42b11cd12cc63a48d4277d5486785dd9

Sharing

Copy URL Twitter E-mail

General

Target

42b11cd12cc63a48d4277d5486785dd9
Size

520KB
MD5

42b11cd12cc63a48d4277d5486785dd9
SHA1

877f625c6c4b96d8c84e32be60522422594a4ffe
SHA256

8dfdc04bf909cc3f939c5abd2df7b8e299664a519d4ff4db83eb576f2529ec80
SHA512

f91d11c603aa16ecffbabb31882b61d3bc2c9626b25a2d161ec20810a4315f1d32cc733e56dae07a1349aa6df385c047a0935449b0c4da546b65ccc0514546d1
SSDEEP

12288:OZS5ymzZQMLDNIzi4hfLefELbY5lpst9WPs6uIxvv22KG:MSL1QMZIzi4ZLe4bYPpst9esop

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42b11cd12cc63a48d4277d5486785dd9

Files

42b11cd12cc63a48d4277d5486785dd9
.exe windows:4 windows x86 arch:x86

975e88bdcbf3276a87b5999586aaefc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateDialogParamA
RegisterClassA
GetWindowModuleFileNameW
RegisterClassExA
OemKeyScan
GetPropA
ValidateRect
LoadBitmapA

wininet

IncrementUrlCacheHeaderData
DeleteUrlCacheEntryA
InternetOpenW
InternetGetCookieW
InternetGetConnectedStateExA
FindFirstUrlCacheEntryExA
SetUrlCacheEntryGroupW

shell32

ShellExecuteA
ShellExecuteW

comctl32

InitCommonControlsEx

kernel32

WriteFile
TlsSetValue
CompareStringA
SetHandleCount
CompareStringW
QueryPerformanceCounter
SetEnvironmentVariableA
HeapCreate
GetLastError
IsValidCodePage
GetFileType
GetDateFormatA
GetTickCount
CreateFileMappingW
LCMapStringW
SetThreadPriority
FindResourceW
InterlockedExchange
OpenMutexA
GetACP
GetProcessShutdownParameters
VirtualAlloc
GetSystemTimeAsFileTime
SetLastError
InitializeCriticalSection
HeapAlloc
GetSystemInfo
IsDebuggerPresent
ExitProcess
GetUserDefaultLCID
GetEnvironmentStringsW
FlushFileBuffers
GetCurrentThreadId
IsValidLocale
SetFilePointer
SetThreadLocale
LocalFlags
MultiByteToWideChar
GetDiskFreeSpaceExA
HeapReAlloc
WriteConsoleOutputCharacterA
GetOEMCP
FreeEnvironmentStringsA
CloseHandle
GetThreadPriorityBoost
GetCurrentThread
EnterCriticalSection
GetStdHandle
GetTimeZoneInformation
CreateMutexA
GetCurrentProcess
TlsGetValue
GetStartupInfoA
HeapDestroy
GetCurrentProcessId
GetLocaleInfoW
FreeEnvironmentStringsW
WideCharToMultiByte
ReadFile
HeapFree
TlsFree
TerminateProcess
GetStringTypeA
UnhandledExceptionFilter
GetTimeFormatA
GetCommandLineA
GetVersionExA
WritePrivateProfileStringW
GetProcAddress
GetModuleHandleA
VirtualFree
VirtualQuery
GetLocaleInfoA
ResumeThread
GetCPInfo
DeleteCriticalSection
HeapSize
lstrcmpA
IsBadWritePtr
RtlUnwind
LeaveCriticalSection
LCMapStringA
EnumTimeFormatsW
SetStdHandle
GetModuleFileNameA
GetTempFileNameW
LoadLibraryA
GetEnvironmentStrings
TlsAlloc
VirtualProtect
GetStringTypeW
LoadResource
EnumSystemLocalesA

advapi32

CryptGetProvParam
RegCreateKeyA
CryptImportKey
CryptSetKeyParam
RegSetValueW
RegEnumKeyW
RegEnumKeyA
CryptSetProviderA
RegOpenKeyExA
InitiateSystemShutdownA
CryptDestroyHash
CryptGenRandom
StartServiceA
RegEnumKeyExA
CryptGetDefaultProviderA
CryptDuplicateHash
RegQueryValueExA
RegQueryValueA
RegDeleteKeyA
CryptGetDefaultProviderW
RegQueryInfoKeyW
CryptSetHashParam
CryptVerifySignatureW
LookupPrivilegeNameW

comdlg32

GetOpenFileNameW
FindTextW

Sections

.text
Size: 377KB - Virtual size: 377KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

975e88bdcbf3276a87b5999586aaefc7

Headers

File Characteristics

Imports

user32

wininet

shell32

comctl32

kernel32

advapi32

comdlg32

Sections

.text Size: 377KB - Virtual size: 377KB

.rdata Size: 28KB - Virtual size: 42KB

.data Size: 103KB - Virtual size: 102KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 377KB - Virtual size: 377KB

.rdata
Size: 28KB - Virtual size: 42KB

.data
Size: 103KB - Virtual size: 102KB

.rsrc
Size: 10KB - Virtual size: 10KB