21540e4b5999905e87400e9ac1a3e430

General

Target

21540e4b5999905e87400e9ac1a3e430
Size

10KB
MD5

21540e4b5999905e87400e9ac1a3e430
SHA1

dcd054dd737db5485987539e663ceaf1bedd6670
SHA256

e61980a65cbeb07e0a91e361eae3967d594ff30b72641f1b294798f26e3ddeaf
SHA512

a2756f5cb3eba7d472e607905c55ed380256b0d2eb26bb18d05e4377d9e6aea8bc76e4e09b5a1b3d989cbc1c3812f2ca791671ced57c90588203b1f860e6d811
SSDEEP

192:dvfZNQOpsq6uGhm7tPhtUtUcxc+9BdCUs:NhNQTruGhIbUtUQc+9DS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21540e4b5999905e87400e9ac1a3e430

Files

21540e4b5999905e87400e9ac1a3e430
.exe windows:4 windows x86 arch:x86

9bd4c52b7c03e54fa73bface0027c81f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msrt32

UninstallHook
InstallHook

user32

SetTimer
SendMessageA
RegisterClassExA
PostQuitMessage
OpenClipboard
KillTimer
GetWindowTextA
GetMessageA
TranslateMessage
GetClipboardData
GetClassNameA
FindWindowExA
FindWindowA
DispatchMessageA
DefWindowProcA
CreateWindowExA
CloseClipboard
wsprintfA
GetForegroundWindow

kernel32

GlobalUnlock
ReadFile
GlobalLock
lstrlenA
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
WriteFile
WinExec
SystemTimeToFileTime
SetFilePointer
GlobalFree
Process32Next
CloseHandle
CompareStringA
CreateFileA
CreateToolhelp32Snapshot
DeleteFileA
ExitProcess
GetCommandLineA
GetFileSize
GetModuleHandleA
GetSystemDirectoryA
GetSystemTime
GetWindowsDirectoryA
GlobalAlloc
Process32First

advapi32

RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
GetUserNameA
RegOpenKeyA

wsock32

socket
connect
send
recv
inet_ntoa
inet_addr
htons
gethostbyname
WSAStartup
closesocket

wininet

FindFirstUrlCacheEntryA
InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetGetConnectedState
InternetCloseHandle
FindNextUrlCacheEntryA
DeleteUrlCacheEntryA

urlmon

URLDownloadToFileA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9bd4c52b7c03e54fa73bface0027c81f

Headers

File Characteristics

Imports

msrt32

user32

kernel32

advapi32

wsock32

wininet

urlmon

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 80KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 80KB