250c60b8db3258394585a0b1ff4b49b3

General

Target

250c60b8db3258394585a0b1ff4b49b3
Size

190KB
MD5

250c60b8db3258394585a0b1ff4b49b3
SHA1

bb1c0020319888dba11816456f9f9e8c13182278
SHA256

75f286a639affdd881c171e678847cbfd77130af749a556654a3c0611e509a27
SHA512

fa66f7b5159805f97d94beb4cc4cb5a206664520e81dbd949d251349d87448441f51bb8565ded86f4ba3050aeee6cb2df4f35b8b06ddcf5d7c9c71ac03599907
SSDEEP

3072:LRyLuP12+QVYfQSdvPop+tik3TwX0siv4hhfiZQvhKiptPPOUPjz+auv:92C2+E0jPoQtiusliZUhKipYUrz+aS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
250c60b8db3258394585a0b1ff4b49b3

Files

250c60b8db3258394585a0b1ff4b49b3
.exe windows:4 windows x86 arch:x86

abdcfac06b4ba60278e0f09052344951

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

timeGetTime
timeSetEvent

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

user32

PostThreadMessageA
CreateDialogParamA
GetDesktopWindow
GetQueueStatus
wsprintfA
MsgWaitForMultipleObjects
ShowWindow
RealGetWindowClassW
DispatchMessageA
PeekMessageA
DestroyWindow
GetDC
ReleaseDC
RegisterWindowMessageA
wvsprintfA

kernel32

GetTickCount
CreateFiber
GetLastError
SetThreadContext
VirtualFree
SetThreadPriority
GetSystemTime
EnumResourceNamesW
GetThreadPriority
GetCurrentThread
GetCurrentThreadId
WaitForMultipleObjects
GetACP
lstrcatA
IsBadReadPtr
CreateSemaphoreA

wininet

InternetCloseHandle
InternetOpenUrlA
InternetReadFile
InternetOpenA

advapi32

CryptReleaseContext
CryptHashData
RegDeleteValueA
RegOpenKeyExA
CryptCreateHash
GetUserNameA
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA
RegEnumValueA
RegQueryValueExA
CryptEncrypt
CryptDestroyHash
CryptGetHashParam
CryptImportKey
CryptDestroyKey
RegCloseKey

Sections

.text
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abdcfac06b4ba60278e0f09052344951

Headers

File Characteristics

Imports

winmm

setupapi

user32

kernel32

wininet

advapi32

Sections

.text Size: 171KB - Virtual size: 171KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 15KB - Virtual size: 14KB

.tls Size: 512B - Virtual size: 80KB

.text
Size: 171KB - Virtual size: 171KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 15KB - Virtual size: 14KB

.tls
Size: 512B - Virtual size: 80KB