521280d9316b29b05f6962bfad87d91c

Sharing

Copy URL Twitter E-mail

General

Target

521280d9316b29b05f6962bfad87d91c
Size

249KB
MD5

521280d9316b29b05f6962bfad87d91c
SHA1

32f94bcd6f0807662e5ec7bdf531dc1628abcd8d
SHA256

c6184929fe6aae76fa8c226eb3d9025e17180bfe746cddb829d14a3cae187f26
SHA512

e63615feb7756c6fa6d99346b09b7b4e7aad74c75e7cf1af4d54a46bcff8ae75dc8e97f1388a5f5dfa6e866a261682284ca480f1ef816e9b0e6d8e2259a9d17b
SSDEEP

6144:QyU2YIFVhLEaefemkTnoInO+KLKRxvtnMGRzZWPK2uTw3:AK9EbemHIn7NnhRQ4M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
521280d9316b29b05f6962bfad87d91c

Files

521280d9316b29b05f6962bfad87d91c
.exe windows:4 windows x86 arch:x86

bce591bec201097ae85e6f56e303e3da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProfileStringA
GetOEMCP
SetHandleCount
VirtualAllocEx
GetEnvironmentStringsW
ResetEvent
HeapAlloc
VirtualFree
SetLastError
IsValidCodePage
TlsAlloc
SetEvent
DeleteFiber
DeleteCriticalSection
SetConsoleCtrlHandler
SetEnvironmentVariableA
CompareStringA
GetLocaleInfoA
GetLocaleInfoW
GlobalFindAtomA
LeaveCriticalSection
FreeEnvironmentStringsW
GetModuleHandleW
FreeLibrary
InterlockedIncrement
GetStringTypeA
Sleep
GetLastError
GetProcAddress
OutputDebugStringA
GetFileType
TlsSetValue
GlobalFlags
FreeEnvironmentStringsA
CreateNamedPipeW
GetStringTypeW
VirtualQuery
IsDebuggerPresent
TlsGetValue
LCMapStringA
CompareStringW
GetTimeZoneInformation
SetUnhandledExceptionFilter
GetEnvironmentStrings
HeapReAlloc
InterlockedDecrement
ExitProcess
DebugActiveProcess
FindNextFileA
VirtualAlloc
UnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcess
HeapDestroy
GetModuleHandleA
GetCommandLineA
GetUserDefaultLCID
HeapCreate
GetCurrentThreadId
LCMapStringW
WriteFile
EnumSystemLocalesA
GetCurrentThread
GetCurrentProcessId
GetModuleFileNameA
HeapSize
EnterCriticalSection
FormatMessageW
GetTickCount
GetStdHandle
GetPrivateProfileIntA
GetCPInfo
MultiByteToWideChar
IsValidLocale
RtlUnwind
GetACP
GetSystemTimeAsFileTime
InterlockedExchange
InitializeCriticalSectionAndSpinCount
SetConsoleActiveScreenBuffer
TryEnterCriticalSection
GetDateFormatA
WideCharToMultiByte
GetStartupInfoA
GetTimeFormatA
HeapFree
TerminateProcess
LoadLibraryA
RemoveDirectoryW
TlsFree

user32

SubtractRect
CreateDesktopW
UnloadKeyboardLayout
RegisterClassW
SetWindowPlacement
EnumDisplayDevicesA
InvertRect
ChangeDisplaySettingsW
GetWindowWord
LoadBitmapW
OemToCharBuffA
ActivateKeyboardLayout
TileWindows
DdeInitializeA
DrawTextW
GetWindowInfo
RegisterClipboardFormatW
GetScrollBarInfo
EndPaint
EnumThreadWindows
GetMenuState
GetAsyncKeyState

wininet

InternetCloseHandle
SetUrlCacheEntryGroupW
FtpOpenFileW
DeleteUrlCacheEntryA
InternetConnectA
ShowX509EncodedCertificate
HttpSendRequestExA
DeleteUrlCacheEntry
InternetQueryFortezzaStatus
FtpGetFileW
FtpCommandW
SetUrlCacheConfigInfoW
FtpCreateDirectoryW
HttpOpenRequestW
InternetGetCertByURLA
FindNextUrlCacheContainerW
FtpRemoveDirectoryA
InternetFindNextFileA
InternetFindNextFileW
InternetCheckConnectionA
DeleteUrlCacheEntryW
RetrieveUrlCacheEntryFileA
FtpSetCurrentDirectoryA

advapi32

RegConnectRegistryW
RegEnumKeyA
RevertToSelf
RegOpenKeyExW
CryptImportKey
DuplicateTokenEx
RegFlushKey
RegDeleteValueA
RegCreateKeyW
GetUserNameA
RegDeleteValueW
GetUserNameW
RegNotifyChangeKeyValue
RegQueryInfoKeyW
RegQueryInfoKeyA
CryptSignHashW
CryptEnumProvidersW
RegCloseKey
CryptAcquireContextW
RegQueryMultipleValuesA
RegCreateKeyExW
CreateServiceA
CryptSetHashParam

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bce591bec201097ae85e6f56e303e3da

Headers

File Characteristics

Imports

kernel32

user32

wininet

advapi32

Sections

.text Size: 119KB - Virtual size: 119KB

.data Size: 113KB - Virtual size: 125KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 119KB - Virtual size: 119KB

.data
Size: 113KB - Virtual size: 125KB

.rsrc
Size: 15KB - Virtual size: 15KB