15ac177cbc677c44a26df451875f96db96a5bd44f5cb00fc8511c8c7e31804ae

Sharing

Copy URL Twitter E-mail

General

Target

15ac177cbc677c44a26df451875f96db96a5bd44f5cb00fc8511c8c7e31804ae
Size

242KB
MD5

a6f74bdcb18b3ac8b31a6320f8457f59
SHA1

d29e3104ef5f23ba67ae4d590a07f248baa99864
SHA256

15ac177cbc677c44a26df451875f96db96a5bd44f5cb00fc8511c8c7e31804ae
SHA512

2db442c33ee0d47606098020be39be7c5102e4512af639ddbea29e3c66e82011b4825ea23cb8d8d42c7317155fce84acd5fd7ca3325c0eef8748a60495c28f72
SSDEEP

6144:N0sZd/uqxzhlGIu9hVwp7+nN0IiFnMl0q51r7s1vsaH:NrZd/uqhhlGIubVK7+N0dtMvjM1vss

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15ac177cbc677c44a26df451875f96db96a5bd44f5cb00fc8511c8c7e31804ae

Files

15ac177cbc677c44a26df451875f96db96a5bd44f5cb00fc8511c8c7e31804ae
.exe windows:4 windows x86

b81790157d2d72a328d762a392740e30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lwrite
Module32Next
_lwrite
_lwrite
Module32Next
_lwrite

shell32

ExtractAssociatedIconW
DoEnvironmentSubstA
DragFinish
ExtractIconA
ord179

advapi32

ChangeServiceConfig2A
NotifyBootConfigStatus
LsaSetDomainInformationPolicy
AreAllAccessesGranted
RegEnumKeyExW
DecryptFileW
RegLoadKeyW
InitiateSystemShutdownW
RegFlushKey
RegEnumKeyExA
RegEnumKeyA
PrivilegeCheck
DecryptFileA

wininet

InternetGetLastResponseInfoA
RetrieveUrlCacheEntryFileW
FtpRemoveDirectoryW
GopherOpenFileW
HttpQueryInfoA
InternetCrackUrlA
FtpDeleteFileA
HttpAddRequestHeadersA
InternetCanonicalizeUrlW
FtpRenameFileW
SetUrlCacheEntryInfoA
FtpPutFileW
InternetWriteFile

msvcrt

qsort
strcpy
_acmdln
__getmainargs
_initterm
_controlfp
_rmtmp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
exit

user32

EnableMenuItem
SetCursor
DrawTextA
FrameRect
SetWindowLongA
DefDlgProcA
CharLowerBuffA
LoadImageA
GetMessagePos
wvsprintfA
InvalidateRect
GetNextDlgGroupItem
GetMenu
DialogBoxParamA
TrackPopupMenu
RegisterClassA
SetForegroundWindow
InvalidateRgn
GetWindowTextA
GetClassNameA
SetDlgItemInt
GetKeyboardLayout
GetOpenClipboardWindow
GetClipCursor
CreateMenu
CharPrevA
GetMenuItemInfoA
DdeCreateDataHandle
GetAsyncKeyState
DdeFreeDataHandle
GetActiveWindow
LoadAcceleratorsA
CharLowerW
DrawIcon
SetTimer
GetMenuState
GetWindowTextLengthA
UpdateWindow
IsDialogMessageA
DeleteMenu
LoadStringW
GetKeyState
SystemParametersInfoA
LoadCursorW
ScreenToClient
GetMenuItemInfoW
GetWindowRect
ReleaseDC
GetDCEx
SetClassLongA
TranslateAcceleratorA
TrackPopupMenuEx
DispatchMessageA
GetCursorPos

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b81790157d2d72a328d762a392740e30

Headers

File Characteristics

Imports

kernel32

shell32

advapi32

wininet

msvcrt

user32

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 150KB

.rsrc Size: 152KB - Virtual size: 150KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 150KB

.rsrc
Size: 152KB - Virtual size: 150KB