11dd7083fba44cee3b71c5c61a0c621b

Sharing

Copy URL Twitter E-mail

General

Target

11dd7083fba44cee3b71c5c61a0c621b
Size

858KB
MD5

11dd7083fba44cee3b71c5c61a0c621b
SHA1

2ce1d329ee9d52abbf5bfb9aa965c7b6a56d7b00
SHA256

7a48c68fcb0523d5e262f83810c60af32b05c74fad367a65fe003371c0775a42
SHA512

3799d013c47e830af9d2ee358d120f7f529f3b449c46b0c99d4949d93c8dcbd8515157c4695225ce880f19b831b7cbde0c6094305fc03cb0dd9e0d9c3da2cae2
SSDEEP

24576:Lrtz1zo2ll3cJ/IfxSvaCf8TpKIQ3RVaZ8dyl:9Js2lE4ZE3RVs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11dd7083fba44cee3b71c5c61a0c621b

Files

11dd7083fba44cee3b71c5c61a0c621b
.exe windows:4 windows x86 arch:x86

250f2ccbb34bc5d81ac7795c72543c04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHAutoComplete
UrlCombineA
SHRegOpenUSKeyA
StrChrIA
PathAppendA
StrToIntExA
SHDeleteValueA
SHRegEnumUSKeyA
PathQuoteSpacesA
SHRegWriteUSValueA
SHRegCreateUSKeyA
PathSearchAndQualifyA
ColorHLSToRGB
PathCommonPrefixA
PathFileExistsA
PathFindOnPathA
PathIsRelativeA
PathGetDriveNumberA
AssocQueryStringA
UrlIsOpaqueA
SHCreateStreamWrapper
StrCSpnA
StrSpnA
PathIsUNCA
PathMakePrettyA
PathRemoveBlanksA
HashData
SHIsLowMemoryMachine
StrFormatByteSize64A
StrRChrIA

kernel32

SetEnvironmentVariableA
FatalExit
lstrcat
VirtualFree
WaitForSingleObject
FillConsoleOutputAttribute
FlushInstructionCache
PeekNamedPipe
CreateThread
GetExitCodeThread
SetMailslotInfo
SetConsoleOutputCP
CallNamedPipeA
TlsFree
GetCurrentProcessId
GetConsoleTitleA
IsBadWritePtr
LocalFree
EnumCalendarInfoA
ExpandEnvironmentStringsA
FindFirstFileA
lstrcmpi
OutputDebugStringA
OpenSemaphoreA
IsBadHugeReadPtr
GetProfileIntA
AddAtomA
GetConsoleOutputCP
GetProcessHeaps
FreeLibrary
GetProcessAffinityMask
ClearCommBreak
EnumResourceLanguagesA
CreateConsoleScreenBuffer
Heap32First
CloseHandle
lstrcpyn
GetPrivateProfileStructA
GetFullPathNameA
VirtualLock
GetOverlappedResult
LoadModule
GetSystemPowerStatus
SetupComm
ContinueDebugEvent
SetConsoleWindowInfo
GetNumberOfConsoleMouseButtons
GetTimeZoneInformation
ExitProcess
SetCommMask
ReadFileEx
FindAtomA
IsDBCSLeadByteEx
SetVolumeLabelA
ReadConsoleA
SetProcessAffinityMask
UTRegister
GetBinaryTypeA
GenerateConsoleCtrlEvent
FindNextChangeNotification

Sections

.twlub
Size: 635KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmpw
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nud
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ipo
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lgnq
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rkpgb
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.epe
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdyxs
Size: 48KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buhip
Size: 124KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

250f2ccbb34bc5d81ac7795c72543c04

Headers

File Characteristics

Imports

shlwapi

kernel32

Sections

.twlub Size: 635KB - Virtual size: 1.3MB

.vmpw Size: 5KB - Virtual size: 5KB

.nud Size: 19KB - Virtual size: 27KB

.ipo Size: 512B - Virtual size: 20KB

.lgnq Size: 6KB - Virtual size: 15KB

.rkpgb Size: 512B - Virtual size: 56B

.epe Size: 512B - Virtual size: 24B

.sdyxs Size: 48KB - Virtual size: 76KB

.buhip Size: 124KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.twlub
Size: 635KB - Virtual size: 1.3MB

.vmpw
Size: 5KB - Virtual size: 5KB

.nud
Size: 19KB - Virtual size: 27KB

.ipo
Size: 512B - Virtual size: 20KB

.lgnq
Size: 6KB - Virtual size: 15KB

.rkpgb
Size: 512B - Virtual size: 56B

.epe
Size: 512B - Virtual size: 24B

.sdyxs
Size: 48KB - Virtual size: 76KB

.buhip
Size: 124KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB