15fdbee8c75aaea0612a6a89478543a7

General

Target

15fdbee8c75aaea0612a6a89478543a7
Size

174KB
MD5

15fdbee8c75aaea0612a6a89478543a7
SHA1

7139ad5291ac48898f794cdd57b95a3894b8bbde
SHA256

a327cb26c3e4b2866da25875895ff7e9c2a34d5a4993b88da758fc2cb2a40853
SHA512

c802fa0b90035f3a374305e12ed9d428ba5c3f199861b403e7b7dde4f53a68d6c0c03ed5de8735d7e0651bca32d0f0d3d55f1d8036558e2082aa37e5344158b4
SSDEEP

3072:9/rFffPzja6cityyfRMBfXqanp6J0npYxSfG6iHY8p3q5SoA5+mUZa8co:9/RXMisLngJOfG6iD3qYo++mca8c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15fdbee8c75aaea0612a6a89478543a7

Files

15fdbee8c75aaea0612a6a89478543a7
.exe windows:4 windows x86 arch:x86

d9b77ad9919bb7f95b584df2ff64be01

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCombineW
UrlCanonicalizeW
UrlCombineW
UrlApplySchemeW
UrlGetPartW
PathAppendW

msimg32

TransparentBlt

oleacc

LresultFromObject
AccessibleObjectFromEvent

kernel32

GetModuleHandleA
CreateFileW
TerminateProcess
CreateProcessA
GetSystemTime
HeapFree
GetCurrentProcessId
GetTickCount
HeapReAlloc
GetProcessHeap
InterlockedExchange
MultiByteToWideChar
GetEnvironmentVariableA
HeapAlloc
GetStdHandle
LoadLibraryW
HeapDestroy
IsDebuggerPresent
lstrlenA
GetCurrentProcess
GetStartupInfoA
EnumResourceTypesW
SystemTimeToFileTime
GetSystemTimeAsFileTime
lstrlenW
QueryPerformanceCounter
HeapFree
CloseHandle
UnhandledExceptionFilter
ResetWriteWatch
WriteFile
GetCurrentThreadId
LocalAlloc
HeapSize
Sleep
InterlockedCompareExchange
GetLocaleInfoA
GetThreadLocale
WideCharToMultiByte
GetACP
RaiseException
LoadLibraryExW
SetUnhandledExceptionFilter
lstrcpynW

wtsapi32

WTSUnRegisterSessionNotification
WTSQuerySessionInformationW
WTSFreeMemory
WTSEnumerateSessionsW
WTSRegisterSessionNotification

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9b77ad9919bb7f95b584df2ff64be01

Headers

File Characteristics

Imports

shlwapi

msimg32

oleacc

kernel32

wtsapi32

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 2KB - Virtual size: 153KB

.data Size: 128KB - Virtual size: 128KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 2KB - Virtual size: 153KB

.data
Size: 128KB - Virtual size: 128KB

.rsrc
Size: 512B - Virtual size: 4KB