231458feef958805a2af7f749c85ebe6

Sharing

Copy URL

Twitter E-mail

General

Target

231458feef958805a2af7f749c85ebe6
Size

302KB
MD5

231458feef958805a2af7f749c85ebe6
SHA1

863af3e3ebcba8a5932bdeb3dc58dde489b2bdd5
SHA256

fc4b1532b875714182b36a45b245a4e539072cbfb7892d8a8b2b5457df6b07c7
SHA512

ad2b65aae191637f3050df7a28bb30d091f74c8fc71420d6691b4d50a3c5763ca52ef7e13ab630452c1c1ba5a821ae6b3f30dd7138f13684d8d4fb6f64dca2b9
SSDEEP

3072:VP1XaHLMbeR7YtYU6t3AOlVjVUjCPDZcXnfOSeYKAWb+FLOJBt2hrOVWisH15Lyh:VtYMJYUctVZAf5eYyXtYrLFpRu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
231458feef958805a2af7f749c85ebe6

Files

231458feef958805a2af7f749c85ebe6
.exe windows:4 windows x86 arch:x86

d5ac54f2e8fe63e910f320e3e41de3f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragFinish
ExtractIconW
DuplicateIcon

gdi32

DeviceCapabilitiesExA
GetCharABCWidthsA

comdlg32

ChooseFontA
GetOpenFileNameW
FindTextA
ChooseColorA

user32

EndPaint

wininet

InternetAlgIdToStringW
HttpSendRequestExA
HttpSendRequestW
GetUrlCacheEntryInfoA
InternetCombineUrlA
InternetHangUp
FtpFindFirstFileW
DeleteUrlCacheEntryW

kernel32

HeapFree
InitializeCriticalSectionAndSpinCount
GetTimeFormatA
VirtualAlloc
GetStdHandle
RtlUnwind
GetProcAddress
GetStartupInfoA
HeapAlloc
GetLastError
GetStringTypeW
GetCurrentThreadId
MultiByteToWideChar
GetCPInfo
QueryPerformanceCounter
LCMapStringW
GetUserDefaultLCID
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
SetHandleCount
UnhandledExceptionFilter
GetModuleHandleA
GetModuleHandleW
GetOEMCP
DeleteCriticalSection
GetACP
HeapReAlloc
GetStringTypeA
HeapDestroy
GetLocaleInfoA
IsBadReadPtr
FreeEnvironmentStringsW
InterlockedExchange
GetDateFormatA
IsValidCodePage
SetConsoleCtrlHandler
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentProcess
FreeLibrary
IsDebuggerPresent
HeapSize
VirtualQuery
InterlockedIncrement
TlsAlloc
WideCharToMultiByte
VirtualFree
LCMapStringA
GetFileType
TlsSetValue
GetProfileSectionA
TlsFree
GetEnvironmentStringsW
EnterCriticalSection
GetCurrentProcessId
GetCommandLineA
HeapCreate
SetEnvironmentVariableA
GetCurrentThread
CompareStringW
EnumSystemLocalesA
IsValidLocale
TerminateProcess
LeaveCriticalSection
CompareStringA
GetEnvironmentStrings
GetModuleFileNameA
LocalShrink
GetTimeZoneInformation
GetSystemDefaultLangID
Sleep
SetLastError
ExitProcess
WriteFile
InterlockedDecrement
GetLocaleInfoW
GetTickCount
ResumeThread
TlsGetValue

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5ac54f2e8fe63e910f320e3e41de3f7

Headers

File Characteristics

Imports

shell32

gdi32

comdlg32

user32

wininet

kernel32

Sections

.text Size: 114KB - Virtual size: 114KB

.rdata Size: 8KB - Virtual size: 28KB

.data Size: 172KB - Virtual size: 172KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 114KB - Virtual size: 114KB

.rdata
Size: 8KB - Virtual size: 28KB

.data
Size: 172KB - Virtual size: 172KB

.rsrc
Size: 6KB - Virtual size: 5KB