22163ca224528fe00ca745b1be7c8395

General

Target

22163ca224528fe00ca745b1be7c8395
Size

167KB
MD5

22163ca224528fe00ca745b1be7c8395
SHA1

04325793340dacc4bc52b687149abfd1d17c269c
SHA256

c18b5697fc3cb9e3af5d7a71ea804c461f025a1093217f2052c7009ceb236a33
SHA512

d3162f3b6bd913086279ba94d2a389f90268ccd225b5098956cc93d7fde1cd5ff43415ec9bfe1d84654b10a5a40500723579c3e55b0701fe0fb6688b82c4acb8
SSDEEP

3072:dTz63/FWXMFoohnWEKMVw5lfyAmFS2r/P2MwTcU+NnVPj:dTWv9jhWEFhPPrX2Mwgnl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22163ca224528fe00ca745b1be7c8395

Files

22163ca224528fe00ca745b1be7c8395
.exe windows:4 windows x86 arch:x86

c5bd1cfb6096810d36ba0d359cfc3ae2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey

msimg32

AlphaBlend

wininet

InternetOpenW
InternetConnectW
InternetReadFile
HttpOpenRequestW
InternetGetConnectedState
HttpSendRequestA
InternetOpenUrlW
InternetCloseHandle

shlwapi

PathAppendW
PathAddBackslashW
PathRemoveFileSpecW
PathRemoveBackslashW
PathRemoveArgsW
PathUnquoteSpacesW
PathFileExistsW

user32

DrawIcon
GetClientRect
IsIconic
SetForegroundWindow
GetWindowRect
GetSystemMetrics
ReleaseDC
SetRect
GetDC
GetLastActivePopup
ShowWindow
CopyRect
TranslateMessage

kernel32

QueryPerformanceCounter
LoadLibraryA
ClearCommBreak
InitializeCriticalSection
GetSystemDirectoryA
ClearCommBreak
GetStartupInfoW
GetModuleFileNameA
GetSystemTimeAsFileTime
GetModuleHandleA
GetLastError
FreeLibrary
GetTickCount
GetCurrentProcessId
GetSystemDefaultLangID
EnumResourceNamesW
SetLastError
ExitProcess
GetWindowsDirectoryA
ExitProcess
GetCurrentThreadId
CloseHandle
WaitForSingleObject
CompareStringA
DeleteCriticalSection
GetVersionExA
InterlockedExchange

shell32

SHGetSpecialFolderPathW

gdi32

BitBlt
CreateDIBSection
SelectObject
CreateCompatibleDC
DeleteObject
GdiFlush
DeleteDC

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rscr
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5bd1cfb6096810d36ba0d359cfc3ae2

Headers

File Characteristics

Imports

advapi32

msimg32

wininet

shlwapi

user32

kernel32

shell32

gdi32

Sections

.text Size: 126KB - Virtual size: 126KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 36KB - Virtual size: 36KB

.rscr Size: 512B - Virtual size: 80KB

.text
Size: 126KB - Virtual size: 126KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 36KB - Virtual size: 36KB

.rscr
Size: 512B - Virtual size: 80KB