13322d77525646cb591f85ff1332a2f1

General

Target

13322d77525646cb591f85ff1332a2f1
Size

23KB
MD5

13322d77525646cb591f85ff1332a2f1
SHA1

11674582ae8a2021f63fe305b4326a4753cc2490
SHA256

ec51489c0f212d3e9e69e4c9b073b119981d3b65c9a231e17d77d0c5d6a8f160
SHA512

8ab57fd9e3bc12391e1a70cc0aa69a0597e9a9c9a44d154bd54898790901572d5a930f6a8279111fc1ccb65eb8e0394be1b48036802257f9d6911aa252afe103
SSDEEP

384:iOVUob/3moOnAtvZBQIkUTzw1Wk3a2NELGM381uhp0Pba3hwvrqG+W/8AoWl:iE7kUQ1WkWai8whDujqGkA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13322d77525646cb591f85ff1332a2f1

Files

13322d77525646cb591f85ff1332a2f1
.exe windows:4 windows x86 arch:x86

afacfad9fbab5e8a767d545f713075ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetLastError
GetProcAddress
LoadLibraryA
WaitForSingleObject
CreateThread
Sleep
lstrcmpiA
GetModuleFileNameA
GetSystemDirectoryA
lstrcatA
GetWindowsDirectoryA
DeleteFileA
GetVersionExA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetTempFileNameA
GetTempPathA
lstrlenA
GetTickCount
CreateProcessA
ReadFile
SetFilePointer
CreateFileA
WriteFile
CloseHandle
SystemTimeToTzSpecificLocalTime
GetCurrentProcess
CreateMutexA
lstrcpyA

user32

wsprintfA
GetWindow
GetClassNameA
GetWindowTextA
GetForegroundWindow

advapi32

AdjustTokenPrivileges
OpenProcessToken
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
LookupPrivilegeValueA

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
DeleteUrlCacheEntry
InternetCloseHandle
HttpQueryInfoA

shell32

SHGetSpecialFolderPathA
ShellExecuteA

msvcrt

sprintf
_ltoa
_strlwr
_except_handler3
strstr
fopen
fgets
fclose
atol
strcpy
strcat
strlen
strchr
malloc
memcpy
memset

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls0
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.reloc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

afacfad9fbab5e8a767d545f713075ef

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

shell32

msvcrt

Sections

.text Size: 19KB - Virtual size: 19KB

.rsrc Size: 1KB - Virtual size: 1KB

.tls0 Size: 512B - Virtual size: 404B

.reloc Size: 512B - Virtual size: 16B

.text
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 1KB - Virtual size: 1KB

.tls0
Size: 512B - Virtual size: 404B

.reloc
Size: 512B - Virtual size: 16B