2652effc0686dc5c9ba6cb7f2e7dd09e

Sharing

Copy URL Twitter E-mail

General

Target

2652effc0686dc5c9ba6cb7f2e7dd09e
Size

156KB
MD5

2652effc0686dc5c9ba6cb7f2e7dd09e
SHA1

50771fd431ba1f34ca85add8ba87363b07606183
SHA256

e2184ac5539dcb6b5e13f30768b8b51922cc080462a2fa4b0ecd02642e632041
SHA512

054b1ee8d15cd89ff145fc23964816302a3cf9a77dede6d87799bb71069d885319784e0892dc88c1656170cf3b93ab5c2682579d34371931829e2470d0ad55f4
SSDEEP

3072:DLXRLOYyzKNrds412HLn+K/pyALBYp0V2HX4LQh/lZebvMY:DlOYc2OL+48q/Szebb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2652effc0686dc5c9ba6cb7f2e7dd09e

Files

2652effc0686dc5c9ba6cb7f2e7dd09e
.exe windows:4 windows x86 arch:x86

e5838d2e400eeb058bf18b60791a780f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
WaitForSingleObject
CreateThread
HeapAlloc
GetSystemInfo
GetVersionExA
HeapCreate
ExitProcess
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
FlushInstructionCache
GetCurrentProcess
FreeLibrary
GetProcAddress
LoadLibraryA
GetShortPathNameA
SystemTimeToFileTime
lstrcpynA
GetPrivateProfileSectionA
ReleaseMutex
GetSystemTime
TerminateThread
WinExec
CreateDirectoryA
lstrcmpiA
FindClose
FindNextFileA
FindFirstFileA
SetCurrentDirectoryA
GetTickCount
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapFree
GetSystemDirectoryA
GetModuleFileNameA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
CreateMutexA
GetLastError
GetStringTypeExA
GetThreadLocale
OutputDebugStringA
DebugBreak
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetTempPathA
SetFileTime
GetFileTime
DeleteFileA
CopyFileA
GetFileSize
WriteFile
ReadFile
CloseHandle
CreateFileA
InterlockedIncrement
GetSystemDefaultLangID
lstrcpyA
lstrcatA
lstrlenA
RtlUnwind
lstrcmpA
InterlockedDecrement

user32

LoadImageA
GetSystemMetrics
SetWindowPos
MapWindowPoints
GetClientRect
SystemParametersInfoA
GetWindow
SetClassLongA
KillTimer
EndPaint
DrawIconEx
DrawTextA
ReleaseDC
GetDC
BeginPaint
PostThreadMessageA
PostQuitMessage
SendMessageTimeoutA
BringWindowToTop
CharUpperA
DialogBoxParamA
EndDialog
UpdateWindow
GetWindowTextA
MoveWindow
CreateWindowExA
RegisterClassExA
GetClassInfoExA
SetWindowTextA
GetDlgItem
GetParent
GetWindowLongA
GetCapture
InvalidateRect
SetCapture
GetWindowRect
ClientToScreen
PtInRect
ReleaseCapture
LoadCursorA
SetCursor
GetPropA
CallWindowProcA
RemovePropA
CharLowerA
SendMessageA
SetWindowLongA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
DestroyWindow
CreateDialogParamA
LoadStringA
CharNextA
wsprintfA
wvsprintfA
ShowWindow
SetTimer
SetFocus
IsDialogMessageA
LoadIconA
PostMessageA
SetPropA

gdi32

GetDeviceCaps
DPtoLP
SetBkMode
GetTextExtentPoint32A
CreateCompatibleDC
SelectObject
StretchBlt
DeleteDC
GetObjectA
CreateFontIndirectA
SetTextColor
DeleteObject

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegCloseKey

ole32

OleUninitialize
CoInitialize
CoUninitialize
OleInitialize

ws2_32

recv
inet_ntoa
gethostbyname
inet_addr
send
setsockopt
getprotobyname
socket
WSAStartup
WSACleanup
closesocket
connect
htons

shlwapi

StrToIntA
StrStrIA

shell32

ShellExecuteA

setupapi

SetupIterateCabinetA

wininet

InternetCrackUrlA

comctl32

InitCommonControlsEx

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5838d2e400eeb058bf18b60791a780f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

ws2_32

shlwapi

shell32

setupapi

wininet

comctl32

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 13KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 13KB

.rsrc
Size: 20KB - Virtual size: 17KB