1e5b4c68f86d2b935d9bc3b27cd0b4a44fca3db80d776e196336b0270cdd4542

Sharing

Copy URL

Twitter E-mail

General

Target

1e5b4c68f86d2b935d9bc3b27cd0b4a44fca3db80d776e196336b0270cdd4542
Size

433KB
MD5

4037c3125a44818be0c51918ac1fce92
SHA1

368df5b6dace08f245c7c885fb9c62f9074166f6
SHA256

1e5b4c68f86d2b935d9bc3b27cd0b4a44fca3db80d776e196336b0270cdd4542
SHA512

66262b69585be2b6318ed50417a32629bbeda39df6c8cbabc9e9803b8a2c5cc082a7984be306636e637fc8e09bffaa2344fbce57ae3a835c2a9adb05cc12b70b
SSDEEP

6144:xVuSEQ3J+dhIUuW+WOZQgQg4glFcJrrs0Q6grGd/dcTxotK2lpsQ2ggpN/CTXfj:ZUdbsTLrGd/aIB2ggLyfq3x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e5b4c68f86d2b935d9bc3b27cd0b4a44fca3db80d776e196336b0270cdd4542

Files

1e5b4c68f86d2b935d9bc3b27cd0b4a44fca3db80d776e196336b0270cdd4542
.exe windows:6 windows x86 arch:x86

281cb371bc4d89c55884ece1f32c42fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertNameToStrW

wintrust

WTHelperProvDataFromStateData
WinVerifyTrust
WTHelperGetProvSignerFromChain

wininet

HttpQueryInfoW
InternetGetConnectedState
HttpEndRequestW
HttpSendRequestW
InternetErrorDlg
InternetGetLastResponseInfoW
HttpSendRequestExW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetOpenUrlW
InternetSetStatusCallbackW
InternetSetOptionW
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetCrackUrlW
InternetReadFile

shlwapi

PathAddBackslashW
StrTrimA
PathRemoveExtensionW
PathFileExistsW
PathFindFileNameW
PathAppendW
PathRemoveFileSpecW

comctl32

InitCommonControlsEx

winmm

timeGetTime

msimg32

AlphaBlend

urlmon

IsValidURL

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapAlloc
GetStdHandle
HeapSize
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
GetLastError
SetEvent
ResetEvent
WaitForSingleObject
CreateEventW
CreateFileW
DeleteFileW
GetDiskFreeSpaceExW
GetFileSizeEx
SetFilePointerEx
WriteFile
EnterCriticalSection
LeaveCriticalSection
GetProcAddress
LoadLibraryW
CopyFileW
MoveFileW
Sleep
LoadResource
LockResource
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FindResourceW
WritePrivateProfileStringW
CreateFileMappingW
GetVersionExW
GetCurrentProcess
GetModuleFileNameW
TlsSetValue
GetCurrentDirectoryW
OutputDebugStringW
GetCurrentThreadId
FindResourceExW
FreeLibrary
GetLocaleInfoW
GetGeoInfoW
GetUserGeoID
GetUserDefaultUILanguage
GetSystemDefaultLangID
SetCurrentDirectoryW
GetCurrentProcessId
GetLocalTime
LocalFree
FormatMessageW
lstrlenW
GetPrivateProfileStringW
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
GetModuleHandleExW
ExitProcess
GetCommandLineW
GetSystemTimeAsFileTime
HeapFree
ReadFile
RtlUnwind
RaiseException
LoadLibraryExW
ExitThread
CreateThread
MoveFileExW
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
TlsFree
GetStartupInfoW
GetModuleHandleW
GetConsoleMode
ReadConsoleW
GetFileType
WideCharToMultiByte
GetConsoleCP
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetProcessHeap
HeapReAlloc
SetEndOfFile
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetStringTypeW
SetStdHandle
FlushFileBuffers
WriteConsoleW

user32

PtInRect
GetWindowLongW
ScreenToClient
GetCursorPos
SetCursor
ReleaseDC
FillRect
GetClientRect
SetWindowRgn
SetWindowTextW
DrawTextW
GetMonitorInfoW
GetWindowRect
GetDesktopWindow
DefWindowProcW
SetWindowPos
GetDC
BeginPaint
MonitorFromPoint
PeekMessageW
PostQuitMessage
RegisterClassExW
CreateWindowExW
LoadCursorW
GetMessageW
TranslateMessage
DispatchMessageW
SendMessageW
PostMessageW
DestroyWindow
ShowWindow
MessageBoxW
LoadIconW
FindWindowW
EndPaint
InvalidateRect
UpdateWindow
GetSystemMetrics
EnableWindow
KillTimer
SetTimer

gdi32

GetObjectW
GetPixel
DeleteDC
CreateRectRgn
CreateDCW
CombineRgn
GetTextExtentPoint32W
SetBkColor
CreateSolidBrush
CreateFontW
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
GetStockObject
SelectObject
SetTextColor
SetBkMode

advapi32

IsValidSid
RegQueryValueExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
LookupAccountNameW
GetSidSubAuthorityCount
GetSidSubAuthority
GetSidIdentifierAuthority
RegOpenKeyExW
RegCreateKeyW

shell32

CommandLineToArgvW
SHGetSpecialFolderPathW
Shell_NotifyIconW
ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
ord165

ole32

CreateStreamOnHGlobal
StringFromGUID2
CoCreateGuid
CoInitialize
CoTaskMemFree

gdiplus

GdipAlloc
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipDisposeImage
GdipCloneImage
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreateHBITMAPFromBitmap
GdipCreateFromHDC
GdipDeleteGraphics
GdipFillRectangleI
GdipDrawImageRectI
GdiplusStartup
GdiplusShutdown
GdipFree

rpcrt4

RpcStringFreeW
UuidToStringW

secur32

GetUserNameExW

Sections

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

281cb371bc4d89c55884ece1f32c42fa

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

wintrust

wininet

shlwapi

comctl32

winmm

msimg32

urlmon

version

kernel32

user32

gdi32

advapi32

shell32

ole32

gdiplus

rpcrt4

secur32

Sections

.text Size: 196KB - Virtual size: 196KB

.rdata Size: 71KB - Virtual size: 71KB

.data Size: 6KB - Virtual size: 15KB

.rsrc Size: 139KB - Virtual size: 139KB

.reloc Size: 18KB - Virtual size: 17KB

.text
Size: 196KB - Virtual size: 196KB

.rdata
Size: 71KB - Virtual size: 71KB

.data
Size: 6KB - Virtual size: 15KB

.rsrc
Size: 139KB - Virtual size: 139KB

.reloc
Size: 18KB - Virtual size: 17KB