0452aa993b47afd68974635da71aa1b1

General

Target

0452aa993b47afd68974635da71aa1b1
Size

452KB
MD5

0452aa993b47afd68974635da71aa1b1
SHA1

933acce05a1966c3cfe61254da56db82d385e014
SHA256

d61e880c67c4a14d51ed0f0f4093d9331f161ce5fd6ca9ee259827ba89ad1bea
SHA512

505d71d0232fdb24e7b3db26b25362e3e3fa3b9bf64271a3d6c7eb593bc77b855cb1bbb76c8bd43dc8491d4c7c7e23f5ec285a38c20d5baef5a822af5c41937a
SSDEEP

6144:Sm1n2JK090XjNxhposuSq2R58JAKSaUfX16C+5lAWutSrfFm81Ke9NSv/0Z0JGdV:xFpJxEs7qTVSaCXYk+fFPce9NQo2GkL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0452aa993b47afd68974635da71aa1b1

Files

0452aa993b47afd68974635da71aa1b1
.exe windows:4 windows x86 arch:x86

51a3efa5ce97b5f9f7e57cb25a06cbe9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

RetrieveUrlCacheEntryFileA
FtpPutFileW
FindNextUrlCacheEntryW
InternetQueryFortezzaStatus
HttpAddRequestHeadersA
GopherFindFirstFileA

kernel32

LockFile
HeapFree
TlsAlloc
GetCurrentThread
RtlUnwind
GetStdHandle
LoadLibraryA
GetFileType
GetModuleFileNameA
GetDiskFreeSpaceW
TerminateProcess
GetStartupInfoA
GetThreadContext
VirtualAlloc
GetThreadTimes
TlsFree
SetHandleCount
GetACP
GetTimeFormatW
TlsSetValue
GetVersion
SetCurrentDirectoryA
GetAtomNameW
LCMapStringW
FillConsoleOutputAttribute
GetCPInfo
DeleteCriticalSection
FreeEnvironmentStringsW
InitializeCriticalSection
UnhandledExceptionFilter
VirtualQuery
QueryPerformanceCounter
GetProcAddress
GetTickCount
SetStdHandle
GetStringTypeA
GetStringTypeW
IsBadWritePtr
FreeEnvironmentStringsA
SetLastError
LCMapStringA
GetOEMCP
GetEnvironmentStrings
GetEnvironmentStringsW
HeapCreate
WideCharToMultiByte
GetCurrentProcess
GetCurrentProcessId
EnterCriticalSection
ExitProcess
InterlockedExchange
HeapAlloc
VirtualFree
GetModuleHandleA
GetCommandLineA
GetCurrentThreadId
lstrcpyn
HeapReAlloc
MultiByteToWideChar
WriteFile
GetSystemTimeAsFileTime
HeapDestroy
GetLastError
LeaveCriticalSection
EnumResourceTypesW
AllocConsole
TlsGetValue

Sections

.text
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51a3efa5ce97b5f9f7e57cb25a06cbe9

Headers

File Characteristics

Imports

wininet

kernel32

Sections

.text Size: 161KB - Virtual size: 161KB

.rdata Size: 3KB - Virtual size: 34KB

.data Size: 277KB - Virtual size: 276KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 161KB - Virtual size: 161KB

.rdata
Size: 3KB - Virtual size: 34KB

.data
Size: 277KB - Virtual size: 276KB

.rsrc
Size: 10KB - Virtual size: 9KB