24efe4871f8dc8014fba3e8564f24994

Sharing

Copy URL

Twitter E-mail

General

Target

24efe4871f8dc8014fba3e8564f24994
Size

112KB
MD5

24efe4871f8dc8014fba3e8564f24994
SHA1

4a631fde0b2cdd61f372e2d5acafc92ed3d07b6a
SHA256

fff0c89ca0b6b435b367b0cf48edae09ac6f8afc544daef82aa4093a0e29fef3
SHA512

9682b74618afa43482fd6460cbdfdfc69023a1aba6edff93e3597354de1711ee6daef58586e195532c25fd4bcb9ed285aa9f9865f6b34e704896cb41bd9d78da
SSDEEP

768:PVmI8cX+p0w3RMBdmN/jyGzoRUBVQTvoT0XkQV8WL+e7/Af4bzD5FGlVT5ZU9QZa:PVF8cG0YPaUBDAXkM8WLh/IuUlV1z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24efe4871f8dc8014fba3e8564f24994

Files

24efe4871f8dc8014fba3e8564f24994
.exe windows:4 windows x86 arch:x86

5c00a9ca6115bd0fb1653bb1c4028493

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
Process32Next
Process32First
CreateToolhelp32Snapshot
ResetEvent
WaitForSingleObject
CreateEventA
CreateThread
lstrlenA
ReadFile
SetEndOfFile
GetSystemInfo
VirtualProtect
GetLocaleInfoA
ExitProcess
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
SetFilePointer
IsBadWritePtr
VirtualAlloc
VirtualQuery
InterlockedExchange
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
VirtualFree
HeapCreate
UnmapViewOfFile
GetVersionExA
CloseHandle
MapViewOfFile
LocalFree
FreeLibrary
LoadLibraryA
CreateFileA
GetProcAddress
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileAttributesA
UnhandledExceptionFilter
GetStdHandle
WriteFile
RtlUnwind
RaiseException
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
GetACP
GetOEMCP
GetCPInfo
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
SetUnhandledExceptionFilter
HeapReAlloc
HeapSize
GetLastError

user32

ShowWindow
CharLowerA
DialogBoxParamA
DestroyWindow
EndDialog
CreateWindowExA
UpdateWindow
TranslateMessage
LoadStringA
LoadAcceleratorsA
SetTimer
GetMessageA
TranslateAcceleratorA
DefWindowProcA
DispatchMessageA
LoadIconA
LoadCursorA
RegisterClassExA
BeginPaint
EndPaint
PostQuitMessage
KillTimer

advapi32

RegNotifyChangeKeyValue
RegCloseKey
RegOpenKeyA
RegSetValueExA
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
RegOpenKeyExA

shell32

ShellExecuteExA
ShellExecuteA

wininet

HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetGetConnectedState

winmm

timeGetTime

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c00a9ca6115bd0fb1653bb1c4028493

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wininet

winmm

Sections

.text Size: 44KB - Virtual size: 40KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 44KB - Virtual size: 40KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 48KB - Virtual size: 47KB