382b0662ec44973a274460070c9752a5

General

Target

382b0662ec44973a274460070c9752a5
Size

179KB
MD5

382b0662ec44973a274460070c9752a5
SHA1

48409fdec9127c0258dd5f44c178fdf99be315dc
SHA256

7832da15a56a1714e8cba2549e8354acac481b5dcfa2587260d6efeccd6155ad
SHA512

e97cc3179ebeb3f064c58b5eeeaf2fc472b53cc4afffc55bce101f69b6706aea21c6f8a1b27e4ed8b5fbed9303df85cb875a85a7e4377b17d54b448e893cd348
SSDEEP

3072:7f+KBK1tcs7/vx3D/3/kwRw+0k+IsESdkf7FMVeLun/ThXH2zvanZ4OY:j+vnjvx3D3Xh9SkzSeLun/ThXWzvB7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
382b0662ec44973a274460070c9752a5

Files

382b0662ec44973a274460070c9752a5
.exe windows:4 windows x86 arch:x86

ff03535993e5fea9767d5cfd22970600

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
WaitForSingleObject
GlobalAlloc
FindCloseChangeNotification
FindResourceW
WritePrivateProfileStringW
FindClose
MultiByteToWideChar
lstrlenW
FindFirstChangeNotificationW
LoadLibraryW
GetVersionExA
LoadResource
GetTickCount
InitializeCriticalSection
Sleep
FreeLibrary
LoadLibraryA
DeleteCriticalSection
GetModuleFileNameW
MulDiv
EnumResourceTypesW
FindNextChangeNotification
IsDBCSLeadByte
CloseHandle
LockResource
GlobalSize
GetProcAddress
GlobalLock
GetPrivateProfileStringW
FindFirstFileW
GetPrivateProfileIntW
GetVersionExW
GlobalUnlock
GetCurrentDirectoryW
GetModuleHandleW
GetLocaleInfoW

shell32

SHGetImageList
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteExA
ShellExecuteExW
ShellExecuteW
SHBrowseForFolderA
CommandLineToArgvW
SHFileOperationW
SHGetFolderPathW
Shell_NotifyIconA

wininet

HttpSendRequestA
HttpQueryInfoA
InternetTimeToSystemTime
InternetErrorDlg
InternetCrackUrlA
InternetReadFile
InternetOpenA
InternetConnectA
HttpOpenRequestA
InternetCloseHandle
InternetTimeFromSystemTime

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff03535993e5fea9767d5cfd22970600

Headers

File Characteristics

Imports

kernel32

shell32

wininet

Sections

.text Size: 78KB - Virtual size: 77KB

.rdata Size: 2KB - Virtual size: 149KB

.data Size: 98KB - Virtual size: 97KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 78KB - Virtual size: 77KB

.rdata
Size: 2KB - Virtual size: 149KB

.data
Size: 98KB - Virtual size: 97KB

.rsrc
Size: 512B - Virtual size: 4KB