311cb2d2d503584bb370775040afa3e0

General

Target

311cb2d2d503584bb370775040afa3e0
Size

197KB
MD5

311cb2d2d503584bb370775040afa3e0
SHA1

35b039094efb26afed79888fcd2bbc2fbc278386
SHA256

e21aab6b23f522dc89cd662c16188560bf38789810e11113161e7bd2339052de
SHA512

ecaa29f62f6a97525df32f25f098054fab2b43d33dfbf908d90ff3ac8282f1d31c7ee2f0a43ea604dd13bf1afb3718c9337c7a1b7fc9a2b02f22e762772eace4
SSDEEP

6144:DDtxEPb/lvvHVBfg9t3io4TIJ7gN0AnM1sU1JC0:DkPhvv1aB4vMJC0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
311cb2d2d503584bb370775040afa3e0

Files

311cb2d2d503584bb370775040afa3e0
.exe windows:4 windows x86 arch:x86

18ca1f5698e86d7f7a28c97342cf42a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetACP
CreateFiberEx
GetThreadPriority
GetSystemTime
CancelIo
WaitForMultipleObjects
EnumResourceNamesW
VirtualFree
GetCurrentThreadId
GetLastError
GetTickCount
IsBadReadPtr
SetThreadPriority
FlushFileBuffers
GetCurrentThread
CreateSemaphoreA

user32

PeekMessageA
RegisterWindowMessageA
MsgWaitForMultipleObjects
DispatchMessageA
PostThreadMessageA
wsprintfA
CreateDialogParamA
RealGetWindowClassA
DestroyWindow
GetQueueStatus
ReleaseDC
GetDC
ShowWindow
GetDesktopWindow
wvsprintfA

advapi32

RegOpenKeyExA
CryptReleaseContext
RegEnumValueA
RegDeleteValueA
RegCreateKeyExA
CryptGetHashParam
CryptImportKey
GetUserNameA
CryptCreateHash
RegQueryValueExA
RegEnumKeyExA
CryptDestroyKey
CryptDestroyHash
CryptEncrypt
CryptHashData
RegSetValueExA
RegCloseKey

winmm

timeGetTime
timeSetEvent

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA

Sections

.text
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18ca1f5698e86d7f7a28c97342cf42a7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

winmm

setupapi

wininet

Sections

.text Size: 170KB - Virtual size: 170KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 23KB - Virtual size: 23KB

.tls Size: 512B - Virtual size: 356KB

.text
Size: 170KB - Virtual size: 170KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 23KB - Virtual size: 23KB

.tls
Size: 512B - Virtual size: 356KB