14061fa34d17ce5912f0413467a4a369

General

Target

14061fa34d17ce5912f0413467a4a369
Size

180KB
MD5

14061fa34d17ce5912f0413467a4a369
SHA1

9eae810bc5f1c0da14b8480b6bb87eccda6cccd3
SHA256

f8ab48f0e4e4e4f445cbf87c030e73a637de98065047e4eaf974f81bc7a94869
SHA512

3c8166e8ffaac7eaf44f86487e1f9490d51a652513d210a4f7c6b02bf1c3ff214d94538327e4df421a6731f195dba603f6c34e7e2104d743bee4a16ae83d1028
SSDEEP

3072:ZFOna382CxsRQ7BObv4zOy8rULSygPGPlQLfWUOs5GK5yHAw+Vi:ZFsxSQ7BObv4zOzgGVWQL/kHHZ+U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14061fa34d17ce5912f0413467a4a369

Files

14061fa34d17ce5912f0413467a4a369
.exe windows:4 windows x86 arch:x86

a6e53a1b16d2b680dbaa67b16ee0a8e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GlobalGetAtomNameA
WritePrivateProfileStringW
DeleteCriticalSection
Sleep
WaitForSingleObject
LockResource
FindCloseChangeNotification
GetVersionExA
GetProcAddress
InitializeCriticalSection
GlobalLock
FindFirstChangeNotificationW
GetCurrentDirectoryW
LoadLibraryA
LoadResource
EnumResourceTypesW
LoadLibraryW
GlobalAlloc
lstrlenW
GetTickCount
FindNextChangeNotification
GlobalSize
MultiByteToWideChar
FindFirstFileW
FindClose
GlobalUnlock
FindResourceW
GetPrivateProfileIntW
IsDBCSLeadByte
MulDiv
GetModuleHandleW
GetVersionExW
GetPrivateProfileStringW
CloseHandle
FreeLibrary
GetLocaleInfoW

shell32

SHGetImageList
SHBrowseForFolderA
ShellExecuteExW
ShellExecuteExA
SHGetFileInfoA
SHGetPathFromIDListA
SHFileOperationW
SHGetFolderPathW
ShellExecuteW
CommandLineToArgvW
Shell_NotifyIconA

wininet

InternetCrackUrlA
InternetOpenA
InternetConnectA
HttpOpenRequestA
InternetTimeToSystemTime
InternetErrorDlg
InternetReadFile
HttpSendRequestA
HttpQueryInfoA
InternetCloseHandle
InternetTimeFromSystemTime

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6e53a1b16d2b680dbaa67b16ee0a8e5

Headers

File Characteristics

Imports

kernel32

shell32

wininet

Sections

.text Size: 81KB - Virtual size: 81KB

.rdata Size: 2KB - Virtual size: 145KB

.data Size: 95KB - Virtual size: 94KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 81KB - Virtual size: 81KB

.rdata
Size: 2KB - Virtual size: 145KB

.data
Size: 95KB - Virtual size: 94KB

.rsrc
Size: 512B - Virtual size: 4KB