19f49716cc6b8ec8a4405c9e66caa8ce

Sharing

Copy URL Twitter E-mail

General

Target

19f49716cc6b8ec8a4405c9e66caa8ce
Size

119KB
MD5

19f49716cc6b8ec8a4405c9e66caa8ce
SHA1

2dfec31ccb8bbd9cf90de450e71631c7484cca93
SHA256

913be8e03c4d3e13e358868035419de1dea31bbc7896db212c2579914c8b9924
SHA512

be1a11c8b8faaa95e3446448ee6df272513d9eaa2d29f2c82933f9569b70f66ef7b026c55fefa1de33965c540e9e308e604e21601e9a887a3b376ce9720f819b
SSDEEP

3072:+3km79Z2/s8uRvRURA+6A/6TsLxayPBt7o0:+U8FxRvRURA+9CU7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19f49716cc6b8ec8a4405c9e66caa8ce

Files

19f49716cc6b8ec8a4405c9e66caa8ce
.exe windows:4 windows x86 arch:x86

26c2ea170addf230aeabf4361134d184

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostbyname
inet_addr
WSAStartup
WSACleanup
gethostname

urlmon

URLDownloadToFileA

version

GetFileVersionInfoA
VerQueryValueA

wininet

InternetQueryOptionA
InternetGetConnectedState

kernel32

ReadFile
CloseHandle
GetFileSize
CreateFileA
HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
LoadLibraryA
FreeLibrary
OpenProcess
GetCurrentProcessId
WriteFile
SetFilePointer
Sleep
GlobalMemoryStatus
QueryPerformanceCounter
GetTickCount
FileTimeToSystemTime
FindClose
FindNextFileA
GetLastError
FindFirstFileA
GetWindowsDirectoryA
GetSystemDirectoryA
GetDriveTypeA
GetLogicalDriveStringsA
GetEnvironmentStrings
WideCharToMultiByte
lstrcpyA
lstrcatA
GetVersionExA
GetComputerNameA
GetLocalTime
DeleteFileA
WinExec
GetTempPathA
SetErrorMode
ExitProcess
WaitForSingleObject
CreateEventA
GetTempFileNameA
GetSystemTimeAsFileTime
GetModuleFileNameA
OpenEventA
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
TlsGetValue
TlsSetValue
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
RaiseException
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
InitializeCriticalSection
GetStdHandle
VirtualFree
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
VirtualAlloc
HeapReAlloc

advapi32

RegCreateKeyA
RegSetValueExA
GetUserNameA
RegQueryValueA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26c2ea170addf230aeabf4361134d184

Headers

File Characteristics

Imports

wsock32

urlmon

version

wininet

kernel32

advapi32

Sections

.text Size: 81KB - Virtual size: 80KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 7KB - Virtual size: 9KB

.wdata Size: 7KB - Virtual size: 6KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 81KB - Virtual size: 80KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 7KB - Virtual size: 9KB

.wdata
Size: 7KB - Virtual size: 6KB

.reloc
Size: 7KB - Virtual size: 7KB