1064e0148682a00c492625b543095259

Sharing

Copy URL Twitter E-mail

General

Target

1064e0148682a00c492625b543095259
Size

443KB
MD5

1064e0148682a00c492625b543095259
SHA1

3aa9d93e9ac63775d0367cb11bdd3260fd6bd7b4
SHA256

f69dfde035a2699a03814c7cd49f19830e8cdce48c89a8a707567a19932ab27e
SHA512

9cf4d4e197ab0c455666342b263a1b1b40f8385c2bad50ee2e1328f94aebe13d2f2404e707a2cbaa1f9a70700efa1ce99392a5497289d0cd8d615387b6c8552c
SSDEEP

6144:kf6qhnBTOreCSfiAs+ZjLgDE67Gd0qdcl9ksLnUT9jujpQGzAK2lsqwVy9OpMCUq:dCZOrl8s+qwrakaUJqjx2lsFy9vq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1064e0148682a00c492625b543095259

Files

1064e0148682a00c492625b543095259
.exe windows:4 windows x86 arch:x86

0a14c23ecc8fdd5b8ca96d9302ed6d25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

RoundRect
GetObjectA

wininet

InternetAlgIdToStringW
InternetQueryOptionW
InternetQueryFortezzaStatus
InternetLockRequestFile
ShowX509EncodedCertificate
InternetConnectW
InternetUnlockRequestFile

kernel32

WideCharToMultiByte
LCMapStringA
EnterCriticalSection
GetProcAddress
TerminateProcess
HeapAlloc
HeapReAlloc
GetStdHandle
ReadConsoleInputW
GetLocaleInfoA
TlsFree
SetWaitableTimer
CreateNamedPipeW
SetLastError
IsBadWritePtr
GetACP
UnhandledExceptionFilter
GetFileType
LocalFlags
GetTimeZoneInformation
GetEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
HeapDestroy
VirtualAlloc
CreateSemaphoreW
CreateWaitableTimerW
EnumSystemLocalesA
GetVersionExA
VirtualFree
CompareStringW
GetCPInfo
GetSystemTimeAsFileTime
SetHandleCount
InterlockedDecrement
IsValidLocale
GetStringTypeW
TlsAlloc
GetCurrentThread
HeapFree
LCMapStringW
CreateFileMappingA
GetCommandLineA
IsValidCodePage
GetConsoleOutputCP
InterlockedExchange
GetStringTypeA
LeaveCriticalSection
GetEnvironmentStrings
GetLocaleInfoW
GetSystemDirectoryW
GetModuleHandleA
HeapSize
GetCurrentProcessId
GetUserDefaultLCID
HeapCreate
RtlUnwind
QueryPerformanceCounter
TlsGetValue
LoadLibraryA
OpenFileMappingA
InitializeCriticalSection
TlsSetValue
GetTimeFormatA
GetStartupInfoA
GetCurrentThreadId
SetEnvironmentVariableA
FreeEnvironmentStringsW
MultiByteToWideChar
GetOEMCP
TryEnterCriticalSection
CompareStringA
CreateMailslotA
VirtualQuery
GetDiskFreeSpaceExW
GetLastError
ExitProcess
GetCurrentProcess
GetDateFormatA
DeleteCriticalSection
GetTickCount
GetSystemInfo
WriteConsoleInputA
LocalReAlloc
VirtualProtect
WriteFile

Sections

.text
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a14c23ecc8fdd5b8ca96d9302ed6d25

Headers

File Characteristics

Imports

gdi32

wininet

kernel32

Sections

.text Size: 143KB - Virtual size: 143KB

.rdata Size: 7KB - Virtual size: 22KB

.data Size: 284KB - Virtual size: 283KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 143KB - Virtual size: 143KB

.rdata
Size: 7KB - Virtual size: 22KB

.data
Size: 284KB - Virtual size: 283KB

.rsrc
Size: 8KB - Virtual size: 7KB