10690ab2fd07727011108178f953b9da

Sharing

Copy URL Twitter E-mail

General

Target

10690ab2fd07727011108178f953b9da
Size

497KB
MD5

10690ab2fd07727011108178f953b9da
SHA1

4534a5281301f44c8574300db16980e515dc100c
SHA256

8c2e24bed666608d895c13f7e6e2a26dc7f47c3be0c32ee7b352c7724dbfbb56
SHA512

5d5e659e7b8b27da1fec1a1b9653460bbd627c4d56749383433f01005fd2e2ff687decf9d0020b09c416745ecd77e2f8ac0e109b26d252cb298c0a4d3a6fa1d4
SSDEEP

12288:5CmynfbcBfEO21K+GcOR2qbXpDU0IRi+RHqp+GanB6nq:wmicBflGGbNU0+i2HPGanM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10690ab2fd07727011108178f953b9da

Files

10690ab2fd07727011108178f953b9da
.exe windows:4 windows x86 arch:x86

e40f9cd5c2a07ef625ca5ff1204a9adf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
LookupPrivilegeNameA
RegCreateKeyW
CryptAcquireContextW
RegSetValueA
LogonUserA
CryptSetHashParam
RegLoadKeyW
CryptDuplicateKey
RegSetValueExW
RegOpenKeyW
RegEnumKeyA
RegOpenKeyA
GetUserNameA
RegCreateKeyExA

wininet

CreateUrlCacheGroup
InternetHangUp
InternetSetCookieA
DeleteUrlCacheContainerA

gdi32

GetTextCharsetInfo
GetTextExtentPointA
GetWindowOrgEx
SetBoundsRect
GetKerningPairs
CombineTransform
CreateHalftonePalette
EnableEUDC
GetEnhMetaFileA
EnumFontFamiliesW
GetBoundsRect
GetNearestPaletteIndex
SetAbortProc
GetCharWidth32A

user32

ShowWindow
CreateDialogParamA
UnhookWinEvent
GetWindowTextW
LoadImageW
RegisterClassExA
RegisterClassA
MoveWindow
RegisterWindowMessageW
GetSystemMetrics
DrawMenuBar
GetUserObjectInformationW

comctl32

InitCommonControlsEx

kernel32

FindFirstFileW
LCMapStringW
FreeEnvironmentStringsA
GetFileType
GetLastError
GetStartupInfoW
TransactNamedPipe
TlsGetValue
GetEnvironmentStrings
GetModuleFileNameA
SetEnvironmentVariableA
GetCommandLineA
GetProcessHeap
InterlockedIncrement
GetStartupInfoA
GetCPInfo
GetStdHandle
CompareStringW
SetConsoleCursorPosition
GetProcAddress
GetTickCount
DeleteCriticalSection
GetTimeZoneInformation
EnterCriticalSection
VirtualQuery
CreateFileMappingA
TerminateProcess
GetEnvironmentStringsW
HeapCreate
RaiseException
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetCurrentThread
InterlockedExchange
UnhandledExceptionFilter
SetLastError
SetFilePointer
FlushFileBuffers
QueryPerformanceCounter
RtlUnwind
InitializeCriticalSection
GetStringTypeW
LoadLibraryA
InterlockedDecrement
LCMapStringA
CreateMutexA
GetStringTypeA
GetCommandLineW
TlsSetValue
WideCharToMultiByte
GetPrivateProfileStringW
GetVersion
GetLocalTime
GetCurrentThreadId
VirtualAlloc
HeapAlloc
LeaveCriticalSection
lstrcpy
VirtualFree
GetOEMCP
IsBadWritePtr
GetModuleFileNameW
HeapReAlloc
WriteFile
CompareStringA
HeapDestroy
ReadFile
lstrcmpiA
SetStdHandle
TlsAlloc
ExitProcess
LocalCompact
TlsFree
CloseHandle
SetHandleCount
GetCurrentProcessId
GetSystemTime
MultiByteToWideChar
GetCurrentProcess
OpenMutexA
HeapFree
GetModuleHandleA

Sections

.text
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 311KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e40f9cd5c2a07ef625ca5ff1204a9adf

Headers

File Characteristics

Imports

advapi32

wininet

gdi32

user32

comctl32

kernel32

Sections

.text Size: 170KB - Virtual size: 169KB

.rdata Size: 5KB - Virtual size: 8KB

.data Size: 311KB - Virtual size: 311KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 170KB - Virtual size: 169KB

.rdata
Size: 5KB - Virtual size: 8KB

.data
Size: 311KB - Virtual size: 311KB

.rsrc
Size: 10KB - Virtual size: 9KB