1359c12576b4d28c021d3911780db027

Sharing

Copy URL Twitter E-mail

General

Target

1359c12576b4d28c021d3911780db027
Size

545KB
MD5

1359c12576b4d28c021d3911780db027
SHA1

c2f1046a848d0ab8fdd883db2b9b162554dcb09d
SHA256

6722db841126c580f5ce73602c26e672a91cf4e85fc9c56bcdf2b9bfb899cd16
SHA512

171c79fd6c117575af08e9d5d48f1d3ff15d546bd112645f9d28a94ebcb7a887cdfa4159225e096ff7150d02d848567dc6bf7f2618ac307aaf6ac6781689f3fc
SSDEEP

12288:a1bTqDpLUJQyWhnkbK6rdPDmULKcoVOKaeJgSx:4/EpYJUkbZyUL6Wm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1359c12576b4d28c021d3911780db027

Files

1359c12576b4d28c021d3911780db027
.exe windows:4 windows x86 arch:x86

a354b45ad1d06bf7cf87e265512a2c6d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
lstrcpyA
SetFilePointer
GetACP
IsValidLocale
FreeEnvironmentStringsW
GetCommandLineA
LoadLibraryA
HeapCreate
CreateFileA
GetStartupInfoA
OutputDebugStringW
GetLocaleInfoW
InterlockedIncrement
TlsSetValue
GetEnvironmentStrings
GetTickCount
SetConsoleCtrlHandler
GetModuleHandleA
TlsAlloc
GetUserDefaultLCID
GetSystemTimeAsFileTime
RtlUnwind
GetCurrentThreadId
GetCommandLineW
SetUnhandledExceptionFilter
HeapDestroy
WriteConsoleW
WriteConsoleA
GetStringTypeA
VirtualAlloc
FindFirstFileExA
EnumTimeFormatsW
GetConsoleMode
GetTimeFormatA
GetCurrentProcessId
lstrcpyn
WideCharToMultiByte
GlobalDeleteAtom
CompareStringA
SetConsoleMode
VirtualFree
GetCurrentThread
GetStringTypeW
LeaveCriticalSection
SetLastError
SetHandleCount
HeapSize
lstrcmpW
LCMapStringA
GetVersionExA
FreeLibrary
IsDebuggerPresent
EnumSystemLocalesA
QueryPerformanceCounter
InterlockedDecrement
GetConsoleCP
GetTimeZoneInformation
GetStdHandle
HeapFree
HeapReAlloc
TerminateProcess
SetEnvironmentVariableA
GetConsoleOutputCP
HeapAlloc
CreateMutexA
GetDateFormatA
InitializeCriticalSection
FlushFileBuffers
GetOEMCP
GetModuleFileNameA
DeleteCriticalSection
GetLogicalDriveStringsA
MultiByteToWideChar
ReadFile
WriteFile
GetLastError
GetEnvironmentStringsW
GetProcessHeap
TlsFree
OpenMutexA
GetCPInfo
ExitProcess
VirtualQuery
GetStartupInfoW
CompareStringW
TlsGetValue
FreeEnvironmentStringsA
GetModuleFileNameW
GetProcAddress
UnhandledExceptionFilter
CloseHandle
FoldStringW
IsValidCodePage
GetLocaleInfoA
Sleep
SetStdHandle
GetFileType
SetCurrentDirectoryW
EnterCriticalSection
GetCurrentProcess
FillConsoleOutputCharacterA
LCMapStringW
InterlockedExchange

comctl32

InitCommonControlsEx

wininet

FtpCreateDirectoryA
GetUrlCacheConfigInfoW
HttpQueryInfoA

user32

RegisterClassExA
InvertRect
EnableScrollBar
EnumWindows
GetClassLongW
FindWindowA
CloseClipboard
SetSystemCursor
EqualRect
DragObject
SetClassLongW
CharNextA
VkKeyScanA
RegisterClassA
ChangeDisplaySettingsW
GetKeyboardType
EnumPropsA
GetTabbedTextExtentW
GetAltTabInfo
CreatePopupMenu
CharToOemBuffW
ClipCursor
CreateDialogIndirectParamA

Sections

.text
Size: 355KB - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a354b45ad1d06bf7cf87e265512a2c6d

Headers

File Characteristics

Imports

kernel32

comctl32

wininet

user32

Sections

.text Size: 355KB - Virtual size: 355KB

.rdata Size: 65KB - Virtual size: 72KB

.data Size: 109KB - Virtual size: 108KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 355KB - Virtual size: 355KB

.rdata
Size: 65KB - Virtual size: 72KB

.data
Size: 109KB - Virtual size: 108KB

.rsrc
Size: 15KB - Virtual size: 14KB