065e2909e513b359702b3760ca23bb47

Sharing

Copy URL Twitter E-mail

General

Target

065e2909e513b359702b3760ca23bb47
Size

586KB
MD5

065e2909e513b359702b3760ca23bb47
SHA1

14a67f1bd5908fe4176a4504b2fd48e31c456479
SHA256

09bd44a74539b6ae795b7dca8bdf9557195c9b1889c60e59780195452e81f9af
SHA512

0eeb7f54787a49c7ed3c06adc35aa4be9ec12859ed6237fe45b5a0b7ae4f7b3abd6e39a101fbe2df00a505fb561934eab263c7462025bff6fb6a5355a75bbd9f
SSDEEP

12288:JDRcm8tKmwZYPnaSY+7d/Bh0/fl4FZI39HRGB11D8l/oVBo:1KCZYPaYd/Dmfl4FZI39xqr8luo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
065e2909e513b359702b3760ca23bb47

Files

065e2909e513b359702b3760ca23bb47
.exe windows:4 windows x86 arch:x86

d0d790f4b8434ae217f52f27a1aaa3bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateStatusWindow
DrawStatusTextW
ImageList_Create
ImageList_DragLeave
ImageList_SetFlags
DrawInsert
ImageList_SetDragCursorImage
InitCommonControlsEx
ImageList_GetImageCount
ImageList_GetImageInfo
_TrackMouseEvent
ImageList_SetOverlayImage
CreateToolbarEx
CreateStatusWindowA
ImageList_DragEnter
ImageList_AddIcon
ImageList_SetImageCount
ImageList_Remove
ImageList_Replace
ImageList_SetFilter
ImageList_GetIconSize

user32

GetListBoxInfo
RegisterClassExA
EnumPropsW
OemKeyScan
UnpackDDElParam
MapVirtualKeyExW
SetCaretPos
GetMenuDefaultItem
EnableMenuItem
WaitForInputIdle
GetScrollBarInfo
SetWindowsHookW
EnumPropsExA
RegisterClassA
IsWindow
GetWindowTextA
GetFocus
LoadCursorA
DdeGetLastError

gdi32

SelectObject
GetEnhMetaFileW
GdiGetBatchLimit
GetCharacterPlacementA
TranslateCharsetInfo
DeleteDC
GetWinMetaFileBits
CreateDCW
GetObjectW
GetTextExtentPointW
GetClipBox
EnumEnhMetaFile
WidenPath
OffsetWindowOrgEx
SetDeviceGammaRamp
DeleteEnhMetaFile
GetRandomRgn
Rectangle
TextOutW
AddFontResourceA
GetDeviceCaps
DescribePixelFormat
GetWorldTransform

kernel32

LCMapStringA
SetPriorityClass
InitializeCriticalSection
TlsSetValue
CloseHandle
GetProfileStringW
QueryPerformanceCounter
GetLocaleInfoA
GetCurrentProcess
FreeEnvironmentStringsW
HeapCreate
FlushInstructionCache
SetLastError
GetStdHandle
MultiByteToWideChar
IsValidCodePage
GetOEMCP
GetCommandLineA
FindResourceA
GetStringTypeA
SetHandleCount
TlsAlloc
GetStartupInfoA
WriteConsoleW
IsValidLocale
HeapAlloc
GetStringTypeW
TlsGetValue
GetFileType
HeapSize
GetFileAttributesA
GetCPInfo
ConvertDefaultLocale
CompareStringA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetTimeFormatA
OpenMutexA
FlushFileBuffers
GlobalFree
GetVersion
IsBadWritePtr
GetLastError
SetFilePointer
VirtualProtect
WideCharToMultiByte
GetUserDefaultLCID
GetCurrentThread
ReadFile
GetTickCount
HeapDestroy
GetModuleFileNameA
OutputDebugStringA
VirtualQuery
GetVersionExA
LCMapStringW
EnterCriticalSection
DeleteCriticalSection
InterlockedExchange
GetLocaleInfoW
ExitProcess
GetCurrentThreadId
VirtualAlloc
VirtualFree
RtlUnwind
LoadLibraryA
GetSystemInfo
HeapFree
HeapReAlloc
GetACP
GetProcAddress
SetFileAttributesA
TerminateProcess
SetComputerNameW
GetPrivateProfileStringA
GetEnvironmentStringsW
LeaveCriticalSection
WriteFile
GetTimeZoneInformation
GetCurrentProcessId
GetSystemTimeAsFileTime
EnumSystemLocalesA
SetStdHandle
CompareStringW
CreateMutexA
GetDateFormatA
GetAtomNameW
SetEnvironmentVariableA
TlsFree
GetEnvironmentStrings
GetModuleHandleA

wininet

InternetShowSecurityInfoByURLW
FindNextUrlCacheEntryExA

shell32

FindExecutableW
InternalExtractIconListA

advapi32

CryptSetProvParam
LookupPrivilegeDisplayNameA
CryptSetProviderW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExA
RegConnectRegistryA
RegSetValueExA
CryptGetProvParam

Sections

.text
Size: 417KB - Virtual size: 417KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0d790f4b8434ae217f52f27a1aaa3bd

Headers

File Characteristics

Imports

comctl32

user32

gdi32

kernel32

wininet

shell32

advapi32

Sections

.text Size: 417KB - Virtual size: 417KB

.rdata Size: 36KB - Virtual size: 42KB

.data Size: 96KB - Virtual size: 95KB

.rsrc Size: 35KB - Virtual size: 35KB

.text
Size: 417KB - Virtual size: 417KB

.rdata
Size: 36KB - Virtual size: 42KB

.data
Size: 96KB - Virtual size: 95KB

.rsrc
Size: 35KB - Virtual size: 35KB