02ed72f914cce56da217cc73c557f69b

Sharing

Copy URL Twitter E-mail

General

Target

02ed72f914cce56da217cc73c557f69b
Size

407KB
MD5

02ed72f914cce56da217cc73c557f69b
SHA1

4315a2084a7fdbe3d826b784bb67789af6d62036
SHA256

e3ca6af9ef8d0af7f99bde07e82a67afde1c0b1048003cc7dbc9bf55bcb1c8ad
SHA512

4967d1b22a21fef9aeb3e21d60e829d4f370981cde241ca0d63048def5de303222fcae2e136c55afbfa200778cf96ca5a0844bc1e10efb09bbc65dcb49d3c89f
SSDEEP

6144:XMTwn/huF22gzMafZOSQQODWrZfxj2ZGfYfPx3NwYmgLx3wIM8DaLM4g8QxNK:iwbJM+ZOSQ9KNlfYfP0Yh13x90zQxA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02ed72f914cce56da217cc73c557f69b

Files

02ed72f914cce56da217cc73c557f69b
.exe windows:4 windows x86 arch:x86

9c78ecaf611b08a51ce269fd3c377c9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetDataFromIDListW
SHGetSpecialFolderPathA
SHQueryRecycleBinA
DragQueryFileW
SheSetCurDrive
SheChangeDirA
SHGetFileInfoW
ExtractIconW
InternalExtractIconListW

comdlg32

PageSetupDlgA
FindTextA
PrintDlgA
PrintDlgW
FindTextW
GetSaveFileNameW
ChooseFontA
GetOpenFileNameW
GetSaveFileNameA
ChooseFontW
ChooseColorA
LoadAlterBitmap
ReplaceTextW
GetFileTitleW

gdi32

GetAspectRatioFilterEx
SaveDC
CreateDCW
UpdateICMRegKeyW
CreateDIBPatternBrushPt
GetRgnBox
DeleteColorSpace

user32

CreateWindowExW
GetDialogBaseUnits
InsertMenuA
EnumWindows
GetProcessDefaultLayout
CharUpperW
LoadCursorW
GetWindowPlacement
MonitorFromWindow
SetLastErrorEx
SetForegroundWindow
DdeGetData
TrackPopupMenu
ClipCursor
DlgDirSelectExW
GetMenuItemCount
GrayStringW
OpenIcon
SetActiveWindow
AdjustWindowRect
wvsprintfW
DrawMenuBar
EnumChildWindows

kernel32

SetLastError
MultiByteToWideChar
SetVolumeLabelW
LocalReAlloc
RtlUnwind
CreateSemaphoreA
EnterCriticalSection
InitializeCriticalSection
LoadLibraryA
TlsFree
GetModuleFileNameA
GetStringTypeW
ResumeThread
VirtualAlloc
EnumResourceTypesW
GetProcAddress
LeaveCriticalSection
CreateWaitableTimerW
TerminateProcess
GetCurrentThreadId
GetCurrentProcess
ExpandEnvironmentStringsW
GetTickCount
HeapDestroy
VirtualFree
ExitProcess
DeleteCriticalSection
GetOEMCP
GetModuleHandleA
QueryPerformanceCounter
FreeEnvironmentStringsA
WriteFile
VirtualQuery
FreeEnvironmentStringsW
GetStdHandle
CreateNamedPipeA
SetHandleCount
GetPrivateProfileSectionA
LCMapStringW
HeapCreate
GetFileType
GetLocaleInfoW
GetLastError
GetCurrentThread
GetVersion
WideCharToMultiByte
HeapFree
GetProfileSectionA
GetCommandLineA
TlsGetValue
GetStartupInfoA
GetCurrentProcessId
TlsSetValue
GlobalCompact
GetStringTypeA
TlsAlloc
GetCPInfo
GetEnvironmentStrings
FileTimeToLocalFileTime
HeapReAlloc
GetEnvironmentStringsW
UnhandledExceptionFilter
VirtualProtect
FormatMessageW
GetSystemTimeAsFileTime
GetACP
LCMapStringA
HeapAlloc
IsBadWritePtr
InterlockedExchange

wininet

GetUrlCacheGroupAttributeW
InternetCanonicalizeUrlW
InternetCombineUrlW
HttpSendRequestExW
DeleteIE3Cache
FindFirstUrlCacheContainerW
InternetCreateUrlA
InternetGoOnlineW
GopherOpenFileA
FtpPutFileW
FtpDeleteFileW
GetUrlCacheConfigInfoA
InternetOpenUrlW
RegisterUrlCacheNotification

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c78ecaf611b08a51ce269fd3c377c9b

Headers

File Characteristics

Imports

shell32

comdlg32

gdi32

user32

kernel32

wininet

Sections

.text Size: 117KB - Virtual size: 117KB

.data Size: 273KB - Virtual size: 293KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 117KB - Virtual size: 117KB

.data
Size: 273KB - Virtual size: 293KB

.rsrc
Size: 15KB - Virtual size: 15KB