02bc25818292686a15a7fb5395398079

Sharing

Copy URL Twitter E-mail

General

Target

02bc25818292686a15a7fb5395398079
Size

588KB
MD5

02bc25818292686a15a7fb5395398079
SHA1

559e0672dc60d4392ffe9b3c177a8d4581327b62
SHA256

65af9a1a070dfb35dd529ad826447a2f6f8d5afebf45d8c867f2439e96ce6c90
SHA512

e1375fa2b7d333a4fc27e3ef855f9b8690faaf8576d6073199b162433c65f6db03c40f7d19a43281e1622c47d920a2a9888613f0675057a972685945f914f3ea
SSDEEP

12288:6DYv6/2w9GoVNTln3HetLXxiISlMm5gX0nPJu3MFJkPLYEZlZ:Vvq2w9GmNTl3+tLUXJAUJVFiP7Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02bc25818292686a15a7fb5395398079

Files

02bc25818292686a15a7fb5395398079
.exe windows:4 windows x86 arch:x86

d6f597fe4efe4464d5adbd10936a0cff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlZeroMemory
QueryPerformanceCounter
LoadResource
GlobalSize
GetModuleFileNameW
GetStringTypeA
WriteProfileStringA
OpenMutexA
IsBadWritePtr
WideCharToMultiByte
GetCurrentThreadId
UnlockFileEx
FreeEnvironmentStringsW
LoadLibraryA
LCMapStringW
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetCompressedFileSizeW
OpenFileMappingW
FindAtomA
HeapReAlloc
HeapAlloc
InterlockedIncrement
InterlockedExchange
GetCommandLineA
FlushFileBuffers
CreateFileW
WriteConsoleOutputA
DeleteFileW
SetConsoleTitleW
OpenSemaphoreA
VirtualFree
ExpandEnvironmentStringsW
GetStartupInfoW
TlsGetValue
IsValidCodePage
GetCurrentProcessId
SetConsoleCursorPosition
VirtualLock
HeapFree
GetFileAttributesW
GetStdHandle
GetFileType
lstrcpyA
GlobalAddAtomA
UnhandledExceptionFilter
GetComputerNameA
SetLastError
InitializeCriticalSection
HeapDestroy
GetCPInfo
MoveFileExW
SetEnvironmentVariableA
GetCompressedFileSizeA
MultiByteToWideChar
GetCommandLineW
GetCurrentProcess
UnlockFile
GetLocalTime
SetLocaleInfoW
AddAtomA
GetModuleHandleA
WaitNamedPipeW
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GlobalAlloc
VirtualAlloc
EnumDateFormatsA
UnmapViewOfFile
GetModuleFileNameA
GetProcessHeaps
GetSystemTime
GetSystemDirectoryA
SetFilePointer
WriteFile
ExitProcess
GetConsoleOutputCP
GetPrivateProfileStringA
SetStdHandle
FindResourceExW
SetThreadLocale
WaitForSingleObjectEx
SetConsoleActiveScreenBuffer
GetTickCount
CompareStringA
GetStartupInfoA
FreeEnvironmentStringsA
DosDateTimeToFileTime
CopyFileExA
CompareStringW
GlobalLock
GetOEMCP
InterlockedDecrement
WriteConsoleOutputW
TerminateProcess
WriteFileEx
LCMapStringA
GetCurrentThread
CreateDirectoryA
GetNumberFormatA
GetStringTypeW
EnterCriticalSection
GetVersion
ReadFile
FindFirstFileExA
VirtualQuery
GetEnvironmentStrings
CreateFileA
HeapCreate
TlsSetValue
GetSystemDirectoryW
SetHandleCount
ContinueDebugEvent
GetTempFileNameA
DeleteCriticalSection
CreateMutexA
GetFullPathNameA
GetProcAddress
GetPriorityClass
FileTimeToLocalFileTime
DebugActiveProcess
RtlUnwind
TlsFree
FlushConsoleInputBuffer
CreateThread
CloseHandle
GetTimeZoneInformation
GetSystemDefaultLCID
GetLogicalDrives
GetLastError
GlobalFlags
WritePrivateProfileStructW
FindResourceExA
TlsAlloc
EnumDateFormatsExW
LeaveCriticalSection

wininet

FtpGetFileW
InternetSetOptionExW

gdi32

GetCharWidthFloatW
SelectObject
GetMetaFileW
DeleteDC
GetObjectA
GetDeviceCaps
CreateDCA
SetBoundsRect
PlayEnhMetaFileRecord
Polyline

comctl32

ImageList_DragLeave
ImageList_BeginDrag
ImageList_GetImageInfo
ImageList_GetBkColor
CreateUpDownControl
ImageList_SetFilter
ImageList_GetImageCount
ImageList_AddMasked
ImageList_GetDragImage
CreateMappedBitmap
CreateStatusWindow
MakeDragList
InitCommonControlsEx
CreateStatusWindowW
ImageList_DrawIndirect
ImageList_Destroy
CreatePropertySheetPage
GetEffectiveClientRect
ImageList_SetFlags

user32

IsRectEmpty
CreateDesktopW
CopyImage
GetListBoxInfo
SetMessageQueue
ClientToScreen
GetGuiResources
GetSysColor
SendDlgItemMessageA
DefWindowProcA
SetCaretPos
DestroyWindow
SetMessageExtraInfo
AdjustWindowRectEx
MapVirtualKeyW
SetClipboardData
RegisterClassA
GetPropW
GetKeyNameTextA
DdeConnect
SetRect
DlgDirSelectComboBoxExW
GetClassInfoA
GetSubMenu
EndDialog
CreateWindowExA
SetScrollPos
CloseWindowStation
InsertMenuW
GetClassWord
GetInputState
IsCharLowerW
MessageBoxA
RegisterClassExA
ToAsciiEx
ShowWindow

advapi32

CryptSetProviderW
StartServiceW
RegSaveKeyW
RegOpenKeyExA
RegQueryMultipleValuesW
CreateServiceW
LookupAccountNameW
LookupAccountNameA
RegQueryValueExW

comdlg32

GetSaveFileNameW
ChooseFontW
PrintDlgW
PageSetupDlgW

Sections

.text
Size: 196KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6f597fe4efe4464d5adbd10936a0cff

Headers

File Characteristics

Imports

kernel32

wininet

gdi32

comctl32

user32

advapi32

comdlg32

Sections

.text Size: 196KB - Virtual size: 192KB

.rdata Size: 252KB - Virtual size: 249KB

.data Size: 112KB - Virtual size: 129KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 196KB - Virtual size: 192KB

.rdata
Size: 252KB - Virtual size: 249KB

.data
Size: 112KB - Virtual size: 129KB

.rsrc
Size: 24KB - Virtual size: 20KB