24ebb2090bf8b44c52c268b8ca3490fb

Sharing

Copy URL Twitter E-mail

General

Target

24ebb2090bf8b44c52c268b8ca3490fb
Size

428KB
MD5

24ebb2090bf8b44c52c268b8ca3490fb
SHA1

09704b2de889965fde5b2ea2efff02ebdda0ea60
SHA256

863dd19fcd192bf82e442cb4a35a361c7842e96e20d83b7ea32c996b932bf53a
SHA512

af183a860fd4952ad4b4c38411069c4d645b65f2629adcafb6231256dee8946c09c597a62706db402d7a735ae1b95b6b2a0adb687f0a4a1374c6e6a41abaa255
SSDEEP

12288:vaXoOkCDANjEHoLjUNwIEG97NlbM68YbGE28N:vaXo7pNjEI5I1l9bD7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24ebb2090bf8b44c52c268b8ca3490fb

Files

24ebb2090bf8b44c52c268b8ca3490fb
.exe windows:4 windows x86 arch:x86

cec15160925bebe30301de1614d0374f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FreeUrlCacheSpaceW
FindNextUrlCacheGroup
InternetGetCertByURL
RetrieveUrlCacheEntryFileW
FtpGetFileW

shell32

SHGetPathFromIDList
ShellExecuteExW
SHFileOperation

kernel32

WriteConsoleA
SetEnvironmentVariableA
GetStdHandle
TlsSetValue
VirtualQuery
GetLastError
WideCharToMultiByte
RtlUnwind
VirtualProtect
GetModuleFileNameA
GetModuleHandleA
IsValidCodePage
GetStringTypeA
GetCommandLineA
GetSystemInfo
HeapFree
SetThreadPriority
HeapCreate
LocalFlags
GetTickCount
SetHandleCount
EnumSystemLocalesA
GetLongPathNameA
GetOEMCP
GetCurrentThread
VirtualFree
GetStringTypeW
GetStartupInfoA
ExitProcess
GetTimeFormatA
GetThreadPriority
TlsFree
GetDateFormatA
MultiByteToWideChar
QueryPerformanceCounter
TlsAlloc
TerminateProcess
HeapDestroy
GetProcessAffinityMask
HeapSize
FindNextChangeNotification
FindResourceExA
GetCurrentThreadId
CompareStringA
VirtualAlloc
EnterCriticalSection
GetUserDefaultLCID
GetCurrentProcess
FreeEnvironmentStringsA
InterlockedExchange
GetTimeZoneInformation
InitializeCriticalSection
IsValidLocale
GetSystemTimeAsFileTime
GetFileType
GetProcAddress
CreateNamedPipeW
UnhandledExceptionFilter
LeaveCriticalSection
CloseHandle
EnumDateFormatsExW
GetACP
WriteFile
LoadResource
TlsGetValue
FreeEnvironmentStringsW
LoadLibraryA
GetCurrentProcessId
GetVersionExA
HeapReAlloc
GetEnvironmentStrings
DeleteCriticalSection
HeapAlloc
SetConsoleTitleW
SetLastError
IsBadWritePtr
GetLocaleInfoW
CompareStringW
GetCompressedFileSizeA
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
CreateDirectoryW
GetLocaleInfoA
GetCPInfo

advapi32

AbortSystemShutdownA
RegSaveKeyW
RegQueryMultipleValuesW
RegQueryValueExW
CryptSetHashParam
CryptGetUserKey
ReportEventA
LookupAccountNameW
CryptSignHashW
ReportEventW
RegDeleteKeyA
CryptEnumProviderTypesA
DuplicateTokenEx
StartServiceW
CryptDeriveKey
LookupAccountSidW
CryptReleaseContext
CryptSetKeyParam

user32

SetCaretBlinkTime
EnumDisplaySettingsA
DefMDIChildProcA
ShowCursor
CreateDesktopA
DrawFrame
DdeFreeStringHandle
EnumWindowStationsW
GetMenuItemRect
MapDialogRect
EnumPropsA
DrawMenuBar
GetDCEx
LoadIconA
LoadMenuIndirectW
GetMenuDefaultItem
IsClipboardFormatAvailable
RegisterDeviceNotificationA
CheckRadioButton
GetUserObjectSecurity
GetClassInfoExW
DrawEdge

comdlg32

GetOpenFileNameW
GetSaveFileNameA

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cec15160925bebe30301de1614d0374f

Headers

File Characteristics

Imports

wininet

shell32

kernel32

advapi32

user32

comdlg32

Sections

.text Size: 136KB - Virtual size: 135KB

.rdata Size: 8KB - Virtual size: 22KB

.data Size: 279KB - Virtual size: 278KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 136KB - Virtual size: 135KB

.rdata
Size: 8KB - Virtual size: 22KB

.data
Size: 279KB - Virtual size: 278KB

.rsrc
Size: 3KB - Virtual size: 3KB