122d7d44453770210d5309481f945953

Sharing

Copy URL Twitter E-mail

General

Target

122d7d44453770210d5309481f945953
Size

242KB
MD5

122d7d44453770210d5309481f945953
SHA1

59b7ef67d944804759c8d778488b2a042ca69991
SHA256

79ec6842e80870fd50ffabae9a882449fef5dadb93e5dd4f586cdc45d0334a52
SHA512

1158c1044898b88c5d869865de1574f5d3772ba171bca98cc95c309dc822266b2ba9a05352883d5b687f31b4170961c6a958d0b89be080c3ab0da45cf8cd3f87
SSDEEP

3072:JLPiPdboO7PH3n0wRrZ7SRCTTt/29cLiLKiV5VNMqW8ouSINHI3u/0RC81LRkYmV:JLPiPdUOXNgiwcLb7qbo9e/Y1LvkarE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
122d7d44453770210d5309481f945953

Files

122d7d44453770210d5309481f945953
.exe windows:4 windows x86 arch:x86

c31c1bf8d61cc69ef1c70ed220bcf4a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHChangeNotify
SHGetDataFromIDListA
DoEnvironmentSubstW
SHBrowseForFolderW
ShellExecuteA
SHGetSpecialFolderPathW
SHGetDiskFreeSpaceA
SHGetDataFromIDListW
DuplicateIcon
FindExecutableA
SHBrowseForFolderA
SHInvokePrinterCommandW
ShellExecuteExA
ExtractAssociatedIconExA
ExtractIconExW
SheSetCurDrive
DragQueryFileA
SHFileOperationA
ShellExecuteW
SHGetFileInfo

wininet

InternetCheckConnectionA
FtpGetCurrentDirectoryA
InternetQueryDataAvailable
CommitUrlCacheEntryW
InternetCrackUrlA
ResumeSuspendedDownload
GetUrlCacheEntryInfoExA
GetUrlCacheEntryInfoW
InternetCreateUrlA
RetrieveUrlCacheEntryStreamA
RegisterUrlCacheNotification
InternetFindNextFileA
InternetTimeToSystemTimeA
InternetConnectA
HttpAddRequestHeadersA
InternetHangUp
HttpEndRequestW
InternetSetDialState

advapi32

CryptSetHashParam
RegConnectRegistryA
RegRestoreKeyW
CryptImportKey
RegEnumKeyExA
CryptGetDefaultProviderW
CryptGenRandom
CryptDecrypt

comdlg32

ReplaceTextW
GetOpenFileNameW
ChooseFontW
FindTextA
ChooseColorW
ReplaceTextA

kernel32

SetLastError
LeaveCriticalSection
SetHandleCount
SetComputerNameW
RtlUnwind
LCMapStringW
CompareStringW
HeapCreate
LoadLibraryA
TlsFree
GetModuleFileNameA
GetStringTypeA
GetOEMCP
VirtualAlloc
GetVersionExA
GetProcAddress
LCMapStringA
FindResourceA
TerminateProcess
GetCurrentThreadId
GetCurrentProcess
CloseHandle
GetTickCount
GetVersion
VirtualFree
ExitProcess
InterlockedDecrement
GetFileType
GetModuleHandleA
QueryPerformanceCounter
DeleteCriticalSection
WriteFile
VirtualQuery
EnterCriticalSection
GetStartupInfoA
VirtualUnlock
MultiByteToWideChar
GetProfileSectionW
IsBadWritePtr
RemoveDirectoryW
GetEnvironmentStrings
GetFullPathNameW
GetEnvironmentStringsW
GetCPInfo
GetStringTypeW
WideCharToMultiByte
HeapFree
SetConsoleOutputCP
GetACP
TlsGetValue
GetLastError
GetCurrentProcessId
TlsSetValue
SetConsoleWindowInfo
GetStdHandle
TlsAlloc
FreeEnvironmentStringsW
GetCommandLineA
GetProfileSectionA
HeapReAlloc
GetCurrentThread
UnhandledExceptionFilter
EnumCalendarInfoExW
MoveFileExA
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
InitializeCriticalSection
HeapAlloc
HeapDestroy
InterlockedExchange

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c31c1bf8d61cc69ef1c70ed220bcf4a0

Headers

File Characteristics

Imports

shell32

wininet

advapi32

comdlg32

kernel32

Sections

.text Size: 99KB - Virtual size: 99KB

.data Size: 131KB - Virtual size: 131KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 99KB - Virtual size: 99KB

.data
Size: 131KB - Virtual size: 131KB

.rsrc
Size: 10KB - Virtual size: 10KB