116090a54e052ad27ee7c9e8b779c85a

Sharing

Copy URL Twitter E-mail

General

Target

116090a54e052ad27ee7c9e8b779c85a
Size

434KB
MD5

116090a54e052ad27ee7c9e8b779c85a
SHA1

b84f57132116e0dbe43183558fdde1fb9604b8e3
SHA256

9ef685cb96d807adda3b37ad395b9dd3e645048609f5a56e951dd66349130a49
SHA512

b84eae7e6315413b04f0103763b99553d17ee2b939cf8e5a01f9964b0319437703341a4d7588d40d7fc45e82a8d4dfcaf0c22fe9c1b015a890e6fef6b285a068
SSDEEP

12288:6zyIFjj5iPKTMjXsH8fX3Bk3tfDu2XN/+WLB5:IFjvw68fBYtqE0WLB5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
116090a54e052ad27ee7c9e8b779c85a

Files

116090a54e052ad27ee7c9e8b779c85a
.exe windows:4 windows x86 arch:x86

f691a99df57f1bea82a0070ff6a3fc44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GrayStringW
ChildWindowFromPoint
WaitForInputIdle
SetPropA
IsCharUpperW
SetRect
OpenWindowStationA
InvertRect
DrawStateA
CopyAcceleratorTableW
EnableMenuItem
LoadKeyboardLayoutA
GetCursor
SetWindowContextHelpId
GetClassInfoExW

shell32

SHGetFileInfo
CheckEscapesW
ShellExecuteExW
ExtractAssociatedIconW
SHAppBarMessage

wininet

FtpGetFileSize
RetrieveUrlCacheEntryFileA
InternetAutodial
HttpOpenRequestW
InternetTimeToSystemTimeA
FindNextUrlCacheEntryA
DeleteUrlCacheEntryW
InternetCrackUrlA
FtpGetCurrentDirectoryW

comdlg32

GetOpenFileNameW
PrintDlgA
FindTextW
GetSaveFileNameA

kernel32

HeapSize
GetTickCount
GetProfileStringA
IsBadWritePtr
GetStringTypeA
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetTimeZoneInformation
GetStartupInfoA
GetFileType
GetProcAddress
QueryPerformanceCounter
WaitForSingleObject
GetStartupInfoW
GetCurrentProcess
GetUserDefaultLCID
GetTimeZoneInformation
GetTimeFormatA
GetLocaleInfoA
VirtualQuery
GetEnvironmentStrings
GetEnvironmentStringsW
GetVersionExA
ReadConsoleInputA
GetStdHandle
FreeEnvironmentStringsA
GetProfileSectionA
GetACP
GetCommandLineA
InitializeCriticalSection
GetLocaleInfoW
TerminateProcess
GetSystemTime
GetCommandLineW
LeaveCriticalSection
EnterCriticalSection
lstrcatW
GetCurrentProcessId
GetStringTypeW
HeapCreate
GetModuleFileNameW
lstrcpyA
TlsGetValue
GetModuleHandleA
GetSystemInfo
LoadLibraryA
ReadFile
MultiByteToWideChar
CompareStringW
lstrcatA
SetHandleCount
WriteFile
VirtualFree
SetLastError
GetVolumeInformationA
HeapAlloc
InterlockedExchange
GetCurrentThread
HeapFree
IsValidCodePage
GetOEMCP
TlsFree
GetShortPathNameW
GetSystemTimeAsFileTime
GetDiskFreeSpaceA
LCMapStringA
WriteConsoleInputA
GetCPInfo
SetEnvironmentVariableW
LCMapStringW
WideCharToMultiByte
OpenMutexW
GetCurrentThreadId
EnumSystemLocalesA
TlsSetValue
GetLastError
RtlUnwind
GetPrivateProfileIntW
CreateFileW
SetEnvironmentVariableA
HeapDestroy
CreateDirectoryA
DeleteCriticalSection
IsValidLocale
CompareStringA
ExitProcess
VirtualAlloc
VirtualProtect
HeapReAlloc
GetModuleFileNameA
GetDateFormatA
TlsAlloc
LocalReAlloc
SetSystemTime
WriteConsoleA

gdi32

GetTextCharset
SetColorAdjustment
GetCharWidthA
GetDIBits
CombineRgn
CreateEllipticRgn
PlayMetaFile
SetWindowExtEx
GetLogColorSpaceA

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 283KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f691a99df57f1bea82a0070ff6a3fc44

Headers

File Characteristics

Imports

user32

shell32

wininet

comdlg32

kernel32

gdi32

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 8KB - Virtual size: 13KB

.data Size: 283KB - Virtual size: 283KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 8KB - Virtual size: 13KB

.data
Size: 283KB - Virtual size: 283KB

.rsrc
Size: 11KB - Virtual size: 10KB