242eb09618a66c821858ee5dd6029bc9

Sharing

Copy URL Twitter E-mail

General

Target

242eb09618a66c821858ee5dd6029bc9
Size

556KB
MD5

242eb09618a66c821858ee5dd6029bc9
SHA1

405a040f6e3da5ac61fc6b026dd6eb18dab297a7
SHA256

e0d1c57c242f19276b1f4adc2118061d2dfe9041201dd15a5594abaeb846d524
SHA512

c5cea03f56d5d0d3cf929a45cd0f9771f6a0c69eb51a7db2b491c38623b37169e34c0a549e0eef49fece8b0df8e73798e6586bb4dae3e998f6f82e7c380b6283
SSDEEP

12288:V0iJSYs99E9C+MVJO5NUPs17hRG5ewk2qDhTyLw6jo1q:hJSYsTE9eJO5K017ho5FNIGkG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
242eb09618a66c821858ee5dd6029bc9

Files

242eb09618a66c821858ee5dd6029bc9
.exe windows:4 windows x86 arch:x86

0e842aee5862da0b20ed85c1da99e769

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetGetLastResponseInfoW

comctl32

DrawStatusText
InitCommonControlsEx
CreatePropertySheetPageA
ImageList_DragShowNolock
CreateToolbar
DrawStatusTextW
ImageList_SetOverlayImage

advapi32

ReportEventA
RegEnumKeyA
LookupPrivilegeDisplayNameA
InitializeSecurityDescriptor
CryptSetProviderExA
InitiateSystemShutdownA
CryptVerifySignatureW
RegDeleteKeyA
RegSaveKeyA
CreateServiceA
CryptVerifySignatureA
CryptGenRandom
CryptGetKeyParam
CryptEnumProvidersA
RegDeleteValueW
RegQueryMultipleValuesA
AbortSystemShutdownA
CryptReleaseContext
RegNotifyChangeKeyValue
CryptDestroyKey
RegRestoreKeyW

user32

ArrangeIconicWindows
DefWindowProcA
DestroyWindow
WaitForInputIdle
PackDDElParam
CreateWindowExA
CountClipboardFormats
DrawFrame
ToAsciiEx
ShowWindow
RegisterClassA
RegisterClassExA
MessageBoxW
DestroyCaret

kernel32

VirtualQuery
TlsSetValue
SetConsoleCursorPosition
SetEnvironmentVariableA
HeapDestroy
GetProcessHeap
TlsAlloc
GetModuleFileNameW
ReleaseMutex
HeapValidate
InterlockedDecrement
GetConsoleMode
TlsFree
LCMapStringA
GetVersionExA
IsBadReadPtr
TerminateProcess
InterlockedExchange
GetCommandLineA
CloseHandle
UnhandledExceptionFilter
ResumeThread
GetEnvironmentStrings
IsValidLocale
GetEnvironmentStringsW
Sleep
IsBadWritePtr
GetLongPathNameW
GetModuleHandleA
GetCommandLineW
GetCurrentProcess
GetStringTypeA
VirtualProtect
GetTickCount
HeapAlloc
GetSystemTimeAsFileTime
GetTimeFormatA
lstrcmpW
ReadConsoleOutputCharacterW
HeapReAlloc
GetLocaleInfoA
GetLocaleInfoW
SetConsoleCP
DeleteCriticalSection
SetHandleCount
HeapCreate
GetCPInfo
SetConsoleCursorInfo
GetCurrentProcessId
GetFileType
ExpandEnvironmentStringsW
InterlockedIncrement
FreeEnvironmentStringsA
GetModuleFileNameA
CompareStringA
SetFilePointer
GetTimeZoneInformation
IsValidCodePage
GetStartupInfoA
FindNextFileW
EnumResourceLanguagesW
GetStringTypeW
WideCharToMultiByte
TerminateThread
VirtualAlloc
WriteFile
GetCurrentThread
SetLastError
SetStdHandle
GetLastError
ExitProcess
EnumSystemLocalesA
FreeEnvironmentStringsW
GetSystemTimeAdjustment
InitializeCriticalSection
HeapFree
GetUserDefaultLCID
MultiByteToWideChar
OpenMutexA
LoadLibraryA
RtlUnwind
EnterCriticalSection
DeleteAtom
CreateMutexA
ReadFile
LeaveCriticalSection
QueryPerformanceCounter
GetStartupInfoW
GetDateFormatA
GetCurrentThreadId
GetOEMCP
EnumSystemLocalesW
GetPrivateProfileSectionNamesA
GetSystemInfo
LCMapStringW
SetConsoleCtrlHandler
TlsGetValue
DebugBreak
GetStdHandle
CompareStringW
GetProcAddress
VirtualFree
WriteConsoleInputW
OutputDebugStringA
GetACP
FlushFileBuffers

gdi32

CreateDCA
LPtoDP
GetGraphicsMode
PlayEnhMetaFile
UpdateICMRegKeyA
DeleteDC
GetMapMode
CreateMetaFileW
GetDeviceCaps
GetOutlineTextMetricsA
Ellipse
GetTextMetricsW
DeleteObject
GetTextFaceA
GetObjectW

comdlg32

GetFileTitleA

Sections

.text
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 213KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e842aee5862da0b20ed85c1da99e769

Headers

File Characteristics

Imports

wininet

comctl32

advapi32

user32

kernel32

gdi32

comdlg32

Sections

.text Size: 212KB - Virtual size: 211KB

.rdata Size: 213KB - Virtual size: 225KB

.data Size: 107KB - Virtual size: 106KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 212KB - Virtual size: 211KB

.rdata
Size: 213KB - Virtual size: 225KB

.data
Size: 107KB - Virtual size: 106KB

.rsrc
Size: 23KB - Virtual size: 23KB