509d2a74af05f7c3676392ead32d83e3

Sharing

Copy URL Twitter E-mail

General

Target

509d2a74af05f7c3676392ead32d83e3
Size

444KB
MD5

509d2a74af05f7c3676392ead32d83e3
SHA1

b979d1264cf15bba9d0820cadce2216b75af06a8
SHA256

c25b80db452628294d8d2e48ca3ea9d3db309d92e85068b677dad26243a358d9
SHA512

8acb879fa3b547046117812f2e219794f67d0cacba8c1c7600e6f0cd3891f627cc39508a68f15ca28f28fcb13d0b8f572638e02004d2d6549ad553e65bf4831c
SSDEEP

12288:2xqHmW8DMDQcdQxw7P50pxRsEkcnjLnOeJErr1GoX:emmdVcdySP5KxkofnOeJEN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
509d2a74af05f7c3676392ead32d83e3

Files

509d2a74af05f7c3676392ead32d83e3
.exe windows:4 windows x86 arch:x86

5fb82d0e304833bb82f74acaab2a6e59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExW
RegSetValueW

comdlg32

PageSetupDlgA
ChooseFontW
PrintDlgA
ChooseColorA
GetOpenFileNameA
PrintDlgW

shell32

SHEmptyRecycleBinW
SHFileOperation
RealShellExecuteA
SHQueryRecycleBinA
SheChangeDirA
SHGetDataFromIDListA
CheckEscapesW
DragFinish
SHFormatDrive
ShellHookProc
SHGetPathFromIDListW
SHFileOperationA
SHGetSettings
DragQueryFile
FreeIconList
SheGetDirA
SHGetDesktopFolder

wininet

RetrieveUrlCacheEntryStreamA
FindNextUrlCacheEntryExA
FtpCommandW
InternetFindNextFileA
FtpOpenFileA
IncrementUrlCacheHeaderData
FtpDeleteFileW
FtpGetFileSize
InternetConfirmZoneCrossing
RegisterUrlCacheNotification
RunOnceUrlCache
InternetAlgIdToStringA
InternetCheckConnectionA
FtpCreateDirectoryA
HttpAddRequestHeadersA
FtpFindFirstFileW
InternetSetOptionW
FtpPutFileEx
RetrieveUrlCacheEntryStreamW
InternetDialW
DetectAutoProxyUrl
InternetCheckConnectionW
GetUrlCacheEntryInfoExA
UnlockUrlCacheEntryFileW

kernel32

GetCPInfo
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
CompareStringA
InterlockedExchange
SetEnvironmentVariableA
GetLocaleInfoA
GetCurrentProcess
GetUserDefaultLCID
LoadLibraryA
Sleep
GetProcAddress
UnhandledExceptionFilter
ConvertDefaultLocale
GetProcessHeap
LocalCompact
EnumResourceLanguagesW
InitializeCriticalSection
GetEnvironmentStringsW
MultiByteToWideChar
GetEnvironmentStrings
InterlockedIncrement
GetDateFormatA
DeleteCriticalSection
GetModuleFileNameA
IsDebuggerPresent
GetStartupInfoA
GetCurrentThread
CreateMailslotW
GetStartupInfoW
LocalLock
GlobalFix
RtlZeroMemory
EnumCalendarInfoA
GetVersionExA
GetSystemInfo
HeapReAlloc
VirtualQuery
FindNextFileW
FillConsoleOutputCharacterA
HeapDestroy
ReadConsoleOutputA
TerminateProcess
GetFileType
GetCommandLineA
HeapAlloc
SetConsoleWindowInfo
FreeLibraryAndExitThread
TlsSetValue
SetComputerNameA
FreeEnvironmentStringsW
GetLastError
IsValidLocale
TlsAlloc
EnumSystemLocalesA
GetAtomNameW
QueryPerformanceCounter
GetOEMCP
FreeLibrary
TlsFree
GetCommandLineW
GetNumberFormatA
GetCurrentThreadId
WriteFile
WideCharToMultiByte
GetTimeZoneInformation
HeapSize
LeaveCriticalSection
GetStringTypeW
LCMapStringW
CompareStringW
GetComputerNameA
GetTickCount
SetHandleCount
VirtualAlloc
LCMapStringA
SetLastError
GetACP
GetCurrentProcessId
GetModuleFileNameW
InterlockedDecrement
ExitProcess
IsValidCodePage
GetModuleHandleA
GetTimeFormatA
HeapFree
RtlUnwind
GetStringTypeA
GetStdHandle
GetLocaleInfoW
HeapCreate
EnterCriticalSection
VirtualFree
TlsGetValue
GetSystemTimeAsFileTime
SetConsoleCtrlHandler

user32

FreeDDElParam
ToAscii
CreateDialogIndirectParamW
SetRect
ToUnicodeEx
CharLowerBuffA
CallNextHookEx
EnumDisplayDevicesW
AnyPopup
RealChildWindowFromPoint
SetCursor
FillRect
GrayStringA
DdeSetUserHandle
ScrollWindowEx
GetMenuItemCount

Sections

.text
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 278KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fb82d0e304833bb82f74acaab2a6e59

Headers

File Characteristics

Imports

advapi32

comdlg32

shell32

wininet

kernel32

user32

Sections

.text Size: 157KB - Virtual size: 157KB

.data Size: 278KB - Virtual size: 302KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 157KB - Virtual size: 157KB

.data
Size: 278KB - Virtual size: 302KB

.rsrc
Size: 7KB - Virtual size: 7KB