276bbc82f039f854657dab49eb135745

Sharing

Copy URL Twitter E-mail

General

Target

276bbc82f039f854657dab49eb135745
Size

404KB
MD5

276bbc82f039f854657dab49eb135745
SHA1

eb9dbee67a3ea62e5ea7b52eb64f3d4f82e06de3
SHA256

e61bbb5ed601324b9a3d2f32b424ef01e53d8b35e3f9f01d63b9f476b1e709c9
SHA512

d11d10d4c9f8b6feeecd2200ec7f629871d91339147db675985faf193a777a8a9f14f98339e9e1aa3f19424c071b8b7523cf71d37832d99ca2361db94899ba26
SSDEEP

6144:4kziQsBSlulgabE8jgB/ym1hY3TYChjB57lQ8H5oh4alvLLhHhJRWfKlH1YYAk:4BKluXbEaW6h5ZV5ohxBLLhHhJVHCYA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
276bbc82f039f854657dab49eb135745

Files

276bbc82f039f854657dab49eb135745
.exe windows:4 windows x86 arch:x86

c6b693a67e510d8cfa92422e20441360

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

user32

CallMsgFilterW
GetMessageA
RegisterWindowMessageA
DispatchMessageA
PostThreadMessageA
CharNextA
TranslateMessage

azroles

AzSetProperty

inetcomm

MimeOleCreateMessage
MimeOleInetDateToFileTime
MimeOleGetPropertySchema
MimeOleGetInternat
MimeOleSetCompatMode

cfgmgr32

CM_Get_Version_Ex

ole32

ProgIDFromCLSID
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
PropVariantClear
CoTaskMemRealloc
CoCreateFreeThreadedMarshaler
CoCreateGuid
CoUninitialize

kernel32

GlobalHandle
QueryPerformanceCounter
GetSystemInfo
SetEndOfFile
SetEvent
GetDateFormatA
lstrlenW
GetCurrentProcessId
GlobalAlloc
GlobalLock
GlobalUnlock
IsValidCodePage
GetTimeZoneInformation
InterlockedExchange
FreeLibrary
lstrcatA
GlobalFree
HeapAlloc
GetLocaleInfoA
FormatMessageW
CreateFileW
WaitForSingleObject
GetCurrentThread
InitializeCriticalSection
GetSystemDefaultLangID
lstrcpynA
CopyFileA
WriteFile
GetModuleHandleA
TlsGetValue
ExitProcess
IsBadWritePtr
TlsAlloc
VirtualQuery
GetProcAddress
IsBadReadPtr
DeleteCriticalSection
FindNextFileA
GetVersionExA
GetLastError
VirtualFree
TlsFree
HeapFree
GetSystemTimeAsFileTime
SizeofResource
LoadLibraryA
HeapDestroy
GetTimeFormatW
IsDBCSLeadByteEx
SetUnhandledExceptionFilter
CompareFileTime
FlushFileBuffers
GetTimeFormatA
LoadLibraryExA
Sleep
GetCurrentProcess
SystemTimeToFileTime
CreateFileA
CloseHandle
GetStringTypeW
GetACP
FindClose
TlsSetValue
GetOverlappedResult
GetCurrentThreadId
GetSystemTime
FormatMessageA
GetUserDefaultLCID
LocalFree
GlobalReAlloc
FileTimeToSystemTime
IsDBCSLeadByte
LoadResource
FindFirstFileA
HeapCreate
GetThreadLocale
GetTempFileNameA
GetCPInfo
GetTempPathA
TerminateProcess
lstrcpyA
InterlockedIncrement
VirtualProtect
InterlockedDecrement
VirtualAlloc
GetFileTime
GetTickCount
MultiByteToWideChar
SetFileAttributesA
LeaveCriticalSection
GetDateFormatW
WideCharToMultiByte
EnterCriticalSection
SetFilePointer
CreateEventA
GetShortPathNameA
FindResourceA
lstrcmpiA
ReadFile
GetFileSize
GetLocaleInfoW
UnhandledExceptionFilter
lstrlenA
GetModuleFileNameA
ResetEvent

shlwapi

StrCatBuffW

advapi32

RegEnumKeyExA
RegQueryInfoKeyA
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RevertToSelf
RegNotifyChangeKeyValue
ImpersonateLoggedOnUser
RegDeleteValueA
RegOpenKeyExA
RegEnumValueA
OpenThreadToken
RegSetValueExA

wininet

InternetCombineUrlA
InternetCrackUrlA

urlmon

CoInternetGetSession
CoInternetParseUrl
UrlMkSetSessionOption
CopyBindInfo

Sections

.text
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 110KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6b693a67e510d8cfa92422e20441360

Headers

DLL Characteristics

File Characteristics

Imports

version

user32

azroles

inetcomm

cfgmgr32

ole32

kernel32

shlwapi

advapi32

wininet

urlmon

Sections

.text Size: 138KB - Virtual size: 137KB

.idata Size: 4KB - Virtual size: 4KB

.data Size: 110KB - Virtual size: 2.4MB

.reloc Size: 512B - Virtual size: 32B

.rdata Size: 125KB - Virtual size: 125KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 138KB - Virtual size: 137KB

.idata
Size: 4KB - Virtual size: 4KB

.data
Size: 110KB - Virtual size: 2.4MB

.reloc
Size: 512B - Virtual size: 32B

.rdata
Size: 125KB - Virtual size: 125KB

.rsrc
Size: 24KB - Virtual size: 24KB