368baec3954c6b7ab09b36d9df0c01df

Sharing

Copy URL Twitter E-mail

General

Target

368baec3954c6b7ab09b36d9df0c01df
Size

125KB
MD5

368baec3954c6b7ab09b36d9df0c01df
SHA1

3cdefb97bb699ba1d3fd1ebf909256e24cbad2f0
SHA256

b90559a88ab60c99896adb139e91b3d21c8e89ef8af968b500a26d7f6729c188
SHA512

acac3cffe0764152abf5a35d79827e7afe015f907c1b9312cd6d2835cddc904eafed0692f89908fafa03c4b5bc566ab0bde81b3e6c72f5c9fb0d4f4e8cc92dd5
SSDEEP

3072:ZOBOEigd0sanZyYJLd9znNxTansmFGRUVbfo/M10ZTxy:ZgKpnLj6szZx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
368baec3954c6b7ab09b36d9df0c01df

Files

368baec3954c6b7ab09b36d9df0c01df
.exe windows:6 windows x86 arch:x86

0268f8e7aa22f3fa902074092f49ca08

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

comctl32

InitCommonControlsEx

urlmon

URLDownloadToCacheFileA

wininet

InternetCanonicalizeUrlA
DeleteUrlCacheEntry

kernel32

FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapReAlloc
HeapSize
GetModuleFileNameA
GetFullPathNameA
lstrlenA
CompareStringA
GetLastError
GetFileAttributesA
LoadLibraryA
CloseHandle
GetProcAddress
FreeLibrary
lstrcpyA
lstrcpynA
GetSystemDirectoryA
CreateProcessA
GetExitCodeProcess
VerifyVersionInfoA
GetCurrentProcess
OutputDebugStringA
FindResourceA
GetEnvironmentVariableA
CreateMutexA
GetVersionExA
LockResource
GlobalAlloc
GlobalFree
DecodePointer
LocalFree
VerSetConditionMask
WideCharToMultiByte
FormatMessageA
MultiByteToWideChar
GetProcessHeap
SetStdHandle
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
WriteConsoleW
LoadResource
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateFileW
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RaiseException
SetLastError
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
GetACP
HeapFree
HeapAlloc
GetStringTypeW
GetFileType

user32

CharNextA
MsgWaitForMultipleObjects
DispatchMessageA
GetWindowRect
LoadCursorA
DestroyWindow
GetSystemMetrics
ShowWindow
IsDialogMessageA
SetWindowTextA
MoveWindow
SetFocus
TranslateMessage
SetDlgItemTextA
SendMessageA
SetCursor
CreateDialogParamA
LoadIconA
SystemParametersInfoA
GetDlgItem
PeekMessageA
SetForegroundWindow
LoadStringA
CharPrevA
ExitWindowsEx
MessageBoxA

advapi32

FreeSid
AllocateAndInitializeSid

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0268f8e7aa22f3fa902074092f49ca08

Headers

DLL Characteristics

File Characteristics

Imports

version

comctl32

urlmon

wininet

kernel32

user32

advapi32

Sections

.text Size: 76KB - Virtual size: 76KB

.rdata Size: 30KB - Virtual size: 30KB

.data Size: 2KB - Virtual size: 4KB

.gfids Size: 512B - Virtual size: 224B

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 76KB - Virtual size: 76KB

.rdata
Size: 30KB - Virtual size: 30KB

.data
Size: 2KB - Virtual size: 4KB

.gfids
Size: 512B - Virtual size: 224B

.rsrc
Size: 14KB - Virtual size: 13KB