24115f2937abc0cc59e2d2188f012c2a

Sharing

Copy URL Twitter E-mail

General

Target

24115f2937abc0cc59e2d2188f012c2a
Size

22.6MB
MD5

24115f2937abc0cc59e2d2188f012c2a
SHA1

f2276618dd897d60c5ed41c519cf0795c960e7db
SHA256

e02191c18ddac2ffb16e06126e594148423df750a9ad29f55878f0fee8efd0de
SHA512

eade51766189b09235f8ccd8f9dc343ab50945c423b80e08ad2532d41806694f3c81164589db9a12ec20ed989319733fcd32f3b630fc6d898df6e73e3500695e
SSDEEP

393216:ft5SgF7lCUymTahyG/1G8Oyh34l4EuCjXWul4FPK8moItM4ZaeRbD8ST:F4s7llBG/h3y4YvKN/cM18B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24115f2937abc0cc59e2d2188f012c2a

Files

24115f2937abc0cc59e2d2188f012c2a
.exe windows:5 windows x86 arch:x86

310e7b2b96b02ccfba01f485a3c0827f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

GetPrivateProfileStringW
MoveFileExW
CreateThread
InitializeCriticalSection
DeleteCriticalSection
LockResource
FindResourceExW
GetVersion
GetVersionExW
GetModuleFileNameW
SetLastError
LoadLibraryExW
GetCurrentProcessId
ReadFile
GetStdHandle
SetFileTime
SetFileAttributesW
FindClose
FindFirstFileW
GetFileSize
SetFilePointer
SetEndOfFile
LocalFree
LocalAlloc
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
GetCommandLineW
GetEnvironmentStringsW
WritePrivateProfileStringW
LCMapStringW
LCMapStringA
GetStartupInfoA
GetFileType
SetHandleCount
GetDateFormatA
GetTimeFormatA
GetTimeZoneInformation
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
ExitProcess
Sleep
HeapCreate
GetStartupInfoW
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
GlobalAlloc
FreeResource
GlobalLock
GlobalUnlock
GlobalFree
IsBadReadPtr
IsBadWritePtr
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
CreateFileA
SetStdHandle
FlushFileBuffers
DeleteFileW
LoadLibraryW
FreeLibrary
lstrcatW
OpenProcess
TerminateProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CreateMutexA
ReleaseMutex
CreateDirectoryW
CreateFileW
WriteFile
WideCharToMultiByte
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
GetLastError
GetTempPathW
MultiByteToWideChar
GetFileAttributesW
ExpandEnvironmentStringsW
FindResourceW
LoadResource
SizeofResource
GetModuleHandleW
GetCurrentThreadId
lstrlenA
OutputDebugStringW
DebugBreak
InterlockedIncrement
lstrcmpiW
GetTickCount
GetDiskFreeSpaceExW
InterlockedDecrement
FlushInstructionCache
lstrcpyW
lstrlenW
CompareStringW
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetModuleHandleA
GetProcAddress
GetCurrentProcess
CloseHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
SetEnvironmentVariableA
FreeEnvironmentStringsW

user32

MoveWindow
GetWindowRgn
RegisterClassExW
ClientToScreen
EndPaint
BeginPaint
GetSysColor
GetFocus
GetCapture
UnregisterClassA
LoadCursorW
ReleaseCapture
SetCursor
FillRect
CallWindowProcW
GetDlgCtrlID
SetFocus
SetCapture
IsWindowEnabled
InvalidateRect
UpdateWindow
DrawFocusRect
CreateDialogParamW
SetRectEmpty
DestroyCursor
DefWindowProcW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
wsprintfW
LoadImageW
CreateCursor
OffsetRect
CharNextW
GetCursorPos
ExitWindowsEx
GetClassNameW
PostQuitMessage
DrawTextW
LoadStringW
GetWindow
SystemParametersInfoW
MapWindowPoints
IsWindow
AdjustWindowRectEx
IsDialogMessageW
MessageBoxW
GetDlgItem
GetParent
ChildWindowFromPoint
SetDlgItemTextW
GetDlgItemTextW
EnableWindow
KillTimer
SetTimer
ShowWindow
ReleaseDC
GetWindowDC
GetDC
ScreenToClient
GetWindowRect
SetWindowPos
GetMenu
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
PostMessageW
GetWindowLongW
CreateWindowExW
SetWindowLongW
wvsprintfW
DestroyWindow
SendMessageW
GetClientRect
PtInRect

gdi32

SetBkMode
SetTextColor
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetObjectW
DeleteObject
BitBlt
DeleteDC
CreateFontIndirectW
PtInRegion
CreateDIBSection
StretchBlt
SetStretchBltMode
StretchDIBits
CreateRectRgn
SetDIBitsToDevice
GetDIBits

advapi32

RegDeleteValueW
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegEnumKeyExW
RegQueryInfoKeyW
RegEnumValueW
RegDeleteKeyW
GetTokenInformation
AllocateAndInitializeSid
FreeSid
IsValidSid
EqualSid
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
AdjustTokenPrivileges

shell32

SHGetSpecialFolderLocation
SHFileOperationW
SHCreateDirectoryExW
SHChangeNotify
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CoTaskMemAlloc
CoInitialize

oleaut32

VariantClear
VarUI4FromStr

shlwapi

StrStrIW
StrCmpIW
PathIsDirectoryW
SHGetValueW
PathFileExistsW

comctl32

ImageList_Destroy
InitCommonControlsEx
_TrackMouseEvent
ImageList_GetIconSize

crypt32

CryptQueryObject
CertGetNameStringW
CertCloseStore
CertFreeCertificateContext
CertFindCertificateInStore
CryptMsgGetParam
CryptMsgClose

setupapi

SetupIterateCabinetW

Sections

.text
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22.2MB - Virtual size: 22.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

310e7b2b96b02ccfba01f485a3c0827f

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

crypt32

setupapi

Sections

.text Size: 303KB - Virtual size: 302KB

.rdata Size: 74KB - Virtual size: 73KB

.data Size: 9KB - Virtual size: 16KB

.rsrc Size: 22.2MB - Virtual size: 22.2MB

.text
Size: 303KB - Virtual size: 302KB

.rdata
Size: 74KB - Virtual size: 73KB

.data
Size: 9KB - Virtual size: 16KB

.rsrc
Size: 22.2MB - Virtual size: 22.2MB