1134234126c2a862851099b1e59d0919

Sharing

Copy URL Twitter E-mail

General

Target

1134234126c2a862851099b1e59d0919
Size

448KB
MD5

1134234126c2a862851099b1e59d0919
SHA1

31d134b018b86a8ca295d7fca5c7acfce9b71d2b
SHA256

9445d09c3e472af444195a99678defa84fe497e15df4cf87da33eb333733f30c
SHA512

a2d03b98a5434676e2658eb63607dbc5ce05bea791b6802f54d4ac062ae8b731326c5b272c92031e88034df241c8441cce62ffa2da6fbd2a8ea62eb8caa47af8
SSDEEP

6144:HFi86279X9SE4G6mYaV+p2Z/piLXI35gJaYUNf7iYhZS/TTAq43dIzJiQXYIh7Sa:rfV7V6aV+MBYjUNmlPz43dIdrXYk7S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1134234126c2a862851099b1e59d0919

Files

1134234126c2a862851099b1e59d0919
.exe windows:4 windows x86 arch:x86

f2bdc1d474054109713f543ce1758599

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDeviceCaps
CreateColorSpaceA
CreateCompatibleBitmap
WidenPath
SwapBuffers
GetPaletteEntries
CreateDIBPatternBrush
FillRgn
PtVisible

kernel32

FreeEnvironmentStringsA
GetEnvironmentStringsW
ReadConsoleInputA
ExitProcess
GetDriveTypeA
GetLocaleInfoW
InitializeCriticalSection
GetModuleHandleA
GetTimeFormatA
HeapAlloc
LoadLibraryA
DeleteCriticalSection
InterlockedExchange
VirtualQuery
CompareStringA
VirtualAlloc
GetMailslotInfo
VirtualProtect
EnumSystemLocalesA
GetStringTypeA
SetHandleCount
GetSystemTimeAsFileTime
CreateEventW
GetTimeZoneInformation
TlsSetValue
WriteFile
HeapSize
GetTickCount
TerminateProcess
GetUserDefaultLCID
ReleaseSemaphore
LCMapStringW
CompareStringW
TlsAlloc
GetCurrentThreadId
UnhandledExceptionFilter
HeapFree
GetVersionExA
LeaveCriticalSection
GetStringTypeW
GetProcAddress
SetEnvironmentVariableA
VirtualFree
GetLocaleInfoA
TlsFree
GetCommandLineA
FileTimeToSystemTime
FreeEnvironmentStringsW
GetModuleFileNameA
GetCPInfo
GetCurrentThread
HeapReAlloc
GetFileType
GetStdHandle
CreateMailslotW
GetLastError
HeapDestroy
IsValidLocale
FileTimeToLocalFileTime
GetACP
QueryPerformanceCounter
GlobalFindAtomA
GetCurrentProcess
TlsGetValue
IsValidCodePage
IsBadWritePtr
ResumeThread
HeapCreate
WideCharToMultiByte
SetLastError
GetStartupInfoA
GetCurrentProcessId
EnumCalendarInfoA
EnterCriticalSection
GetOEMCP
GetEnvironmentStrings
GetDateFormatA
MultiByteToWideChar
RtlUnwind
LCMapStringA
GetSystemInfo

advapi32

CryptDestroyKey
CryptDecrypt
LookupAccountNameA
DuplicateToken
RegQueryValueExA
CryptSetKeyParam
CryptVerifySignatureW
StartServiceW
RegConnectRegistryA
RegRestoreKeyA
RegSetValueExA
RegEnumKeyExA
LookupSecurityDescriptorPartsA

wininet

FtpPutFileW
HttpSendRequestA
InternetSetOptionA
InternetFindNextFileW
InternetGetCertByURLA

user32

GetWindowModuleFileNameW

comdlg32

GetOpenFileNameW
ReplaceTextW
ChooseFontA

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2bdc1d474054109713f543ce1758599

Headers

File Characteristics

Imports

gdi32

kernel32

advapi32

wininet

user32

comdlg32

Sections

.text Size: 147KB - Virtual size: 146KB

.rdata Size: 7KB - Virtual size: 18KB

.data Size: 279KB - Virtual size: 279KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 147KB - Virtual size: 146KB

.rdata
Size: 7KB - Virtual size: 18KB

.data
Size: 279KB - Virtual size: 279KB

.rsrc
Size: 13KB - Virtual size: 12KB