24c738e2645d06a7964330e3711c3227

Sharing

Copy URL Twitter E-mail

General

Target

24c738e2645d06a7964330e3711c3227
Size

256KB
MD5

24c738e2645d06a7964330e3711c3227
SHA1

cdd499afcb7082a188d509c56153211908f5a775
SHA256

d483150453a1e17b9ca32f045addd3456a9d0fd6631e8f032d6bfa2cb85de55e
SHA512

a95d6c13c8104842e3e2a133f38b2164ff9834192325e7d1674b984b455696b0157768a8bb3000350ea13c41207020e75fac960bd8682ef3f90644eb23028b8f
SSDEEP

3072:M1lN6dwxJcZM0Ypf3ellQ9itV0AsU2OXTGp0Y6z3:E6syZMJpfuge0lUDGp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24c738e2645d06a7964330e3711c3227

Files

24c738e2645d06a7964330e3711c3227
.exe windows:4 windows x86 arch:x86

88555ecd3c9751a6e88fee5265598e1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
SetStdHandle
ReadFile
LoadLibraryA
LCMapStringW
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
CompareStringA
CompareStringW
GetVersionExA
GetCurrentProcess
SetPriorityClass
GetLastError
CreateFileA
DeviceIoControl
CloseHandle
GetSystemTime
GetOEMCP
Sleep
IsBadCodePtr
IsBadReadPtr
MultiByteToWideChar
HeapAlloc
HeapFree
GetTimeZoneInformation
GetLocalTime
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RaiseException
TerminateProcess
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetProcAddress
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
WriteFile
SetFilePointer
FlushFileBuffers
SetUnhandledExceptionFilter
SetEnvironmentVariableA

user32

GetDC
MessageBoxA
GetAsyncKeyState
IsClipboardFormatAvailable
GetClipboardData
GetCursorPos
EmptyClipboard
CloseClipboard
ReleaseDC
InvalidateRect
OpenClipboard

gdi32

LineTo
CreatePen
SetBkColor
SetTextColor
SelectObject
CreateSolidBrush
RoundRect
TextOutA
GetDIBits
DeleteObject
AngleArc

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA

netapi32

Netbios

Sections

.pelock
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pelock
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pelock
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pelock
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pelock
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

88555ecd3c9751a6e88fee5265598e1e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

netapi32

Sections

.pelock Size: 80KB - Virtual size: 80KB

.pelock Size: 12KB - Virtual size: 12KB

.pelock Size: 28KB - Virtual size: 28KB

.rsrc Size: 16KB - Virtual size: 16KB

.pelock Size: 96KB - Virtual size: 96KB

.pelock Size: 16KB - Virtual size: 16KB

.avp Size: 4KB - Virtual size: 4KB

.pelock
Size: 80KB - Virtual size: 80KB

.pelock
Size: 12KB - Virtual size: 12KB

.pelock
Size: 28KB - Virtual size: 28KB

.rsrc
Size: 16KB - Virtual size: 16KB

.pelock
Size: 96KB - Virtual size: 96KB

.pelock
Size: 16KB - Virtual size: 16KB

.avp
Size: 4KB - Virtual size: 4KB