1521d9ceec3eb7cf4a31a1965623db05

Sharing

Copy URL Twitter E-mail

General

Target

1521d9ceec3eb7cf4a31a1965623db05
Size

576KB
MD5

1521d9ceec3eb7cf4a31a1965623db05
SHA1

428e91457811572e617ecf9d9c1cb0df9f9a2fdc
SHA256

7adaf15809d019581a18c268b823fa950d9a6b1fa8d1f2d9a8f3f882bcb1f2fa
SHA512

4ca00400123028102ca4343600e13eab043b0b0999f27c3bfd8de33b52ef01f2ea3ff70fec73448e72e7720b4670f2d053684482d5475c15d443532269a786e8
SSDEEP

12288:rge5AOsBdWTnmdzg+rZueXyY8e7D7hitVjwUkG46ud608S7I2pvTAr8E9+VWyQw:r3AJMQzg08e73hKwguE08S7I2pvTAr8X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1521d9ceec3eb7cf4a31a1965623db05

Files

1521d9ceec3eb7cf4a31a1965623db05
.exe windows:4 windows x86 arch:x86

7cc8754379114f98a331e0be14945f1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GetConsoleCP
SetHandleCount
GetLogicalDriveStringsW
DebugBreak
MapViewOfFileEx
GetProcAddress
WriteConsoleW
CloseHandle
ContinueDebugEvent
SetConsoleCP
GetLocaleInfoA
SetCriticalSectionSpinCount
CreateFileA
FoldStringW
GetStdHandle
CompareStringA
SetConsoleCtrlHandler
GetModuleHandleA
LCMapStringA
InterlockedDecrement
FreeEnvironmentStringsA
SetEndOfFile
GetCommandLineA
GetProfileIntW
GetLocaleInfoW
SetFilePointer
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
SetTimeZoneInformation
GetCurrentProcess
WaitForMultipleObjectsEx
SetVolumeLabelA
GetLogicalDrives
SetUnhandledExceptionFilter
CreateMutexA
WritePrivateProfileStructA
CreateEventW
GetVersionExA
FreeLibrary
WritePrivateProfileStringW
VirtualFree
FlushFileBuffers
TerminateProcess
UnmapViewOfFile
WriteConsoleA
SetConsoleActiveScreenBuffer
GetStartupInfoA
GetModuleFileNameA
SetThreadPriority
GlobalFindAtomA
HeapFree
WaitCommEvent
HeapCreate
VirtualFreeEx
FindFirstFileW
ExitProcess
OpenWaitableTimerA
EnumSystemLocalesA
IsValidLocale
RtlUnwind
GetFileType
WaitForSingleObject
GetDateFormatA
HeapDestroy
GetConsoleTitleA
GetCurrentDirectoryW
WriteFile
GetLastError
HeapSize
GetDateFormatW
GetConsoleOutputCP
OpenFile
SetLastError
QueryPerformanceCounter
WaitNamedPipeW
GetEnvironmentStringsW
SetComputerNameA
CompareStringW
GlobalLock
GetSystemTimeAsFileTime
FormatMessageW
GetTickCount
RtlZeroMemory
SetEnvironmentVariableW
EnterCriticalSection
ReadFileEx
ReadFile
FindClose
SetStdHandle
VirtualQuery
GetUserDefaultLCID
GetCurrentThreadId
TlsFree
GetStringTypeW
ReadConsoleW
TlsAlloc
SetEnvironmentVariableA
CreateNamedPipeW
EnumDateFormatsA
GetEnvironmentStrings
GetConsoleMode
InitializeCriticalSection
GetProcessHeap
GetVersion
InterlockedIncrement
GetACP
GetCalendarInfoW
GetProcAddress
UnhandledExceptionFilter
GetCPInfo
HeapAlloc
MultiByteToWideChar
SetEvent
GetTimeZoneInformation
InterlockedExchange
TlsSetValue
lstrcat
LCMapStringW
TlsGetValue
GetCurrentProcessId
FreeEnvironmentStringsW
HeapReAlloc
VirtualAlloc
GetCurrentThread
GetStringTypeA
FindAtomW
GetLogicalDriveStringsA
IsValidCodePage
GlobalGetAtomNameA
Sleep
LoadLibraryA
GetTimeFormatA
OpenMutexA
GetOEMCP

user32

SetClipboardViewer
RealGetWindowClass
UnionRect
LoadCursorA
DragObject
EnumDisplaySettingsW
GetListBoxInfo
DrawIconEx
IsCharAlphaNumericW
GetIconInfo
RegisterClassA
DestroyWindow
GetMonitorInfoA
RegisterClassExA
SendIMEMessageExA
GetClipboardData
GetTabbedTextExtentA
GetMessageExtraInfo
MessageBoxExA
DefWindowProcW
IsCharAlphaNumericA
SendMessageA
SetWindowsHookExA
InsertMenuW
LoadStringA
MessageBoxW
IsDialogMessageW
ShowWindow
LoadAcceleratorsA
LookupIconIdFromDirectoryEx
SetMenuItemInfoW
GetClassInfoA
CreateWindowExW
DestroyCaret
MapVirtualKeyExA
GetClassLongW

shell32

RealShellExecuteExA
SHBrowseForFolderA
CommandLineToArgvW

comctl32

ImageList_SetOverlayImage
InitCommonControlsEx
ImageList_Draw
ImageList_Destroy
InitMUILanguage
ImageList_SetIconSize
ImageList_GetBkColor
ImageList_GetImageInfo
ImageList_DragShowNolock
_TrackMouseEvent

comdlg32

ChooseColorA

wininet

DeleteUrlCacheGroup
FindNextUrlCacheEntryA

advapi32

RegQueryInfoKeyA
InitializeSecurityDescriptor
CryptGetHashParam
RevertToSelf
GetUserNameW
CryptSetProviderExW
RegFlushKey
LookupPrivilegeNameW
RegRestoreKeyW
CryptSetProviderW
RegQueryValueExA
AbortSystemShutdownA
RegOpenKeyExW
RegReplaceKeyA
StartServiceA
CryptEnumProvidersA
LookupSecurityDescriptorPartsW
CryptSetProvParam
CryptGetProvParam

Sections

.text
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7cc8754379114f98a331e0be14945f1e

Headers

File Characteristics

Imports

kernel32

user32

shell32

comctl32

comdlg32

wininet

advapi32

Sections

.text Size: 176KB - Virtual size: 174KB

.rdata Size: 260KB - Virtual size: 257KB

.data Size: 112KB - Virtual size: 132KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 176KB - Virtual size: 174KB

.rdata
Size: 260KB - Virtual size: 257KB

.data
Size: 112KB - Virtual size: 132KB

.rsrc
Size: 24KB - Virtual size: 23KB