15fdbd340dff7429f233290a6a304226

Sharing

Copy URL Twitter E-mail

General

Target

15fdbd340dff7429f233290a6a304226
Size

461KB
MD5

15fdbd340dff7429f233290a6a304226
SHA1

8a09917de2b1b3b7a48e3a2418c7918f91336493
SHA256

15a09b37bd174a72b2aa8f51c8e432cafc0759f25ce12efa0568da90f9bcbd9d
SHA512

f2e2cc7469360b64f9475da06b1f52e09a337473bb8bcc4663f23ca54856b9fbc7bd24dedb000707f45fd6118bc4a6b33798e6494cd8541b75940917b4d41a05
SSDEEP

6144:Hcq0ZxUax+bxaZ/JU8UoyCMc/KmQ34TD+g1fmZRhuGH5lCMF7ahCaeJes0fQ9F95:8q6x+EZi0yCMZmvf+ym1NlaMes0sr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15fdbd340dff7429f233290a6a304226

Files

15fdbd340dff7429f233290a6a304226
.exe windows:5 windows x86 arch:x86

6f5e8632da78a442fe5f4022aae8e086

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrCatW
StrStrIW
StrChrW

kernel32

ExitProcess
ReadFile
SetFilePointer
CloseHandle
CreateFileW
IsWow64Process
GetCurrentProcess
GetVersionExW
lstrcatW
lstrcpyW
GetFileSize
GetTickCount
GetLastError
WaitForSingleObject
CreateProcessW
FreeLibrary
LoadLibraryExW
GetTempPathW
GetTempFileNameW
VirtualFree
lstrlenW
GetCommandLineW
WriteFile
DeleteFileW
VirtualAlloc
GetModuleFileNameW
SetEvent
OpenEventW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetCurrentProcessId
GetStartupInfoW
lstrcmpW
GetEnvironmentStringsW
UnmapViewOfFile
VirtualQuery
MapViewOfFile
OpenFileMappingW
Thread32Next
Thread32First
GetCurrentThreadId
GetCommandLineA
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleW
Sleep
GetProcAddress
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapCreate
HeapFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

wsprintfW

shell32

ShellExecuteW

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f5e8632da78a442fe5f4022aae8e086

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

shell32

Sections

.text Size: 27KB - Virtual size: 27KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 3KB - Virtual size: 1.1MB

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 3KB - Virtual size: 1.1MB

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 6KB - Virtual size: 6KB