49716bb2624e6ee0348d5fddd3296c35dc92fe95adf5938c84696697e7c92ebf

Sharing

Copy URL Twitter E-mail

General

Target

49716bb2624e6ee0348d5fddd3296c35dc92fe95adf5938c84696697e7c92ebf
Size

230KB
MD5

e87990496f5e713763b5a29f82a82df5
SHA1

915439d7f5e5dfad203d924b1788d9a22302c859
SHA256

49716bb2624e6ee0348d5fddd3296c35dc92fe95adf5938c84696697e7c92ebf
SHA512

cf57964d867e0ef0e8d10537a60cb6418a5f69e67dc884dbbaa99c6b3d04d6504a2d669f58620855ef607898bf0a273cbcff4a05f0bd05b4c7aa1476460bfe1a
SSDEEP

6144:kxA4AcRC10soeuPhsFkBZQEm83+nJcshk3lyPbGingx:IAcg1FduP2FcZQEmrr2sPz+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49716bb2624e6ee0348d5fddd3296c35dc92fe95adf5938c84696697e7c92ebf

Files

49716bb2624e6ee0348d5fddd3296c35dc92fe95adf5938c84696697e7c92ebf
.exe windows:4 windows x86

d520a970d4bbe53c6bb74098a6455138

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCrackUrlA
ReadUrlCacheEntryStream
InternetReadFileExA
HttpSendRequestExA
GetUrlCacheEntryInfoA
InternetAutodialHangup
HttpEndRequestW
HttpSendRequestExW
FtpRenameFileW
FindCloseUrlCache
SetUrlCacheEntryGroup
InternetSetOptionExW
CommitUrlCacheEntryW
InternetConfirmZoneCrossing
FindFirstUrlCacheEntryA
HttpAddRequestHeadersA
HttpQueryInfoW
InternetOpenUrlA
InternetTimeToSystemTime
HttpQueryInfoA
GopherFindFirstFileW
CreateUrlCacheGroup
GetUrlCacheEntryInfoW
InternetCloseHandle
DeleteUrlCacheEntry
FtpGetCurrentDirectoryA
GopherCreateLocatorA
HttpOpenRequestW
RetrieveUrlCacheEntryFileW
InternetFindNextFileA
InternetTimeFromSystemTime
InternetHangUp
FtpCreateDirectoryW
InternetSetOptionW
GetUrlCacheEntryInfoExA
FtpFindFirstFileW
InternetCrackUrlW
InternetOpenUrlW
HttpOpenRequestA
InternetQueryOptionW
InternetFindNextFileW
InternetCreateUrlW
HttpSendRequestA
InternetGetConnectedState
InternetLockRequestFile
FtpDeleteFileA
UnlockUrlCacheEntryStream
HttpSendRequestW
InternetQueryDataAvailable
InternetSetCookieW
InternetGetLastResponseInfoW
FtpRemoveDirectoryA

advapi32

RegDeleteValueA
LsaEnumerateTrustedDomains
RegCreateKeyA
RegQueryInfoKeyA
LsaSetDomainInformationPolicy

msvcrt

perror
_controlfp
__p__commode
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_ftol
_dup2
_adjust_fdiv
__p__fmode
__set_app_type

user32

TranslateAcceleratorA
SetProcessWindowStation
AttachThreadInput
GetAsyncKeyState
SetClassWord
FlashWindow
SetCaretPos
GetThreadDesktop
SetWinEventHook
CharLowerW
DialogBoxParamA
GetWindowRect
DrawIcon
InvalidateRect
DrawTextA
RegisterClassA
LoadImageA
GetDCEx
IsDialogMessageA
GetMenu
SetScrollRange
DispatchMessageA
MessageBoxW
UpdateWindow
CharLowerBuffA
DeleteMenu
SetClassLongA
GetKeyState
SetWindowLongA
GetNextDlgGroupItem
wvsprintfA
SetDlgItemInt
DefDlgProcA
ScreenToClient
EnableMenuItem
ClientToScreen
SetForegroundWindow
TrackPopupMenu
GetClassNameA
SystemParametersInfoA
LoadCursorW
SetDlgItemTextW
GetMessagePos
TrackPopupMenuEx
GetCursorPos
MoveWindow
ReleaseDC
InvalidateRgn
SetTimer
SetCursor
LoadStringW
GetWindowTextA
GetWindowTextLengthA
FrameRect
GetMenuItemInfoW
GetMenuState

kernel32

_lwrite
_lwrite
GetProfileSectionW

shell32

Shell_NotifyIconA

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d520a970d4bbe53c6bb74098a6455138

Headers

File Characteristics

Imports

wininet

advapi32

msvcrt

user32

kernel32

shell32

Sections

.text Size: 64KB - Virtual size: 62KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 3.2MB

.rsrc Size: 148KB - Virtual size: 147KB

.text
Size: 64KB - Virtual size: 62KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 3.2MB

.rsrc
Size: 148KB - Virtual size: 147KB