24d8ec2df837405a6cb1fb537bcebf92

Sharing

Copy URL Twitter E-mail

General

Target

24d8ec2df837405a6cb1fb537bcebf92
Size

312KB
MD5

24d8ec2df837405a6cb1fb537bcebf92
SHA1

a98506e272aace6a7bb46598d984cc2dc091781e
SHA256

0898632cd8a5d3ca18f7245b00588aeff7b56fa1d9a2d9fb6cae20fa66b6ba47
SHA512

e1bb5f2dc298b5d602f636854efe29e682d9114ef3a3742349b9fb365ae382bcef08a01f10f4c7f154f3c4c4021cb1286bb6cee1a86851deeb13e53b0ab54108
SSDEEP

6144:fWjtb2Mtujd0ACdXhFUzAUNKKhaXoFk8Vk8OG:fWj3Uh0ACdXjMAwLDV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24d8ec2df837405a6cb1fb537bcebf92

Files

24d8ec2df837405a6cb1fb537bcebf92
.exe windows:4 windows x86 arch:x86

18ef92c3aca3cedd90c52819aa246841

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetFindNextFileA
InternetCloseHandle
InternetConnectA
FtpPutFileA
FtpGetFileA
FtpCreateDirectoryA
FtpSetCurrentDirectoryA
FtpDeleteFileA
FtpFindFirstFileA
InternetOpenA
InternetGetConnectedState

shlwapi

StrStrIA

ws2_32

WSACleanup

oleacc

ObjectFromLresult
AccessibleObjectFromWindow

kernel32

VirtualProtect
GetSystemInfo
VirtualQuery
GetModuleFileNameA
SizeofResource
LockResource
LoadResource
FindResourceA
GetLastError
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
FindClose
FindFirstFileA
GetFileAttributesA
SetFileAttributesA
DeleteFileA
FindNextFileA
RemoveDirectoryA
GetVersionExA
GetWindowsDirectoryA
CloseHandle
OpenProcess
GetCurrentProcessId
GetProcAddress
WriteFile
lstrlenA
CreateFileA
lstrcatA
lstrcpyA
GetSystemDirectoryA
CreateDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrcpynA
LoadLibraryA
FreeLibrary
GetLocalTime
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
lstrlenW
MultiByteToWideChar
GetTickCount
Sleep
GetModuleHandleA
WaitForMultipleObjects
GlobalUnlock
GlobalLock
InterlockedDecrement
lstrcmpiA
SetErrorMode
GetFileType
HeapFree
GetProcessHeap
HeapAlloc
GlobalAddAtomA
ReleaseMutex
CreateProcessA
CopyFileA
CreateMutexA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetOEMCP
HeapSize
SetFilePointer
GetSystemTimeAsFileTime
QueryPerformanceCounter
FlushFileBuffers
SetUnhandledExceptionFilter
TlsAlloc
GetCurrentThreadId
SetLastError
TlsFree
GetStringTypeW
GetStringTypeA
CompareStringW
GetUserDefaultLCID
CompareStringA
GetDateFormatA
GetTimeFormatA
LCMapStringW
LCMapStringA
HeapReAlloc
GetCPInfo
GetCommandLineA
GetStartupInfoA
GetCurrentProcess
TerminateProcess
CreateThread
ResumeThread
TlsGetValue
TlsSetValue
ExitThread
ExitProcess
RaiseException
RtlUnwind
InterlockedIncrement
GetTimeZoneInformation
SetStdHandle
ReadFile
GetLocaleInfoW
SetEndOfFile
SetEnvironmentVariableA
LocalFree
IsBadCodePtr
IsBadReadPtr
IsValidCodePage
GetComputerNameA
EnumSystemLocalesA
IsValidLocale

user32

LoadCursorA
RegisterClassA
CreateWindowExA
GetMessageA
PostQuitMessage
DialogBoxParamA
DefWindowProcA
RegisterHotKey
PostMessageA
GetTopWindow
SendMessageTimeoutA
IsWindowVisible
IsWindow
GetKeyState
MapVirtualKeyA
GetParent
RegisterWindowMessageA
GetActiveWindow
GetForegroundWindow
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
LoadIconA
GetDesktopWindow
GetDC
ReleaseDC
FindWindowExA
GetDlgItem
GetSystemMetrics
SetWindowPos
SendDlgItemMessageA
wsprintfA
MessageBoxA
GetWindowLongA
GetWindowThreadProcessId
PeekMessageA
DispatchMessageA
TranslateMessage
SetTimer
DestroyWindow
EndDialog
KillTimer
SendMessageA
MoveWindow
ShowWindow
FindWindowA
EnumChildWindows
GetClassNameA
UnregisterHotKey
EmptyClipboard

gdi32

DeleteDC
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
GetStockObject
DeleteObject

advapi32

RegCloseKey
GetUserNameA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA

shell32

ShellExecuteA

ole32

CoTaskMemAlloc
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree

oleaut32

SysStringByteLen
VariantCopy
VariantClear
GetErrorInfo
SysAllocStringByteLen
SysFreeString
SysAllocStringLen
SysStringLen
VariantInit

Sections

.text
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18ef92c3aca3cedd90c52819aa246841

Headers

File Characteristics

Imports

wininet

shlwapi

ws2_32

oleacc

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 216KB - Virtual size: 215KB

.rdata Size: 36KB - Virtual size: 33KB

.data Size: 8KB - Virtual size: 28KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 216KB - Virtual size: 215KB

.rdata
Size: 36KB - Virtual size: 33KB

.data
Size: 8KB - Virtual size: 28KB

.rsrc
Size: 48KB - Virtual size: 47KB