f4c403f4415dd80a887638
SHA1

9b01fbcbbe7286096366e0ede06ce83472eccc65
SHA256

11570060391bee8a53c65b975cba365ee4a1766cf86541554946ca43d65fc601
SHA512

1892df9f2a916a1dae78376b3b548c3a1ff2a7c36e662018066638fd83f86692089fc68ed1c154c1c7c969dcb7d2a229ef9d30426b6d58b2dba99466b71f1008
SSDEEP

196608:li+cS5VmeRBcAIv9D9srQ/blObHzGYxFV2ZpcbSzQpK83xKgPdp2XNK58uapfe2M:cdS5VmenX49eVTGYcZpcu8pK830XNaiM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11570060391bee8a53c65b975cba365ee4a1766cf86541554946ca43d65fc601

Files

11570060391bee8a53c65b975cba365ee4a1766cf86541554946ca43d65fc601
.exe windows:6 windows x86

b3b3ed75077bee312afa9ad2df0cf373

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

bcrypt

BCryptGenRandom

comctl32

InitCommonControlsEx

urlmon

URLDownloadToCacheFileA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

wininet

InternetCanonicalizeUrlA
DeleteUrlCacheEntry

kernel32

DeleteCriticalSection
SetEvent
ResetEvent
ReleaseMutex
WaitForSingleObject
CreateMutexA
CreateEventA
GetCurrentProcess
GetCurrentProcessId
GetExitCodeProcess
GetCurrentThreadId
CreateProcessA
GetSystemInfo
GetSystemTime
GetSystemDirectoryA
GetWindowsDirectoryA
GetVersionExA
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleExA
GetProcAddress
LoadLibraryA
LocalAlloc
LocalFree
FormatMessageA
lstrcmpA
lstrlenA
CopyFileA
VerifyVersionInfoW
MultiByteToWideChar
WideCharToMultiByte
GetLocaleInfoA
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetFullPathNameA
lstrcpynA
lstrcpyA
lstrcatA
CompareStringA
GlobalAlloc
GlobalFree
VirtualProtect
GetProcessHeap
InitializeCriticalSectionEx
LoadLibraryExA
GlobalUnlock
GlobalLock
FileTimeToLocalFileTime
GetDriveTypeA
GetFileTime
LocalFileTimeToFileTime
SetEndOfFile
SetFilePointer
SetFileTime
GetVolumeInformationA
GetLocalTime
GetVersion
DosDateTimeToFileTime
SetVolumeLabelA
FileTimeToSystemTime
SystemTimeToFileTime
lstrcmpiA
GetDriveTypeW
EnterCriticalSection
GetCommandLineA
GetFileType
LoadLibraryExW
RtlUnwind
InitializeSListHead
GetStartupInfoW
WaitForSingleObjectEx
GetFileInformationByHandle
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
InitializeCriticalSectionAndSpinCount
SetLastError
EncodePointer
OutputDebugStringW
IsDebuggerPresent
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
SetStdHandle
HeapReAlloc
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
GetACP
GetConsoleCP
GetModuleHandleW
LeaveCriticalSection
HeapFree
HeapAlloc
QueryPerformanceCounter
GetLastError
RaiseException
CloseHandle
DecodePointer
OutputDebugStringA
GetTempPathA
SetFileAttributesW
SetFileAttributesA
RemoveDirectoryA
GetLongPathNameA
GetFileAttributesA
FlushFileBuffers
FindNextFileA
FindFirstFileA
FindClose
DeleteFileW
DeleteFileA
CreateFileW
CreateFileA
CreateDirectoryA
VerSetConditionMask
FindFirstFileExA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetFileAttributesExW
GetCommandLineW
InitializeCriticalSection
CreateDirectoryW
VirtualQuery
WriteConsoleW
GetConsoleMode
SetFilePointerEx
ReadFile
GetFullPathNameW
GetCurrentDirectoryW
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeZoneInformation
ReadConsoleW

user32

OemToCharA
CharNextA
wsprintfA
MsgWaitForMultipleObjects
SystemParametersInfoA
IsDialogMessageA
LoadIconA
SetForegroundWindow
GetSystemMetrics
SetFocus
SetDlgItemTextA
GetDlgItem
MoveWindow
WaitMessage
PostMessageA
SendMessageA
MessageBoxA
CharPrevA
ExitWindowsEx
SetWindowLongA
GetWindowLongA
GetWindowRect
SetWindowTextA
CreateDialogParamA
ShowWindow
DestroyWindow
DefWindowProcA
PeekMessageA
DispatchMessageA
TranslateMessage
LoadStringA

advapi32

SetKernelObjectSecurity
IsValidSecurityDescriptor
GetSecurityDescriptorControl
GetKernelObjectSecurity
AdjustTokenPrivileges
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegEnumKeyExA
RegCloseKey
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
FreeSid
AllocateAndInitializeSid
OpenProcessToken
LookupPrivilegeValueA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

ole32

CoTaskMemFree
CoCreateGuid
StringFromGUID2

Sections

.text
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3b3ed75077bee312afa9ad2df0cf373

Headers

DLL Characteristics

File Characteristics

Imports

bcrypt

comctl32

urlmon

version

wininet

kernel32

user32

advapi32

shell32

ole32

Sections

.text Size: 276KB - Virtual size: 275KB

.rdata Size: 88KB - Virtual size: 88KB

.data Size: 5KB - Virtual size: 10KB

.didat Size: 512B - Virtual size: 76B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 38KB - Virtual size: 38KB

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: 276KB - Virtual size: 275KB

.rdata
Size: 88KB - Virtual size: 88KB

.data
Size: 5KB - Virtual size: 10KB

.didat
Size: 512B - Virtual size: 76B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 38KB - Virtual size: 38KB

.reloc
Size: 16KB - Virtual size: 16KB