1570f44cc2264d4879c4ab39c07f29de

Sharing

Copy URL

Twitter E-mail

General

Target

1570f44cc2264d4879c4ab39c07f29de
Size

340KB
MD5

1570f44cc2264d4879c4ab39c07f29de
SHA1

4218161a483c83d6869edee99227fc2d312f106b
SHA256

7352363d06b45c900fc308d40aa89064fa052548c733b79f3f0324f6d45dcacc
SHA512

158ca9fede30691911d9380e5ee4458d9e242fa7a9aca2636447da4abdaec92b65c305b243e3f48131f5e694eb287844d6b94f175a9b6bb4c429fe49c402b634
SSDEEP

6144:XRaWOV8REMjSGoI3J20blFuDz6S6qVwueybH70m0:XEWO8REBJIQQlFuDmFyeybYm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1570f44cc2264d4879c4ab39c07f29de

Files

1570f44cc2264d4879c4ab39c07f29de
.exe windows:4 windows x86 arch:x86

226370e57d91660b7879080ffb4e4807

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

DeleteIE3Cache
InternetSecurityProtocolToStringW
InternetDialA
GopherOpenFileA

kernel32

GetVersionExA
GetCurrentThread
ReadFile
VirtualProtect
SetConsoleOutputCP
GetModuleFileNameW
GetTimeZoneInformation
LeaveCriticalSection
GetStringTypeA
EnterCriticalSection
GlobalLock
MoveFileExA
SetThreadLocale
GetFileAttributesW
GetCPInfo
SetFilePointer
DeleteCriticalSection
SetLocaleInfoA
CopyFileExA
GetThreadContext
GetCommandLineA
GetTimeFormatA
CompareStringW
FreeLibrary
CompareStringA
GetDateFormatA
GetCommandLineW
GetStartupInfoW
IsValidLocale
TryEnterCriticalSection
WideCharToMultiByte
GetLastError
GetModuleFileNameA
GetACP
VirtualQuery
GetUserDefaultLCID
OpenMutexA
GetLocaleInfoA
VirtualAlloc
MultiByteToWideChar
LCMapStringW
UnhandledExceptionFilter
SetEnvironmentVariableA
TlsFree
GetStringTypeW
lstrcpyW
FreeEnvironmentStringsA
TlsGetValue
InitializeCriticalSection
SetHandleCount
GetConsoleTitleA
SetEvent
HeapReAlloc
HeapSize
TlsAlloc
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
HeapAlloc
EnumSystemLocalesA
GetProcAddress
SetStdHandle
TlsSetValue
GetCurrentThreadId
GetTickCount
LCMapStringA
IsBadWritePtr
FreeEnvironmentStringsW
CreateMutexA
WriteConsoleOutputW
SetLastError
RtlUnwind
GetStartupInfoA
VirtualFreeEx
FreeLibraryAndExitThread
GetSystemTimeAsFileTime
GetFileType
GetCurrentProcess
InterlockedExchange
HeapFree
IsValidCodePage
GetModuleHandleA
GetStdHandle
GetEnvironmentStringsW
FlushFileBuffers
ExitProcess
VirtualFree
TerminateProcess
LoadLibraryA
GetLocaleInfoW
GetOEMCP
FindAtomA
GetSystemInfo
GetEnvironmentStrings
WriteFile
CloseHandle

shell32

ShellExecuteExW
SHQueryRecycleBinW
RealShellExecuteExA
ShellExecuteW

gdi32

EnumICMProfilesW
GetDeviceCaps
CreateDCA
SelectObject
DeleteDC
GetObjectW

comctl32

ImageList_Destroy
ImageList_Draw
CreatePropertySheetPageA
ImageList_SetFilter
ImageList_DragShowNolock
ImageList_Add
InitCommonControlsEx
ImageList_SetImageCount

user32

MessageBoxA
RegisterClassExA
GetClipboardFormatNameW
DefWindowProcA
ShowWindow
CascadeChildWindows
UnregisterClassW
GetTitleBarInfo
ChangeDisplaySettingsA
CreateWindowExA
WaitMessage
RegisterClassA
SetWindowLongW
DestroyWindow

Sections

.text
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

226370e57d91660b7879080ffb4e4807

Headers

File Characteristics

Imports

wininet

kernel32

shell32

gdi32

comctl32

user32

Sections

.text Size: 148KB - Virtual size: 148KB

.rdata Size: 88KB - Virtual size: 110KB

.data Size: 89KB - Virtual size: 88KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 148KB - Virtual size: 148KB

.rdata
Size: 88KB - Virtual size: 110KB

.data
Size: 89KB - Virtual size: 88KB

.rsrc
Size: 13KB - Virtual size: 13KB