10bcd335039a107c533a6e980ff32d90

Sharing

Copy URL

Twitter E-mail

General

Target

10bcd335039a107c533a6e980ff32d90
Size

348KB
MD5

10bcd335039a107c533a6e980ff32d90
SHA1

a8115f4e34fa5e48f7fb169da4185a01dbfa3ea4
SHA256

a218f9c8795c7c80223c94568a72d546c08447fb57a77093a4e2f701159261ff
SHA512

c5c5c3f6b956b065eb330989ebbc29d38c4c66177f5ed5b2d104d134aa3a9bff2549df90efa109678a9c3afd24fd51826c16af4f99288d80d8d7daa7018708a0
SSDEEP

6144:fnuqvHAKGdifz+hyTtLWzn4x6UCJZs+fJ3+x/JZo//BFkNBWYZW8rOvv/:fuqvgKGdUQYtL448UCJe+ft+xw//nkja

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10bcd335039a107c533a6e980ff32d90

Files

10bcd335039a107c533a6e980ff32d90
.exe windows:4 windows x86 arch:x86

c2d2a4fe6563086de0ffd1a4813ab5e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

BitBlt
PlayMetaFileRecord
GetObjectW
ScaleWindowExtEx
SelectPalette
GetTextMetricsW
GetCurrentPositionEx
SetPolyFillMode
CreateSolidBrush
GetDeviceCaps
OffsetWindowOrgEx
SetMapMode
SetWorldTransform
SetTextColor
GetViewportExtEx
GetClipRgn
SetViewportOrgEx
LineTo
OffsetClipRgn
PolyBezierTo
PtVisible
SelectClipRgn
GetObjectType

user32

IsDlgButtonChecked
GetDesktopWindow
GetActiveWindow
SetCursor
GetMenuItemInfoW
PostQuitMessage
ScrollWindow
CallNextHookEx
GetNextDlgTabItem
LoadBitmapW
ShowScrollBar
GetMenu
AdjustWindowRectEx
IsWindowVisible
OffsetRect

comdlg32

PrintDlgA
GetOpenFileNameA

rpcrt4

RpcBindingFromStringBindingW
NdrClientCall2
RpcStringBindingComposeA
RpcBindingFromStringBindingA

version

GetFileVersionInfoSizeA

kernel32

GlobalUnlock
GetFileAttributesW
GlobalHandle
SetLastError
FindFirstFileW
GlobalLock
HeapFree
HeapReAlloc
LockFile
lstrcmpiW
GlobalGetAtomNameW
MoveFileW
InterlockedIncrement
ConvertDefaultLocale
GetModuleHandleA
GlobalDeleteAtom
CopyFileW
SystemTimeToFileTime
GetCurrentProcess
GetModuleFileNameW
SuspendThread
CompareStringW
HeapAlloc
VirtualAlloc
ResetEvent
LocalAlloc
GetFileTime
GlobalReAlloc
GetThreadLocale
InitializeCriticalSection
GetCurrentThread
GetAtomNameW
TlsGetValue
GetProcessHeap
GetFileAttributesA
lstrcmpA
GetSystemInfo
WriteFile
CreateFileW
FindNextFileW
GlobalAddAtomW
WaitForSingleObject
SetEvent
lstrlenA
DeleteCriticalSection
UnlockFile
LoadResource
TlsSetValue
LocalReAlloc
GlobalFree
SetThreadPriority
FindClose
SetFileAttributesW
SizeofResource
GetVersionExW
GetPrivateProfileIntW
LockResource
TlsAlloc
FileTimeToSystemTime
SetErrorMode
CloseHandle
InterlockedExchange
DeleteFileW
MulDiv
GetStringTypeExW
GetShortPathNameW
LocalFileTimeToFileTime
SetFilePointer
GetVolumeInformationW
GetFileSize
CreateProcessW
SetEndOfFile
GetVersion
GetCurrentThreadId
FlushFileBuffers
lstrcmpW
GlobalFindAtomW
TlsFree
ResumeThread
DuplicateHandle
CreateEventW
GetCurrentProcessId
ReadFile
GetLastError
GetLocaleInfoW
GetVersionExA
FileTimeToLocalFileTime
FindResourceW
GlobalFlags
GlobalAlloc
FreeResource
FormatMessageW
GetUserDefaultLCID
lstrlenW
GetFullPathNameW
EnumResourceLanguagesW
GlobalSize
LeaveCriticalSection
SetFileTime
LoadLibraryA

advapi32

GetSecurityDescriptorOwner
GetAce
RegCloseKey
CryptReleaseContext
RegEnumKeyExW
AllocateAndInitializeSid
RegDeleteKeyW
CryptDestroyHash
IsValidSid
QueryServiceStatus
CryptDestroyKey
FreeSid
InitializeSecurityDescriptor
GetSidSubAuthority
RegOpenKeyExA
GetSidIdentifierAuthority
CryptHashData

shell32

SHGetFileInfoW
Shell_NotifyIconW

shlwapi

PathFindFileNameW
PathFindExtensionW
PathIsUNCW
PathStripToRootW
PathRemoveExtensionW

ws2_32

WSAGetLastError

ole32

CLSIDFromString
StringFromCLSID

wininet

FtpCommandA

Sections

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c2d2a4fe6563086de0ffd1a4813ab5e5

Headers

File Characteristics

Imports

gdi32

user32

comdlg32

rpcrt4

version

kernel32

advapi32

shell32

shlwapi

ws2_32

ole32

wininet

Sections

.rsrc Size: 28KB - Virtual size: 28KB

.data Size: 10KB - Virtual size: 1.0MB

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 280KB - Virtual size: 279KB

.reloc Size: 512B - Virtual size: 20B

.rsrc
Size: 28KB - Virtual size: 28KB

.data
Size: 10KB - Virtual size: 1.0MB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 280KB - Virtual size: 279KB

.reloc
Size: 512B - Virtual size: 20B