044f1f51f015f5e8538c6d449d688ecd

Sharing

Copy URL Twitter E-mail

General

Target

044f1f51f015f5e8538c6d449d688ecd
Size

556KB
MD5

044f1f51f015f5e8538c6d449d688ecd
SHA1

746e10827b26333fce2841a985ec560d3643dd6b
SHA256

a2ccebbab8e6fac6fb4c0ab5d05653bb6b5e81c25f14f74b7c9a38820737e633
SHA512

0b5125aaafa56c0b9f593b3e94eb046dcc31b6c7df293e0c4ce0aa46887d6001f6ec3a5a8f7d3512304deb179deb9db0629eb8553445bc763f20222729940c32
SSDEEP

12288:+k9vk33z6M+84pTHOKhZbhvvTW4V/18Du/tyYJmHcVVHuy:+sk33zV+8g7OKvBaM8DuRJUcVV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
044f1f51f015f5e8538c6d449d688ecd

Files

044f1f51f015f5e8538c6d449d688ecd
.exe windows:4 windows x86 arch:x86

dfe3c9022ee5ab4b39ecd9f828fec4ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetAutodialHangup
RetrieveUrlCacheEntryFileA
InternetCombineUrlA
InternetAlgIdToStringA
GopherFindFirstFileA
InternetShowSecurityInfoByURLA

comctl32

InitCommonControlsEx

shell32

SHFileOperationA

advapi32

LogonUserW
StartServiceW
LookupPrivilegeNameW
CryptContextAddRef
CryptSignHashW
RegQueryValueW
CryptAcquireContextA
RegQueryInfoKeyA
RegEnumKeyExW
RegRestoreKeyW
RegSetValueA
RegEnumKeyExA
RegOpenKeyW
RegSetValueExW
CryptSetProvParam
LookupAccountNameA
LookupAccountSidW
CryptGetUserKey
RegDeleteValueW
RegCreateKeyExW

kernel32

lstrcatA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTime
TlsAlloc
SetLastError
SetCurrentDirectoryA
WideCharToMultiByte
GetCurrentProcess
GetCPInfo
HeapCreate
LoadLibraryA
HeapFree
FreeEnvironmentStringsW
ExitProcess
HeapDestroy
HeapReAlloc
InterlockedExchange
CreatePipe
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetLocalTime
TlsSetValue
SetHandleCount
CommConfigDialogW
GetComputerNameW
RtlUnwind
TlsGetValue
WriteFile
CompareStringW
EnumCalendarInfoW
RemoveDirectoryW
GetModuleHandleA
VirtualAlloc
WriteConsoleOutputAttribute
DeleteCriticalSection
ExpandEnvironmentStringsW
SetFilePointer
FlushFileBuffers
OpenMutexA
GetStdHandle
CreateNamedPipeW
FreeEnvironmentStringsA
CreateMutexA
OpenFileMappingA
GetOEMCP
EnumResourceLanguagesW
GetCurrentThreadId
VirtualFree
LCMapStringW
GetWindowsDirectoryA
GetACP
GetFileType
IsBadWritePtr
GetProcAddress
GetCurrentThread
LCMapStringA
GetEnvironmentStrings
GetPrivateProfileSectionNamesW
TlsFree
GetStringTypeA
GetVersion
VirtualQuery
FindAtomW
SetEnvironmentVariableA
CompareStringA
InterlockedDecrement
GetLastError
GetStartupInfoA
HeapAlloc
MultiByteToWideChar
GetStringTypeW
SetLocalTime
GetTickCount
GetModuleFileNameA
SetStdHandle
InterlockedIncrement
CloseHandle
UnlockFileEx
LeaveCriticalSection
GetPrivateProfileIntA
TerminateProcess
ReadFile
EnterCriticalSection
InitializeCriticalSection
GetCommandLineA
CreateRemoteThread
UnhandledExceptionFilter
GetTimeZoneInformation

gdi32

GetDCOrgEx
GetGraphicsMode
GdiPlayDCScript
GetEnhMetaFilePaletteEntries
ExtCreatePen
ResetDCW
GetRgnBox
CreateBitmapIndirect
GetBitmapDimensionEx
SetFontEnumeration
GetTextCharacterExtra
CreateEnhMetaFileW
SaveDC
gdiPlaySpoolStream
EnumFontFamiliesExA
CloseEnhMetaFile
DeviceCapabilitiesExA
StrokeAndFillPath
ExtTextOutW
GetCharWidthFloatA
PatBlt
GetPolyFillMode

user32

GetMenuItemRect
SetRectEmpty
CharUpperW
GetMenuStringA
RegisterClassExA
ToUnicode
GetKeyNameTextW
CharPrevExA
OpenIcon
RegisterClassA

Sections

.text
Size: 229KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dfe3c9022ee5ab4b39ecd9f828fec4ca

Headers

File Characteristics

Imports

wininet

comctl32

shell32

advapi32

kernel32

gdi32

user32

Sections

.text Size: 229KB - Virtual size: 229KB

.rdata Size: 5KB - Virtual size: 26KB

.data Size: 315KB - Virtual size: 315KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 229KB - Virtual size: 229KB

.rdata
Size: 5KB - Virtual size: 26KB

.data
Size: 315KB - Virtual size: 315KB

.rsrc
Size: 4KB - Virtual size: 4KB