f95627fa3e182504124b8185a550b0f497e9beabae2f322709fcabd063164658

Sharing

Copy URL Twitter E-mail

General

Target

f95627fa3e182504124b8185a550b0f497e9beabae2f322709fcabd063164658
Size

376KB
MD5

ab7fd4e8e73b4bbb95d18feb8ab3cde2
SHA1

8d1c5fa1fdfd2bc9b64fb8cbea0c0d07f8b4d2e8
SHA256

f95627fa3e182504124b8185a550b0f497e9beabae2f322709fcabd063164658
SHA512

8b55458dddc6848d5846ca15d35b65a5336672b299b72699555b2b14a37577f9407ef229c77ffc246d6cb7458a4d59d1a0e07f221d3a4668738c83874dbd0b01
SSDEEP

6144:J/Hr64IVghckF919F6SpJhx04RBqaXExYf6ffSmgHvc3BJeE08:Jx0uf6njoT98

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f95627fa3e182504124b8185a550b0f497e9beabae2f322709fcabd063164658

Files

f95627fa3e182504124b8185a550b0f497e9beabae2f322709fcabd063164658
.exe windows:6 windows x86 arch:x86

9ed92853eff4da4e4b046d749c016975

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetErrorDlg
HttpEndRequestW
HttpSendRequestExW
HttpSendRequestW
InternetOpenUrlW
InternetGetLastResponseInfoW
InternetCrackUrlW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetReadFile
InternetSetStatusCallbackW
InternetSetOptionW
InternetOpenW
InternetCloseHandle
InternetConnectW
HttpQueryInfoW

shlwapi

PathAddBackslashW
StrTrimA
PathFindFileNameW
PathAppendW
PathRemoveFileSpecW
PathFileExistsW
PathRemoveExtensionW

comctl32

_TrackMouseEvent
InitCommonControlsEx

winmm

timeGetTime

msimg32

AlphaBlend

urlmon

IsValidURL

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

GetProcessHeap
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
GetLastError
SetEvent
ResetEvent
WaitForSingleObject
CreateEventW
CreateFileW
DeleteFileW
GetDiskFreeSpaceExW
GetFileSizeEx
SetFilePointerEx
WriteFile
EnterCriticalSection
LeaveCriticalSection
GetProcAddress
LoadLibraryW
CopyFileW
MoveFileW
Sleep
LoadResource
LockResource
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FindResourceW
WritePrivateProfileStringW
CreateFileMappingW
GetFullPathNameW
GetVersionExW
SetUnhandledExceptionFilter
GetCurrentProcess
GlobalMemoryStatusEx
VirtualQuery
GetModuleFileNameW
K32EnumProcessModules
K32GetModuleBaseNameW
K32GetModuleInformation
HeapReAlloc
GetCurrentDirectoryW
FindResourceExW
FreeLibrary
GetLocaleInfoW
GetGeoInfoW
GetUserGeoID
GetUserDefaultUILanguage
GetSystemDefaultLangID
SetCurrentDirectoryW
GetCurrentProcessId
GetLocalTime
LocalFree
FormatMessageW
lstrlenW
GetPrivateProfileStringW
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
GetModuleHandleExW
HeapSize
GetStdHandle
HeapAlloc
UnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
HeapFree
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetConsoleMode
ReadConsoleW
GetFileType
WideCharToMultiByte
GetConsoleCP
ExitProcess
GetCommandLineW
QueryPerformanceCounter
GetEnvironmentStringsW
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
MoveFileExW
CreateThread
GetCurrentThreadId
ExitThread
LoadLibraryExW
RaiseException
RtlUnwind
ReadFile
FreeEnvironmentStringsW
OutputDebugStringW
LCMapStringW
GetStringTypeW
SetStdHandle
FlushFileBuffers
WriteConsoleW
SetEndOfFile

user32

BeginPaint
GetDC
SetWindowPos
DefWindowProcW
DrawTextW
SetWindowTextW
EndPaint
UpdateWindow
SetWindowRgn
GetClientRect
FillRect
ReleaseDC
GetSystemMetrics
EnableWindow
KillTimer
ShowWindow
DestroyWindow
PostMessageW
SendMessageW
DispatchMessageW
TranslateMessage
GetMessageW
LoadCursorW
CreateWindowExW
RegisterClassExW
PostQuitMessage
SetCursor
GetCursorPos
ScreenToClient
PtInRect
GetWindowLongW
FindWindowW
GetMonitorInfoW
GetGuiResources
GetWindowRect
GetDesktopWindow
MonitorFromPoint
PeekMessageW
IsWindowVisible
MessageBoxW
LoadIconW
InvalidateRect
SetTimer

gdi32

DeleteDC
CreateRectRgn
CreateDCW
BitBlt
CreateCompatibleBitmap
GetPixel
DeleteObject
GetStockObject
SelectObject
SetBkMode
SetTextColor
CreateCompatibleDC
GetObjectW
CreateFontW
CreateSolidBrush
SetBkColor
CombineRgn
GetTextExtentPoint32W

advapi32

RegSetValueExW
RegCreateKeyExW
LookupAccountNameW
IsValidSid
GetSidSubAuthorityCount
GetSidSubAuthority
GetSidIdentifierAuthority
RegOpenKeyExW
RegCreateKeyW
RegCloseKey
RegQueryValueExW

shell32

SHBrowseForFolderW
ord165
SHGetMalloc
Shell_NotifyIconW
SHGetSpecialFolderPathW
CommandLineToArgvW
SHGetPathFromIDListW

ole32

CoCreateGuid
CoCreateInstance
StringFromGUID2
CreateStreamOnHGlobal
CoTaskMemFree
CoInitialize

gdiplus

GdipDisposeImage
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCloneImage
GdipDeleteBrush
GdipCreateSolidFill
GdipCreateHBITMAPFromBitmap
GdipCreateFromHDC
GdipFree
GdipCloneBrush
GdipDeleteGraphics
GdipFillRectangleI
GdipDrawImageRectI
GdiplusStartup
GdiplusShutdown
GdipAlloc

rpcrt4

RpcStringFreeW
UuidToStringW

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ed92853eff4da4e4b046d749c016975

Headers

DLL Characteristics

File Characteristics

Imports

wininet

shlwapi

comctl32

winmm

msimg32

urlmon

version

kernel32

user32

gdi32

advapi32

shell32

ole32

gdiplus

rpcrt4

Sections

.text Size: 196KB - Virtual size: 195KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 6KB - Virtual size: 15KB

.rsrc Size: 87KB - Virtual size: 86KB

.reloc Size: 18KB - Virtual size: 17KB

.text
Size: 196KB - Virtual size: 195KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 6KB - Virtual size: 15KB

.rsrc
Size: 87KB - Virtual size: 86KB

.reloc
Size: 18KB - Virtual size: 17KB