207259bdbfc4c31a34d9eeb31bc641b0

Sharing

Copy URL Twitter E-mail

General

Target

207259bdbfc4c31a34d9eeb31bc641b0
Size

488KB
MD5

207259bdbfc4c31a34d9eeb31bc641b0
SHA1

3e12e5a6dddabef8613c4ab6f7c6c8799ca47e1f
SHA256

49478033ee7a2111ea7d9cab4bb4849218c09344fa61fac4adf1c870204f9e45
SHA512

04e57b7889a811873485ed5eca3089d1b3703269f1a25a7555fba7bfe3022d79fb58717c817c13cedf5776a03d40323eb52d653005063bc042b528d3f1634622
SSDEEP

12288:9h1Ezr6fNfJSTtQPFkG85VORVgn95BkMSd0+F:9zECfGQJ8A4Bed00

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
207259bdbfc4c31a34d9eeb31bc641b0

Files

207259bdbfc4c31a34d9eeb31bc641b0
.exe windows:4 windows x86 arch:x86

f5c76deaf5626d7a7a1207cb4fb9f69f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW
SHBrowseForFolder

wininet

GetUrlCacheGroupAttributeA
ReadUrlCacheEntryStream
InternetCrackUrlW
InternetSetCookieW
InternetAlgIdToStringA

user32

RegisterClassExA
RegisterClassA
GetMessageA
GetUserObjectInformationW

kernel32

LoadLibraryA
GetEnvironmentStringsW
SetEnvironmentVariableA
ReleaseMutex
HeapAlloc
GetCurrentProcess
GetStartupInfoA
TlsSetValue
GetModuleFileNameW
CopyFileExA
UnhandledExceptionFilter
WriteConsoleOutputAttribute
SetComputerNameA
TerminateProcess
VirtualAlloc
ExitProcess
InterlockedDecrement
SetFilePointer
VirtualFree
IsValidCodePage
GetCurrentThreadId
LoadLibraryW
GetConsoleOutputCP
EnterCriticalSection
InitializeCriticalSection
GetLocaleInfoA
IsDebuggerPresent
FreeEnvironmentStringsA
GetVersionExA
SetConsoleCtrlHandler
DeleteCriticalSection
GetUserDefaultLCID
GetCompressedFileSizeA
GetTickCount
MultiByteToWideChar
SetUnhandledExceptionFilter
WideCharToMultiByte
EnumSystemLocalesA
lstrlenA
HeapReAlloc
GetStringTypeA
GetConsoleMode
FreeLibrary
CloseHandle
InterlockedExchange
GetDateFormatA
FindResourceW
GetCPInfo
GetModuleFileNameA
IsValidLocale
GetEnvironmentStrings
WaitCommEvent
GetCurrentProcessId
GetConsoleCP
RtlUnwind
GetTimeFormatA
SetLastError
HeapSize
LeaveCriticalSection
GetProcessHeap
GetCommandLineA
LCMapStringW
VirtualAllocEx
GetSystemTimeAsFileTime
OpenMutexA
FlushFileBuffers
GetCurrentDirectoryA
HeapCreate
LCMapStringA
GetTimeZoneInformation
HeapDestroy
CreateMutexA
HeapFree
GetFileType
TlsFree
CreateFileA
ReadFile
VirtualQuery
GetThreadSelectorEntry
WriteFile
FindAtomW
InterlockedIncrement
GetACP
GetLocaleInfoW
GetModuleHandleA
GetStartupInfoW
GetCommandLineW
GetStringTypeW
TlsAlloc
GetStdHandle
TlsGetValue
WriteConsoleW
GetLastError
CompareStringA
Sleep
SetHandleCount
SetStdHandle
GetProcAddress
QueryPerformanceCounter
WriteConsoleA
FreeEnvironmentStringsW
GetCurrentThread
CompareStringW
GetOEMCP
GetProfileStringA

comctl32

InitCommonControlsEx

Sections

.text
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5c76deaf5626d7a7a1207cb4fb9f69f

Headers

File Characteristics

Imports

shell32

wininet

user32

kernel32

comctl32

Sections

.text Size: 159KB - Virtual size: 158KB

.rdata Size: 9KB - Virtual size: 37KB

.data Size: 315KB - Virtual size: 314KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 159KB - Virtual size: 158KB

.rdata
Size: 9KB - Virtual size: 37KB

.data
Size: 315KB - Virtual size: 314KB

.rsrc
Size: 4KB - Virtual size: 3KB