21de96142f03e5105ae360c38e485106

Sharing

Copy URL Twitter E-mail

General

Target

21de96142f03e5105ae360c38e485106
Size

452KB
MD5

21de96142f03e5105ae360c38e485106
SHA1

bf35ae646cb3d371d4586c5b889654c2b1a66c78
SHA256

53cf4ac1318c191125f2cb4aba95329e7d4c372195aec25e6a39e01c931416dd
SHA512

87277c78f52342e1193a4887d3f82705adeb4c584506fadaef868e02c7a80a9686139a6fbb315035236daf4b85b1cacaa84efaa1ee786578b5355786065c6734
SSDEEP

12288:XWvPRVlxD80PQIg7Yvbc7P3IASx2lxrn0Ijy9AwtPIlmAI0btu9Ov2:X+VLY0XNEgASO9IRtPIcATR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21de96142f03e5105ae360c38e485106

Files

21de96142f03e5105ae360c38e485106
.exe windows:4 windows x86 arch:x86

bcafc44bdfbedfb4342a5aabc7b52f02

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameA
GetOEMCP
GetDiskFreeSpaceW
WriteConsoleInputA
GetEnvironmentStrings
GetLocaleInfoW
HeapAlloc
WideCharToMultiByte
SetLastError
IsBadWritePtr
TlsGetValue
GetStdHandle
GetExitCodeProcess
CompareStringA
MultiByteToWideChar
SetHandleCount
InterlockedCompareExchange
GetLastError
GetLocaleInfoA
OpenWaitableTimerA
LCMapStringW
EnumSystemLocalesA
GetModuleFileNameW
FreeEnvironmentStringsA
GetProfileIntW
GetStringTypeA
TlsFree
GetFileType
GetProcAddress
GetLocalTime
GetEnvironmentStringsW
VirtualFree
GetAtomNameW
EnterCriticalSection
GlobalHandle
GetStringTypeW
VirtualQuery
InitializeCriticalSection
UnhandledExceptionFilter
IsValidLocale
FreeEnvironmentStringsW
GetTimeFormatA
TlsAlloc
GetDateFormatA
HeapReAlloc
HeapSize
ExitProcess
SetEnvironmentVariableW
SetEnvironmentVariableA
VirtualAlloc
VirtualProtect
QueryPerformanceCounter
GetCurrentProcess
GetVersionExA
GetModuleHandleA
GetCommandLineA
GetTimeZoneInformation
GetUserDefaultLCID
GetCurrentThreadId
LCMapStringA
TlsSetValue
DeleteCriticalSection
GetCommandLineW
GetCurrentProcessId
GetModuleFileNameA
HeapCreate
CompareStringW
GetModuleHandleW
GetTickCount
GetStartupInfoW
EnumResourceTypesW
GetCPInfo
LeaveCriticalSection
IsValidCodePage
RtlUnwind
GetACP
GetSystemTimeAsFileTime
InterlockedExchange
HeapDestroy
LoadResource
LocalReAlloc
GetCurrentThread
WriteFile
GetStartupInfoA
GetSystemInfo
HeapFree
TerminateProcess
LoadLibraryA
UnlockFileEx

wininet

InternetInitializeAutoProxyDll
InternetCloseHandle
RetrieveUrlCacheEntryFileW
ReadUrlCacheEntryStream
HttpSendRequestA
FtpPutFileEx
FtpRenameFileW
InternetQueryFortezzaStatus
CommitUrlCacheEntryA
InternetConnectW
InternetCreateUrlA
InternetGetCertByURL
GopherGetLocatorTypeW
InternetGetConnectedState
GetUrlCacheEntryInfoExA
UrlZonesDetach
HttpSendRequestExW
FtpGetFileW
SetUrlCacheGroupAttributeW
InternetGetConnectedStateEx
InternetCombineUrlA

gdi32

PlayMetaFile
Chord
GetViewportOrgEx
SetMagicColors
ArcTo
GetBitmapBits
SetTextCharacterExtra
PlayMetaFileRecord
AddFontResourceW
SetTextJustification
StrokePath
LPtoDP
CreateCompatibleBitmap
EnumICMProfilesW
GetCharABCWidthsFloatW
MoveToEx
GetColorAdjustment
BitBlt
StrokeAndFillPath
CreateRoundRectRgn
SetPixelFormat
SetBoundsRect

user32

SetPropW
GrayStringW
SetWindowTextA
CreateAcceleratorTableW
GetTabbedTextExtentA
GetWindowThreadProcessId
UnregisterDeviceNotification
GetProcessWindowStation
TabbedTextOutW
DragDetect
WinHelpW
GetWindowTextLengthA
EnumPropsA
GetDesktopWindow
CharUpperBuffW
DdeSetUserHandle
SendMessageW
EnumDisplaySettingsW
GetWindowRgn

Sections

.text
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcafc44bdfbedfb4342a5aabc7b52f02

Headers

File Characteristics

Imports

kernel32

wininet

gdi32

user32

Sections

.text Size: 166KB - Virtual size: 165KB

.data Size: 273KB - Virtual size: 272KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 166KB - Virtual size: 165KB

.data
Size: 273KB - Virtual size: 272KB

.rsrc
Size: 12KB - Virtual size: 11KB