79aee6e1e3126450996982c0b074b341

Sharing

Copy URL Twitter E-mail

General

Target

79aee6e1e3126450996982c0b074b341
Size

175KB
MD5

79aee6e1e3126450996982c0b074b341
SHA1

21b8b0c0650d8b35c6854cbc26acfb2baf41763a
SHA256

05f7866e1ba41e3454366598d9874ffedd6a3b22648799017e77b763c9159a1a
SHA512

3aa2e41c9ba640d3d811cd8ee631f43de5fc59015a9274e75954a204bad67eb5be667f3f9c5c1aaf147f5dd0ec90495473bffc0d130cf04d6878d3a2c7f77113
SSDEEP

3072:oIF6VxDVOIZyotqb5f3282zJkEpjGpf9pEKJGqvZHSuiRISSvnGIgS6:he3GFP288BifMKjSu2IxPu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79aee6e1e3126450996982c0b074b341

Files

79aee6e1e3126450996982c0b074b341
.exe windows:5 windows x86 arch:x86

8cf5280dbc59958ad870be6f24197109

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlGetLocationA

msvcrt

mbtowc
_controlfp
exit
__set_app_type
__p__fmode
wcsrchr
memset
__p__commode
_amsg_exit
atoi
isspace
_initterm
wcscoll
qsort
fgetc
setlocale
_ismbblead
wcscpy
fread
gets
strcoll
clearerr
atol
calloc
isxdigit
sscanf
swprintf
_XcptFilter
_exit
localtime
strpbrk
_cexit
strerror
__setusermatherr
__getmainargs
setvbuf
strstr

user32

GetParent
GetDlgItem
ReleaseDC
FrameRect
wsprintfW
WaitForInputIdle
GetClipCursor
InvertRect
ArrangeIconicWindows
SetCursorPos
CreateMenu
GetSystemMenu
DialogBoxIndirectParamW
DrawTextExW
GetWindowRect
SetDlgItemInt
CopyAcceleratorTableW
CharToOemA
GetMessageExtraInfo
TranslateMessage
IsWindowEnabled
CharToOemW
GetUpdateRgn
RegisterClassA
IsCharAlphaNumericW
GetCursorPos
DrawStateA
ExitWindowsEx
GetFocus
CallWindowProcW
IsCharAlphaA
GetWindow
RemoveMenu
GetSysColorBrush
CreateAcceleratorTableW
PostThreadMessageW
InvalidateRgn
InvalidateRect
ShowWindow
GetMessageTime
DefDlgProcW
MonitorFromRect
GetKeyboardLayoutNameW
ShowCaret
CreateDialogParamA
ScrollWindow
LoadIconW
OpenDesktopW
LoadCursorW
InSendMessageEx
GetWindowLongA
MessageBoxExW
LoadCursorA
SetWindowTextW
OemToCharBuffA
AdjustWindowRect
AppendMenuA
SendDlgItemMessageW
GetKeyState
RegisterClassExA
DestroyCursor
GetKeyboardType
CharNextW
CharLowerBuffW
CheckRadioButton
GetDlgItemInt
DrawIconEx
SystemParametersInfoW
SetScrollInfo
GetSubMenu
SendMessageTimeoutW
PostThreadMessageA
MessageBoxW
MapVirtualKeyW
ActivateKeyboardLayout
GetMenuStringW
SendMessageA
GetDCEx
SetWindowPos
SetCaretPos
GetWindowDC
DialogBoxIndirectParamA
LoadStringW
GetSysColor
TranslateAcceleratorA
BeginDeferWindowPos

kernel32

LocalUnlock
SetHandleInformation
MoveFileA
GlobalMemoryStatusEx
lstrcmpA
TlsSetValue
TlsFree
GetFileAttributesA
GetVersion
IsBadStringPtrW
GetACP
GetSystemDefaultLangID
FlushFileBuffers
SizeofResource
DeleteAtom
FindFirstFileW
SetFileAttributesA
lstrcpynW
SetLocalTime
SetEvent
FindFirstFileA
GetShortPathNameW
lstrlenW
CancelWaitableTimer
SetErrorMode
SetFileAttributesW
FindResourceExA
WaitForMultipleObjectsEx
GetOEMCP
SetLastError
CompareStringW
FindNextFileA
CreateDirectoryA
GetVersionExA
lstrlenA
HeapFree
CallNamedPipeW
SearchPathW
GetModuleFileNameA

Exports

Exports

?HistoryLoggingOn@@YGKDKPAX:O

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.eplan
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ainit
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdbg
Size: 512B - Virtual size: 89B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iplan
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.run
Size: 512B - Virtual size: 258B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0dat
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8cf5280dbc59958ad870be6f24197109

Headers

File Characteristics

Imports

shlwapi

msvcrt

user32

kernel32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.eplan Size: 512B - Virtual size: 91B

.ainit Size: 1024B - Virtual size: 844B

.rdbg Size: 512B - Virtual size: 89B

.data Size: 2KB - Virtual size: 184KB

.iplan Size: 4KB - Virtual size: 4KB

.run Size: 512B - Virtual size: 258B

.0dat Size: 139KB - Virtual size: 139KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 23KB

.eplan
Size: 512B - Virtual size: 91B

.ainit
Size: 1024B - Virtual size: 844B

.rdbg
Size: 512B - Virtual size: 89B

.data
Size: 2KB - Virtual size: 184KB

.iplan
Size: 4KB - Virtual size: 4KB

.run
Size: 512B - Virtual size: 258B

.0dat
Size: 139KB - Virtual size: 139KB

.rsrc
Size: 2KB - Virtual size: 1KB