22d8d3437e7f282606a38361fd95a656

Sharing

Copy URL

Twitter E-mail

General

Target

22d8d3437e7f282606a38361fd95a656
Size

483KB
MD5

22d8d3437e7f282606a38361fd95a656
SHA1

17b00bd236fc5f93fa2356a00e6d4b40967386e5
SHA256

0233352b1f26a55e0950287fc84c138441bd1f8831245178a9eaa643241fcd67
SHA512

45061db48cec1ef78ef21841992093bf41056455167e9e8e93fb3c43ce57c2407f2f010f4f0066cc34d119c162d995e1b1ade72a304ade83e9af7b5cf063fcee
SSDEEP

6144:G1k6dF6ucnJhb63w1xBAECM13oK31bak26ULVrAF7UFqxA6sJzJ9ZHVB2pIfT:Ge6dUVJhug1XAETZPNapHLVrBNhKI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22d8d3437e7f282606a38361fd95a656

Files

22d8d3437e7f282606a38361fd95a656
.exe windows:4 windows x86 arch:x86

98ba899977e33dc39ac4a5cd89200d25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ReplaceTextA
GetFileTitleW

user32

RegisterClassExA
DialogBoxParamA
RegisterClassA
GetDesktopWindow
UnregisterClassW
EnumWindowStationsA
MapVirtualKeyExA

shell32

InternalExtractIconListA
InternalExtractIconListW
SHGetSpecialFolderPathW

comctl32

InitCommonControlsEx

advapi32

LookupPrivilegeNameA
CryptCreateHash
LookupPrivilegeValueW
RegReplaceKeyW

kernel32

GetPriorityClass
QueryPerformanceCounter
GetVersion
LeaveCriticalSection
HeapValidate
RtlUnwind
InitializeCriticalSection
HeapDestroy
InterlockedIncrement
GetTickCount
GetCurrentThreadId
CompareStringA
RtlZeroMemory
GetStartupInfoA
GetStringTypeA
TlsGetValue
DebugBreak
GetCurrentProcessId
VirtualFree
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsSetValue
GetFileType
GetOEMCP
VirtualAlloc
EnterCriticalSection
LCMapStringW
GetEnvironmentStrings
GetSystemTimeAsFileTime
ExitProcess
CompareStringW
GetSystemTime
MultiByteToWideChar
SetEnvironmentVariableA
GetProfileIntA
HeapReAlloc
FillConsoleOutputAttribute
VirtualQuery
WriteFile
SetFilePointer
GetCurrentThread
GetCurrentProcess
WriteConsoleOutputW
OutputDebugStringA
LCMapStringA
SetStdHandle
TlsFree
GetLastError
CloseHandle
GetStdHandle
DeleteCriticalSection
GetCommandLineA
RtlFillMemory
HeapFree
SetConsoleCtrlHandler
IsBadReadPtr
GetTimeZoneInformation
SetHandleCount
HeapLock
SetLastError
FreeEnvironmentStringsA
InterlockedExchange
GetModuleFileNameA
GetACP
CreateMutexA
HeapAlloc
FlushFileBuffers
FileTimeToDosDateTime
VirtualUnlock
GetModuleHandleA
GetCPInfo
GetProcAddress
InterlockedDecrement
ReadFile
OpenMutexA
IsBadWritePtr
TerminateProcess
GetEnvironmentStringsA
HeapCreate
GetLocalTime
LoadLibraryA
WideCharToMultiByte
GetEnvironmentStringsW
UnhandledExceptionFilter
GetStringTypeW
FreeEnvironmentStringsW

wininet

InternetCrackUrlW
InternetGetConnectedStateEx
FtpCreateDirectoryA
SetUrlCacheGroupAttributeA
FindCloseUrlCache
InternetGetCookieA
InternetUnlockRequestFile

Sections

.text
Size: 306KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98ba899977e33dc39ac4a5cd89200d25

Headers

File Characteristics

Imports

comdlg32

user32

shell32

comctl32

advapi32

kernel32

wininet

Sections

.text Size: 306KB - Virtual size: 305KB

.rdata Size: 59KB - Virtual size: 73KB

.data Size: 101KB - Virtual size: 101KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 306KB - Virtual size: 305KB

.rdata
Size: 59KB - Virtual size: 73KB

.data
Size: 101KB - Virtual size: 101KB

.rsrc
Size: 15KB - Virtual size: 14KB