0215f097f35157957e021544a8414539

Sharing

Copy URL

Twitter E-mail

General

Target

0215f097f35157957e021544a8414539
Size

65KB
MD5

0215f097f35157957e021544a8414539
SHA1

673f84f9728312a7e6838554c41ecb80d5fbcd27
SHA256

77f29a072ecfa615f48317f32a6791bb2d48fc6c96ef6ada8f6f1cf7d78845fb
SHA512

b37b6c79480ad03e43057f22297b35415651f6fcb145eee9c18994a3ff9f68aecd7eced59f0f9023cf217d1c4629f7e3c20ee1e13cb67247bc615ce9ac0e7e6e
SSDEEP

1536:rNKHWMQ14SFSEy2lLYuyshS7tnbr2uqQ1e3DU/9lJV8K:eWJ14SFfyMLYKSVqxDcl5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0215f097f35157957e021544a8414539

Files

0215f097f35157957e021544a8414539
.exe windows:5 windows x86 arch:x86

7346577445516ad3e97d77238515bc17

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsURLW
PathFindFileNameW
StrDupW
StrCatBuffW
PathRemoveFileSpecA
PathSkipRootW
PathIsRootW
StrChrW
StrToIntW
StrToIntExW
SHDeleteValueA
PathFindExtensionW
SHStrDupW
PathFindExtensionA
StrCpyW
PathRemoveFileSpecW
StrRetToBufW
SHSetValueW
PathIsUNCW
PathGetDriveNumberW
StrCmpW
PathRemoveBlanksW
SHGetValueW
PathFileExistsW
StrCmpNIA
PathAppendA
UrlCanonicalizeW
StrCatW
PathRemoveBackslashW

msvcrt

_wsplitpath
strrchr
_CIpow
_unlock
_ltoa
wcsstr
_wfopen
_ultow
iswalpha
wcsncat
srand
_ftol
_c_exit
__set_app_type
_snprintf
fread
fflush
__initenv
__p__commode
isalnum
strstr
isdigit
iswspace
__setusermatherr
__p__fmode
_vsnprintf
fprintf
memset

kernel32

GetCurrentProcessId
SetEndOfFile
LeaveCriticalSection
GetConsoleOutputCP
ExitProcess
GetCommandLineA
lstrcpynA
InitializeCriticalSectionAndSpinCount
ResetEvent
GetCurrentThreadId
GetFileAttributesW
GetModuleFileNameA
DeleteFileW
CreateFileW
VirtualFree
lstrcpynW
GetThreadLocale
WriteFile
QueryPerformanceCounter
TlsSetValue
GetFileType
CompareStringW
GetCurrentThread
GetProcessHeap
HeapAlloc
lstrcmpW
VirtualQuery
CreateEventW
LoadLibraryW
FindResourceA
DeleteFileA
CreateMutexA
GetStringTypeW
SetErrorMode
VirtualAlloc
lstrcatA
DisableThreadLibraryCalls
GetExitCodeThread
lstrcatW
HeapReAlloc
GetSystemDirectoryA
SetStdHandle
SystemTimeToFileTime
GetStringTypeA
lstrcmpA

ole32

CreateILockBytesOnHGlobal
ReadFmtUserTypeStg
CoSetProxyBlanket
OleRun
PropVariantClear
CoInitializeSecurity
OleLoadFromStream
IIDFromString
ProgIDFromCLSID
PropVariantCopy
OleRegGetUserType
CoUnmarshalInterface
CoFreeUnusedLibraries
MkParseDisplayName
CoInitializeEx
CoGetInterfaceAndReleaseStream
CoMarshalInterface
StgOpenStorage
CoCreateGuid
CreateOleAdviseHolder
GetRunningObjectTable
StgCreateDocfileOnILockBytes
OleSaveToStream
GetHGlobalFromStream
CreateBindCtx
CoRevokeClassObject
OleUninitialize
OleRegGetMiscStatus
StringFromCLSID

version

VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoW
VerQueryValueA

ntdll

RtlSetSaclSecurityDescriptor
RtlRaiseStatus
RtlValidSid
RtlInitializeCriticalSection
RtlAddAccessAllowedAce
RtlSetDaclSecurityDescriptor
NtCreateSection
NtAdjustPrivilegesToken
NtDeleteValueKey
NtQueryVolumeInformationFile
NtCancelIoFile
RtlAcquireResourceShared
RtlSystemTimeToLocalTime
RtlUpcaseUnicodeChar
memmove
NlsMbCodePageTag
DbgBreakPoint
NlsMbOemCodePageTag
DbgPrint
RtlOpenCurrentUser
RtlAppendUnicodeStringToString

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 486B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7346577445516ad3e97d77238515bc17

Headers

File Characteristics

Imports

shlwapi

msvcrt

kernel32

ole32

version

ntdll

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 24KB - Virtual size: 84KB

.idata Size: 21KB - Virtual size: 21KB

.reloc Size: 512B - Virtual size: 486B

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 24KB - Virtual size: 84KB

.idata
Size: 21KB - Virtual size: 21KB

.reloc
Size: 512B - Virtual size: 486B