21a1bd23174fde098fb3c02a18977c19

Sharing

Copy URL Twitter E-mail

General

Target

21a1bd23174fde098fb3c02a18977c19
Size

292KB
MD5

21a1bd23174fde098fb3c02a18977c19
SHA1

39a5d9d350d5d10f5a83186146c905002491342d
SHA256

c64d7bccc9ca7ff979a77ce0eec904657e7125bd21125cf735ec12ce7042d092
SHA512

2023ab131b3887a585df372007efb284d8a0f3bde4028bb406dcc2933723ce30671f9e0ab404286052829de42d371f3211ba343ea2ad44c02dc2c8526840d336
SSDEEP

3072:4fuJ77VPXatXbDUF84utvt3cbZy9p1h+zw1hAATUpE0tx4mi7:4GpxWPxcbZqhAA7s/i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21a1bd23174fde098fb3c02a18977c19

Files

21a1bd23174fde098fb3c02a18977c19
.exe windows:4 windows x86 arch:x86

8d0cf8a868c193af3a98590163a3e8bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

urlmon

URLDownloadToFileA

wininet

DeleteUrlCacheEntry

kernel32

GetPrivateProfileStringA
InitializeCriticalSection
GetTempPathA
GetSystemDirectoryA
GetWindowsDirectoryA
Sleep
CloseHandle
GetLastError
CreateMutexA
CreateDirectoryA
GetShortPathNameA
GetTempFileNameA
lstrlenW
MultiByteToWideChar
lstrlenA
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
lstrcmpA
FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
GlobalUnlock
GlobalLock
GlobalAlloc
WriteFile
CreateFileA
TerminateProcess
LoadLibraryExA
GetFullPathNameA
GetFileAttributesA
lstrcmpiA
SetFileTime
GetPrivateProfileIntA
DosDateTimeToFileTime
GetFileTime
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
FlushFileBuffers
SetUnhandledExceptionFilter
SetFilePointer
ReadFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
HeapSize
HeapReAlloc
RaiseException
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapFree
HeapAlloc
GetLocalTime
GetSystemTime
GetTimeZoneInformation
SetEnvironmentVariableA
RtlUnwind
ExitProcess
LocalFree
WideCharToMultiByte
CompareStringW
CompareStringA
SetEndOfFile
DeleteFileA
DeleteCriticalSection
HeapDestroy
InterlockedDecrement
LoadLibraryA
GetProcAddress
FreeLibrary
GetStringTypeA
GetStringTypeW
SetStdHandle
LocalFileTimeToFileTime

user32

GetDlgItem
SetWindowTextA
SetWindowPos
EndDialog
wsprintfA
IsDlgButtonChecked
SendMessageA
RegisterClassExA
LoadCursorA
GetClassInfoExA
LoadStringA
DialogBoxParamA
CheckDlgButton
SetFocus
GetWindowTextLengthA
GetWindowTextA
InvalidateRgn
InvalidateRect
SetCapture
CreateWindowExA
CreateAcceleratorTableA
GetDesktopWindow
RedrawWindow
DestroyWindow
IsWindow
GetParent
GetClassNameA
GetFocus
IsChild
GetWindow
ReleaseCapture
GetDC
ReleaseDC
BeginPaint
GetClientRect
FillRect
EndPaint
GetSysColor
CallWindowProcA
GetWindowLongA
DefWindowProcA
SetWindowLongA
RegisterWindowMessageA

gdi32

GetObjectA
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetStockObject
GetDeviceCaps

advapi32

RegQueryValueExA
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

StringFromCLSID
CoTaskMemAlloc
CoCreateInstance
CLSIDFromString
OleLockRunning
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoCreateGuid
CoInitialize
CoTaskMemFree
CoUninitialize
CLSIDFromProgID

oleaut32

SysAllocString
LoadRegTypeLi
OleCreateFontIndirect
SysStringLen
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
VariantInit
VariantClear
SysFreeString

Sections

.text
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8d0cf8a868c193af3a98590163a3e8bf

Headers

File Characteristics

Imports

comctl32

urlmon

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 112KB - Virtual size: 110KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 20KB - Virtual size: 174KB

.sxdata Size: 4KB - Virtual size: 124B

.rsrc Size: 136KB - Virtual size: 160KB

.text
Size: 112KB - Virtual size: 110KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 20KB - Virtual size: 174KB

.sxdata
Size: 4KB - Virtual size: 124B

.rsrc
Size: 136KB - Virtual size: 160KB