309198c84e5169e6eae4b506f8c7fd58

Sharing

Copy URL

Twitter E-mail

General

Target

309198c84e5169e6eae4b506f8c7fd58
Size

242KB
MD5

309198c84e5169e6eae4b506f8c7fd58
SHA1

d8ef92c1fe210cce1383ab7619ad0f0c8bf6f1ba
SHA256

ecafbcbd5e8da19ca82736b5d4e8dca4be8cfc4cee260b700cc8a21d5b1b22d9
SHA512

233dcc982fc2ececb0b223bbfd68695a0f28a0349554bc41624e816d8ff6350d9995479e051b3e99d17c3caf84f7c8a108373caa30baf9b28c0ff408e588d453
SSDEEP

6144:UlAWXgur4Bycndh6yP3KJMlhnGjrGLgOWxe10M5Kz4:Sgu4BLdh6yPaJshgjo57

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
309198c84e5169e6eae4b506f8c7fd58

Files

309198c84e5169e6eae4b506f8c7fd58
.exe windows:4 windows x86 arch:x86

90e243cce01b6b86a6f60b93562e6566

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

msvcrt

malloc
_ismbblead
__CxxFrameHandler
__p__commode
_CxxThrowException
_wcsnicmp
__setusermatherr
_vsnwprintf
wcslen
__dllonexit
exit
free
_acmdln
_exit
_adjust_fdiv
_initterm
_amsg_exit
__p__fmode
??1type_info@@UAE@XZ
__set_app_type
memset
_controlfp
wcscmp
_c_exit
realloc
swscanf
_mbsrchr
_XcptFilter
_wtoi
__getmainargs
_onexit
_cexit
_except_handler3

user32

MoveWindow
CharNextA
GetClassNameA
GetAsyncKeyState
LoadIconA
GetWindowRect
PeekMessageA
GetMessageA
PostThreadMessageA
IsWindow
RegisterWindowMessageA
GetParent
DestroyWindow
LoadCursorA
KillTimer
MessageBoxW
SetRect
MessageBoxA
MessageBeep
OffsetRect
DispatchMessageA
TranslateMessage
FillRect
BeginPaint
SystemParametersInfoA
SetTimer
SendMessageA
DestroyIcon
GetMessageW
GetActiveWindow
SetCursor
TranslateAcceleratorA
GetWindowPlacement
WaitMessage
SetWindowPos
PostQuitMessage
GetClientRect
GetSystemMetrics
UpdateWindow
EnumWindowStationsA
EndPaint
LoadAcceleratorsA
IsIconic
EnableWindow
GetCursorPos
GetWindowLongA
ShowWindow
SetFocus
SetWindowLongA
GetFocus

crypt32

CryptHashPublicKeyInfo

ole32

CoTaskMemFree
OleSetClipboard
OleFlushClipboard
CoRegisterClassObject
CoRevokeClassObject
OleUninitialize
CoTaskMemRealloc
RevokeDragDrop
CoRegisterMessageFilter
CoCreateInstance
StringFromGUID2
RegisterDragDrop
CoTaskMemAlloc
OleGetClipboard

advapi32

RegCreateKeyExA
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegDeleteKeyA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegEnumKeyExA
RegQueryInfoKeyA

kernel32

GetFileAttributesW
GetModuleHandleA
SizeofResource
InterlockedIncrement
FreeLibrary
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetConsoleWindow
VirtualProtect
GetVersion
DeleteCriticalSection
CreateThread
OutputDebugStringA
AddAtomA
GetSystemDirectoryW
FindResourceA
QueryPerformanceCounter
GetFileSize
LoadResource
GetCurrentProcessId
GetLocaleInfoA
InterlockedExchange
TerminateProcess
IsDBCSLeadByte
WaitForSingleObject
LocalAlloc
GetLastError
LoadLibraryA
RaiseException
SetEvent
GetModuleFileNameA
LocalFree
GetThreadLocale
GetCurrentProcess
SetLastError
ExitProcess
lstrcmpiA
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
VirtualAlloc
lstrlenW
LoadLibraryExA
GetCommandLineW
CloseHandle
CreateEventA
lstrcpynA
WideCharToMultiByte
GetVersionExA
LoadLibraryExW
MultiByteToWideChar
InterlockedDecrement
FormatMessageA
LoadLibraryW
GetCurrentThreadId
GetTickCount
InitializeCriticalSection
ExitProcess
GetACP
lstrlenA
GetModuleFileNameW
Sleep
SetErrorMode
GetStartupInfoA

wintrust

WinVerifyTrust
WTHelperGetProvSignerFromChain
WTHelperGetProvCertFromChain
WTHelperProvDataFromStateData

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90e243cce01b6b86a6f60b93562e6566

Headers

File Characteristics

Imports

msvcrt

user32

crypt32

ole32

advapi32

kernel32

wintrust

Sections

.text Size: 112KB - Virtual size: 112KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 110KB - Virtual size: 110KB

.rsrc Size: 13KB - Virtual size: 137KB

.text
Size: 112KB - Virtual size: 112KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 110KB - Virtual size: 110KB

.rsrc
Size: 13KB - Virtual size: 137KB