24b2490a609b2f56b1e75ff1d82300b6

General

Target

24b2490a609b2f56b1e75ff1d82300b6
Size

384KB
MD5

24b2490a609b2f56b1e75ff1d82300b6
SHA1

a349ac1c9f1354af9d3ea34ee480a8a2865b0fad
SHA256

96d8b541363d276ec0283e8f6bef869552fe3860be0282070afef3acda6be8cb
SHA512

f8f071e77b0f04095ff2829ca9c6d42a079c51ca1dc1ce78264ef9b779443fd348f37b3481e57bab59670171fa6256996ed31ebcc15c67ec1781de30a3f33f36
SSDEEP

12288:KDrFFylhDQ5z5zaGTAzUJBnw3VBgQwZ/aVSalG5:c+01YGUYJBZZ/0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24b2490a609b2f56b1e75ff1d82300b6

Files

24b2490a609b2f56b1e75ff1d82300b6
.exe windows:4 windows x86 arch:x86

9564a0072f1ec8a84997de149204a9db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
EnumResourceTypesW
GetLogicalDrives
CreateDirectoryExA
QueryPerformanceCounter
GetCurrentProcess
HeapAlloc
LoadLibraryA
SleepEx
ExitProcess
ReadConsoleInputA
MoveFileExW
GlobalAlloc
GetSystemTimeAsFileTime
InterlockedExchange
GetTickCount
GetCurrentProcessId
GetModuleHandleA
HeapFree
GetProcAddress
RtlUnwind
TerminateProcess
GetModuleFileNameA
HeapReAlloc
GetCommandLineA
GetCurrentThreadId
VirtualAlloc

gdi32

CreatePen
SetBitmapDimensionEx
GetBitmapBits
SetWindowOrgEx
Pie
GetKerningPairsA
GdiPlayDCScript
GetStretchBltMode
CreateFontA
StartDocA
GetBrushOrgEx
GetWindowExtEx
PlayMetaFile
GetROP2
CreateCompatibleDC
SwapBuffers
PlayMetaFileRecord
RemoveFontResourceW
SetColorSpace

comdlg32

ChooseFontA
PrintDlgW
GetSaveFileNameA
ChooseColorA
PageSetupDlgW
LoadAlterBitmap
GetFileTitleA
GetOpenFileNameW
PrintDlgA
FindTextA
ReplaceTextA
GetSaveFileNameW

wininet

InternetOpenA
InternetSecurityProtocolToStringW
InternetTimeToSystemTime
DeleteUrlCacheEntryW
GetUrlCacheHeaderData
InternetDialW
InternetAutodial
GopherGetAttributeA

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 263KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9564a0072f1ec8a84997de149204a9db

Headers

File Characteristics

Imports

kernel32

gdi32

comdlg32

wininet

Sections

.text Size: 109KB - Virtual size: 109KB

.data Size: 263KB - Virtual size: 263KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 109KB - Virtual size: 109KB

.data
Size: 263KB - Virtual size: 263KB

.rsrc
Size: 10KB - Virtual size: 10KB