27339b3657aba3f9a10fdcf98b57d826

Sharing

Copy URL

Twitter E-mail

General

Target

27339b3657aba3f9a10fdcf98b57d826
Size

415KB
MD5

27339b3657aba3f9a10fdcf98b57d826
SHA1

98a9dc5f31fe4334c043ad8ebbfa0da0807525b0
SHA256

0fa43f20b3df354b47b1da9eb6662bb099d90b66d7b7549eb888c5746ccdcde0
SHA512

3eace172152894750fff726a9caa0b1608200353a806e8e39f416770a291213ac91b1c700ec6d3602c3a73b1c1106f3660bc5964244dbd8d3f457e555f0db3ec
SSDEEP

6144:7dRjP7OD2wbPUsFeu0PK7ZI5wfmlRhF0kzyLjGD7yTD39T0xmjeTusvyrs5rLKwY:7d1woMe87ZIqOlfLD2339YtTus+kr2w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27339b3657aba3f9a10fdcf98b57d826

Files

27339b3657aba3f9a10fdcf98b57d826
.exe windows:4 windows x86 arch:x86

af02420eca48a933aec26c96194249f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA
FindTextW
ReplaceTextW
GetOpenFileNameW

wininet

InternetCombineUrlW
FindFirstUrlCacheEntryExA
CommitUrlCacheEntryA
InternetTimeFromSystemTimeA
InternetSetFilePointer
InternetQueryDataAvailable
InternetReadFile
InternetCanonicalizeUrlA
FtpCommandW
SetUrlCacheConfigInfoW
InternetAlgIdToStringW
DeleteUrlCacheContainerW
GopherFindFirstFileW
HttpQueryInfoA
InternetWriteFileExW
InternetConnectW
InternetUnlockRequestFile
InternetCloseHandle
HttpSendRequestW
SetUrlCacheEntryInfoW

gdi32

ResizePalette
SwapBuffers
GetCharABCWidthsFloatW
gdiPlaySpoolStream
PtVisible
GetTextMetricsW
SetTextJustification
CreateMetaFileA
EnumFontFamiliesExA
GetLayout
GetCharABCWidthsA
GetTextColor
GetEnhMetaFileA
PolyTextOutA
SetWindowOrgEx
SetWindowExtEx
SetPolyFillMode
BeginPath
ColorMatchToTarget
PtInRegion

advapi32

CryptDeriveKey
CryptGetDefaultProviderA
LookupAccountNameW
CryptDuplicateHash
LookupPrivilegeDisplayNameW

kernel32

FindNextFileA
EnumSystemLocalesA
SetEnvironmentVariableA
TlsAlloc
InterlockedExchange
LeaveCriticalSection
CreateEventW
GetCurrentProcess
GetTimeFormatA
LoadLibraryA
SetHandleCount
GetProcAddress
TlsGetValue
OpenWaitableTimerW
GetLocaleInfoW
GetAtomNameA
GlobalAlloc
HeapDestroy
GetDateFormatA
LCMapStringA
GetCurrentThread
InitializeCriticalSection
GetCommandLineW
CompareStringW
WriteFile
InterlockedDecrement
GetModuleFileNameW
GetCommandLineA
OpenEventA
GetOEMCP
GetFileAttributesExA
GlobalGetAtomNameW
GetDriveTypeW
WaitForSingleObjectEx
GetTimeZoneInformation
LocalLock
HeapReAlloc
VirtualQuery
ResetEvent
GetLogicalDriveStringsW
GetVersionExA
GetStringTypeA
TerminateProcess
GetEnvironmentStrings
GetACP
WideCharToMultiByte
CreateDirectoryA
EnumResourceNamesW
TlsFree
CopyFileA
FreeEnvironmentStringsA
GetEnvironmentStringsW
IsDebuggerPresent
SetLastError
EnterCriticalSection
MapViewOfFile
QueryPerformanceCounter
GetLocaleInfoA
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
GetCPInfo
WriteConsoleOutputA
GetCurrentThreadId
VirtualFree
UnhandledExceptionFilter
GetStringTypeW
HeapCreate
IsValidLocale
GetStartupInfoW
IsValidCodePage
CompareStringA
GetTempPathW
GetTickCount
MultiByteToWideChar
VirtualAlloc
LocalUnlock
SetConsoleCtrlHandler
FreeLibrary
GetCurrentProcessId
GetLastError
HeapSize
ExitProcess
InterlockedIncrement
GetModuleHandleA
GetStdHandle
HeapFree
RtlUnwind
GetStartupInfoA
GetProcessHeap
GetFileType
GetUserDefaultLCID
DeleteCriticalSection
TlsSetValue
Sleep
GetSystemTimeAsFileTime
LCMapStringW
HeapAlloc
GetModuleFileNameA

user32

SystemParametersInfoA
OpenDesktopW
OemToCharW
MoveWindow
BlockInput
GetClipboardOwner
GetKeyboardLayoutNameW
CharPrevExA
SetShellWindow
SendInput
ReplyMessage
CheckMenuItem
GetClassInfoW
MessageBoxA
UnhookWindowsHookEx
IsCharAlphaNumericW
EnumDisplaySettingsA
DdeAccessData
ToAsciiEx
ChangeDisplaySettingsW
IsDialogMessage
MessageBoxExW
GetScrollPos

Sections

.text
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 278KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af02420eca48a933aec26c96194249f4

Headers

File Characteristics

Imports

comdlg32

wininet

gdi32

advapi32

kernel32

user32

Sections

.text Size: 129KB - Virtual size: 128KB

.data Size: 278KB - Virtual size: 306KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 129KB - Virtual size: 128KB

.data
Size: 278KB - Virtual size: 306KB

.rsrc
Size: 6KB - Virtual size: 6KB