115570fa081fb036febaec9a4240891a

Sharing

Copy URL Twitter E-mail

General

Target

115570fa081fb036febaec9a4240891a
Size

489KB
MD5

115570fa081fb036febaec9a4240891a
SHA1

308b99844914e7ea306080b31f58a119aedc4c53
SHA256

a18bda6c91cdcf5051f012703344b24f60431927f171b667a4c7b5b13467b6a3
SHA512

f0bcdf99cd59826aae46d521e7bfe5c46b86188c0397dba891115bb4bcdf2747e07fcbe90858b5bbdd5c7e08d6f57c395052c4539fc67398f8646a277fccbd19
SSDEEP

6144:Vlfnh1E7kbI4neKFqS7S8UVIUxg2q/r7+pvKp08GeMR+r/im8O8MTZte9G3F1R7H:ffnhSw/FqC5Ux5q7+pvKpWtZMTy8F17

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
115570fa081fb036febaec9a4240891a

Files

115570fa081fb036febaec9a4240891a
.exe windows:4 windows x86 arch:x86

e9ac5aa7a32121c128d7f1406840cfd7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenW
ShowClientAuthCerts
InternetConnectA
InternetGetCookieA
InternetTimeFromSystemTimeA
FtpOpenFileA
InternetConnectW
InternetTimeToSystemTimeW
CommitUrlCacheEntryA

gdi32

GetTextExtentPointW
GetClipBox
PtVisible
DeleteColorSpace
CreateScalableFontResourceW
GetEnhMetaFileDescriptionW
EnumFontFamiliesA
GetStockObject
CreateEllipticRgnIndirect
GetTextCharset
GetTextAlign
GetCharABCWidthsFloatA
GetCharWidthFloatA
CreateDIBPatternBrush
GetTextFaceA
CreateBitmap
EndPath
GetStretchBltMode
CreatePolyPolygonRgn
SetDIBColorTable
SetMapperFlags
UnrealizeObject
GetTextFaceW

user32

SwitchToThisWindow
GetWindowLongW
RegisterClassA
GrayStringW
UnregisterHotKey
GetKBCodePage
MonitorFromRect
DefFrameProcW
GetWindow
DrawFrameControl
CharNextW
RegisterClassExA
SendIMEMessageExW

shell32

DragQueryFileA
SHQueryRecycleBinW
SHBrowseForFolder
InternalExtractIconListA
DoEnvironmentSubstW

kernel32

InterlockedExchange
EnterCriticalSection
SetStdHandle
WriteConsoleW
GetOEMCP
GetLocaleInfoA
HeapCreate
GetConsoleOutputCP
GetCurrentThread
lstrcmpiA
ReadFile
LocalFlags
GetPrivateProfileStringW
GetPrivateProfileSectionNamesA
EnumCalendarInfoW
TlsFree
InterlockedDecrement
VirtualQuery
GetTickCount
IsDebuggerPresent
VirtualFree
SetLastError
GetTimeZoneInformation
GetCurrentThreadId
GetConsoleCP
GetLastError
GetCommandLineW
HeapReAlloc
SetUnhandledExceptionFilter
CreateFileA
CreateMutexA
WriteFile
GetACP
GetStdHandle
LCMapStringW
IsValidLocale
HeapLock
VirtualAlloc
GetTimeFormatA
GetProcessHeap
FreeEnvironmentStringsW
HeapFree
GetStartupInfoW
DeleteCriticalSection
TlsGetValue
GetConsoleMode
WideCharToMultiByte
TlsAlloc
InitializeCriticalSection
TerminateProcess
EnumSystemLocalesA
WriteConsoleA
SetHandleCount
GetCurrentProcessId
CompareStringA
FreeLibraryAndExitThread
OpenMutexA
GetDateFormatA
QueryPerformanceCounter
GetModuleFileNameW
ExitProcess
SetEnvironmentVariableA
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcess
LoadLibraryA
SetFilePointer
GetVersionExA
LeaveCriticalSection
GetCommandLineA
ReadFileEx
HeapAlloc
OpenSemaphoreA
FlushFileBuffers
GetEnvironmentStrings
CompareStringW
TlsSetValue
FreeLibrary
GetLocaleInfoW
MultiByteToWideChar
HeapSize
InterlockedIncrement
IsValidCodePage
GetTempFileNameW
GetModuleHandleA
RtlZeroMemory
GetEnvironmentStringsW
lstrcatA
LockResource
GetModuleFileNameA
EnumResourceLanguagesA
GetProcAddress
SetConsoleCtrlHandler
GetCPInfo
Sleep
GetStringTypeW
GetStringTypeA
GetFileType
HeapDestroy
UnhandledExceptionFilter
LoadLibraryW
GetUserDefaultLCID
FreeEnvironmentStringsA
GetStartupInfoA
LCMapStringA
SetConsoleWindowInfo
CloseHandle
GetDriveTypeW

advapi32

CryptHashSessionKey
LookupSecurityDescriptorPartsA
RegEnumKeyA
RegEnumKeyW
RegCloseKey
CryptAcquireContextW
RegSaveKeyA
CryptSetProviderA
LookupAccountNameA
CryptGetDefaultProviderA
RegSetValueExA
RegCreateKeyA
LogonUserA
CryptAcquireContextA
LookupAccountSidA
RegReplaceKeyW
RegRestoreKeyW
RegSetValueExW
CryptSignHashW
RegOpenKeyW
LookupAccountSidW
CryptEnumProviderTypesW
CryptSetProvParam
AbortSystemShutdownW
RegNotifyChangeKeyValue

comctl32

InitCommonControlsEx

Sections

.text
Size: 327KB - Virtual size: 327KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9ac5aa7a32121c128d7f1406840cfd7

Headers

File Characteristics

Imports

wininet

gdi32

user32

shell32

kernel32

advapi32

comctl32

Sections

.text Size: 327KB - Virtual size: 327KB

.rdata Size: 45KB - Virtual size: 51KB

.data Size: 104KB - Virtual size: 103KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 327KB - Virtual size: 327KB

.rdata
Size: 45KB - Virtual size: 51KB

.data
Size: 104KB - Virtual size: 103KB

.rsrc
Size: 12KB - Virtual size: 11KB