15484cd52b0d2001f28861810cac0a73

Sharing

Copy URL

Twitter E-mail

General

Target

15484cd52b0d2001f28861810cac0a73
Size

237KB
MD5

15484cd52b0d2001f28861810cac0a73
SHA1

f1072a729d7325c5bf21962cecd1d4671434aa56
SHA256

a97ecdcf18f11385c142e03e0c7de117a65f5a695ddfa9da2d1fb0b173b3f23a
SHA512

4c53d017c50e8b258e51240de040fdb59cdec431c1af724c58e2dbdb0f2eab90f903f1de05e824e0e758b24cace1629e7299710450224a4f3910f0186adcd84d
SSDEEP

3072:M06ito9v/SFTguuDWnewWDBVLuOYhZxS3y7eurtI6mp+n+Jlx7QIG75Px2kaxXPG:Mv1yVNn0BVLuthZx5S6mAjszg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15484cd52b0d2001f28861810cac0a73

Files

15484cd52b0d2001f28861810cac0a73
.exe windows:5 windows x86 arch:x86

aab29883725fe7d931d832423486dce6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
CreateEventA
lstrlenW
GetLastError
GlobalFree
ResetEvent
Sleep
VirtualFree
InitializeCriticalSection
LeaveCriticalSection
VirtualAlloc
EnterCriticalSection
DeleteCriticalSection
CreateFileA
GetFileSize
SetFilePointer
lstrlenA
WriteFile
GetFileAttributesA
ReadFile
CreateDirectoryA
FindFirstFileA
FindClose
LocalAlloc
CloseHandle
LocalFree
lstrcpyA
HeapAlloc
HeapFree
GetProcessHeap
FormatMessageA
SystemTimeToFileTime
SetFileTime
TerminateThread
WaitForSingleObject
lstrcatA
InterlockedExchange
LocalFileTimeToFileTime
PeekNamedPipe
CreateProcessA
TerminateProcess
DisconnectNamedPipe
GetStartupInfoA
WaitForMultipleObjects
CreatePipe
SetErrorMode
CopyFileA
GetModuleFileNameA
GetSystemTime
MultiByteToWideChar
SetEndOfFile
GetModuleHandleA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
SetStdHandle
GetSystemDirectoryA
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
GetCurrentThreadId
CreateThread
GetModuleHandleW
GetProcAddress
ExitProcess
GetCommandLineA
RaiseException
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetStdHandle
HeapCreate
HeapReAlloc
LoadLibraryA
InitializeCriticalSectionAndSpinCount
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FlushFileBuffers

user32

CharNextA

winhttp

WinHttpCrackUrl
WinHttpGetProxyForUrl
WinHttpOpenRequest
WinHttpOpen
WinHttpSetStatusCallback
WinHttpReadData
WinHttpCloseHandle
WinHttpConnect
WinHttpSendRequest
WinHttpGetIEProxyConfigForCurrentUser
WinHttpSetOption
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpAddRequestHeaders

iphlpapi

GetAdaptersInfo
GetAdaptersAddresses

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aab29883725fe7d931d832423486dce6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

winhttp

iphlpapi

Sections

.text Size: 168KB - Virtual size: 168KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 11KB - Virtual size: 22KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 18KB - Virtual size: 17KB

.text
Size: 168KB - Virtual size: 168KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 11KB - Virtual size: 22KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 18KB - Virtual size: 17KB