20b02e35c68376dbdcbc81b6caa23312

Sharing

Copy URL Twitter E-mail

General

Target

20b02e35c68376dbdcbc81b6caa23312
Size

399KB
MD5

20b02e35c68376dbdcbc81b6caa23312
SHA1

bc7bebdbe98f7093c1c0500a49845868a5343409
SHA256

0e14753a3d5f7b100b2c425db3746b691e3ffec362dfe078855b9d54a6fe1ad2
SHA512

ea519d37890ce783c468ca6cc66a19be869f71851fb59b2b5ea31cc3a15e3f2584d5fc0e513820aeeabf1c12dabc253a85f9955642ecc2f412991e213e72d9b9
SSDEEP

6144:vL4OTZHk8fDQYuiNra4Lx4xk2esR4vWAebTPimIRvTM:x5k87Q5iwqx4es3XbbbOv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20b02e35c68376dbdcbc81b6caa23312

Files

20b02e35c68376dbdcbc81b6caa23312
.exe windows:4 windows x86 arch:x86

94e904a7ba6ddf6c7a9e49a6f6e77924

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
CryptExportKey
RegNotifyChangeKeyValue
CryptGetDefaultProviderA
RegDeleteValueA
DuplicateTokenEx
CryptDecrypt
RegSetKeySecurity
CryptDuplicateHash
RegLoadKeyA
RegQueryValueExA
CryptSetProviderExW
RegEnumKeyW
LookupPrivilegeDisplayNameA
ReportEventA
RegQueryValueA

kernel32

EnumSystemCodePagesA
FreeEnvironmentStringsA
HeapCreate
WriteConsoleOutputAttribute
TlsGetValue
GetCurrentProcess
SetFilePointer
GetCPInfo
WriteFile
CompareStringW
LoadLibraryA
lstrcat
MultiByteToWideChar
GetCurrentThreadId
CompareStringA
GetOEMCP
TerminateProcess
TlsFree
GetACP
InterlockedExchange
MoveFileA
GetCommandLineA
UnhandledExceptionFilter
EnterCriticalSection
HeapFree
VirtualQuery
RtlUnwind
LeaveCriticalSection
GetTickCount
HeapReAlloc
GetStartupInfoA
FlushFileBuffers
GetCurrentThread
LCMapStringA
CloseHandle
GetLocaleInfoA
GetLastError
InitializeCriticalSection
WaitNamedPipeA
SetHandleCount
GetEnvironmentStrings
SetStdHandle
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GlobalReAlloc
TlsSetValue
GetTimeFormatA
SetEnvironmentVariableA
LCMapStringW
ReadFile
GetDateFormatA
GetConsoleTitleW
GetVersionExA
VirtualProtect
VirtualFree
GetSystemInfo
GetTimeZoneInformation
GetModuleFileNameA
GetEnvironmentStringsW
ExitProcess
VirtualAlloc
WideCharToMultiByte
IsValidCodePage
GetStringTypeW
GetStringTypeA
SetLastError
GetStdHandle
HeapAlloc
GetProcAddress
IsValidLocale
DeleteCriticalSection
GetFileType
HeapSize
GetUserDefaultLCID
OpenMutexA
CreateMutexA
IsBadWritePtr
QueryPerformanceCounter
HeapDestroy
GetLocaleInfoW
GetCurrentProcessId
TlsAlloc
EnumSystemLocalesA
GetModuleHandleA

wininet

InternetOpenA
FindNextUrlCacheContainerA
RetrieveUrlCacheEntryStreamW
GopherGetAttributeA
InternetTimeToSystemTimeW
FreeUrlCacheSpaceW

gdi32

CreatePatternBrush
ArcTo
SetPixel
GetCharABCWidthsFloatW
CreateFontA
CreateHalftonePalette

shell32

SHChangeNotify
SHFileOperation
FreeIconList
DragQueryFileA

user32

LoadKeyboardLayoutW
DdeConnectList
GetInputDesktop
OemToCharA
SendMessageA
WinHelpW
CopyAcceleratorTableW
DrawFrameControl
SetCursorPos
GetSysColor
GetMenuInfo
GetWindowInfo
GetClipboardSequenceNumber
ChangeMenuA
ActivateKeyboardLayout
InsertMenuItemA
RegisterClassA
RegisterClassExA
OpenClipboard
SetWindowPlacement
EnumPropsW
DrawIconEx
CharLowerA
SetShellWindow
GetDlgItemInt

comctl32

InitCommonControlsEx

Sections

.text
Size: 235KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94e904a7ba6ddf6c7a9e49a6f6e77924

Headers

File Characteristics

Imports

advapi32

kernel32

wininet

gdi32

shell32

user32

comctl32

Sections

.text Size: 235KB - Virtual size: 234KB

.rdata Size: 9KB - Virtual size: 37KB

.data Size: 151KB - Virtual size: 150KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 235KB - Virtual size: 234KB

.rdata
Size: 9KB - Virtual size: 37KB

.data
Size: 151KB - Virtual size: 150KB

.rsrc
Size: 3KB - Virtual size: 3KB