0494bb1c44a78dcfc22e64ecf96881a7

Sharing

Copy URL

Twitter E-mail

General

Target

0494bb1c44a78dcfc22e64ecf96881a7
Size

336KB
MD5

0494bb1c44a78dcfc22e64ecf96881a7
SHA1

f1fbf7ccdc61a722af4c02abe0c1048825c22bcc
SHA256

063ea525a09cb5fcf46f931fed93dd799c2ce4a24a180374a50a12ad795064ed
SHA512

4e86538a4c7bb7d29ff3788226f589a8a63a9d47d6d9b1c20915d6af4f69c96e8f9016b10b5ded97de7119c09eba7b72ae33a5d93c75988838920e5189d8fbd1
SSDEEP

6144:FQOXZa8OMdrSl9CxcNsfBZ3YHEsRnW1oYHM821s72CTo3+e8:FQOparMto9dK5GksxFfDs72CTo3b8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0494bb1c44a78dcfc22e64ecf96881a7

Files

0494bb1c44a78dcfc22e64ecf96881a7
.exe windows:4 windows x86 arch:x86

dd98d933e0deb5e4915b6d600b45814d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FtpCommandA
FtpPutFileW
GopherGetAttributeA
InternetSetOptionExW
InternetConfirmZoneCrossing
InternetConfirmZoneCrossingW
SetUrlCacheConfigInfoA
GopherCreateLocatorA

kernel32

EnterCriticalSection
ExitProcess
HeapValidate
LCMapStringW
GetCalendarInfoA
TlsAlloc
UnhandledExceptionFilter
HeapReAlloc
TlsFree
GetModuleHandleA
GetLocalTime
GetTimeZoneInformation
SetHandleCount
EnumSystemCodePagesW
OpenMutexA
GetEnvironmentStringsW
LeaveCriticalSection
SetLastError
TlsSetValue
GetPrivateProfileSectionNamesW
LocalUnlock
CreateProcessW
GetModuleHandleW
SetStdHandle
VirtualFree
HeapDestroy
LCMapStringA
FlushFileBuffers
EnumResourceNamesA
HeapFree
FreeEnvironmentStringsW
QueryPerformanceCounter
HeapAlloc
GetConsoleMode
SetConsoleTitleA
ReadFile
GetStringTypeA
lstrcatW
CloseHandle
CreateDirectoryA
InterlockedIncrement
GetProcAddress
InterlockedExchange
GetTickCount
GetSystemTime
SetLocaleInfoW
IsBadReadPtr
VirtualQuery
GetFileType
TlsGetValue
GetModuleFileNameA
HeapCreate
TerminateProcess
GetEnvironmentStrings
GetCommandLineA
GetSystemTimeAsFileTime
FillConsoleOutputCharacterA
GetVersion
GetCurrentDirectoryA
SetConsoleCtrlHandler
FreeEnvironmentStringsA
IsBadWritePtr
InterlockedDecrement
DebugBreak
GlobalAlloc
CompareStringW
VirtualAlloc
GetOEMCP
EnumDateFormatsExA
GetThreadPriorityBoost
GetStringTypeW
GetLastError
SetFilePointer
WriteFile
GetCurrentThreadId
GetCPInfo
VirtualUnlock
RtlUnwind
GetCurrentProcess
GetACP
CompareStringA
WideCharToMultiByte
GetCurrentThread
GetCurrentProcessId
GetStdHandle
OutputDebugStringA
DeleteCriticalSection
SetEnvironmentVariableA
MultiByteToWideChar
InitializeCriticalSection
SuspendThread
CreateMutexA
GetStartupInfoA
LoadLibraryA

comctl32

CreateStatusWindow
ImageList_SetFlags
ImageList_Copy
ImageList_GetDragImage
InitCommonControlsEx
ImageList_SetIconSize
ImageList_LoadImageW

user32

CreateDialogParamW
CreateWindowExA
LoadMenuW
ShowWindow
CreateIconFromResource
LoadCursorFromFileA
ReuseDDElParam
ClipCursor
GetMenuItemID
EndTask
ChangeClipboardChain
GetClassNameA
CreateDialogParamA
GetClientRect
DestroyWindow
DefMDIChildProcA
GetClassLongA
UnloadKeyboardLayout
DestroyAcceleratorTable
DdeAbandonTransaction
LoadAcceleratorsW
InvertRect
GetDCEx
GetWindowTextA
GetDlgItemTextW
DrawFrameControl
SetWindowLongA
GetDC
ScrollWindow
CheckRadioButton
SetWindowLongW
GetKeyState
DestroyCaret
DrawFrame
EnumPropsExW
CharNextExA
DrawIconEx
CallNextHookEx
OemToCharBuffW
DefWindowProcW
MessageBoxIndirectA
InflateRect
RegisterClassExA
GetIconInfo
DefDlgProcA
GetSysColorBrush
DdeInitializeW
GetClipCursor
RemovePropA
SetMessageExtraInfo
VkKeyScanExW
GetSystemMetrics
GetDialogBaseUnits
MessageBoxW
SendDlgItemMessageA
GetKeyboardState
FlashWindowEx
DdeConnectList
WINNLSEnableIME
MessageBoxA
DialogBoxIndirectParamW
OemToCharBuffA
GetWindowPlacement
RegisterClassA
ActivateKeyboardLayout
UnhookWindowsHookEx
GetMenuStringA
EnableScrollBar
DdeAddData
GetParent
GetCursor
LoadImageA
InSendMessage
BroadcastSystemMessage

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd98d933e0deb5e4915b6d600b45814d

Headers

File Characteristics

Imports

wininet

kernel32

comctl32

user32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 88KB - Virtual size: 90KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 88KB - Virtual size: 90KB

.rsrc
Size: 12KB - Virtual size: 11KB