440fd0d6a47a34841e6e0b350ffd92f2

Sharing

Copy URL

Twitter E-mail

General

Target

440fd0d6a47a34841e6e0b350ffd92f2
Size

596KB
MD5

440fd0d6a47a34841e6e0b350ffd92f2
SHA1

88e5857774d1481578d4b8d2802b7a8d53c9baae
SHA256

71017b7cdf7fc678a4bb1208558a06b7ba328b3476c4a5c9ac4fe4ba6f616c14
SHA512

c0a4d62027f851caf786e81a4a4ff2488d1bfc5a8f03c89f0725890bbef0be5257fb5dbaa0bfb7c919bedc0e058ddf5e6fea1285b32f1e63b051eb62d07a8ea8
SSDEEP

12288:OTPhrQENoO1HH+QBiBtnBRgzQ8kVZKLzBSNLXMQMRzaI4:iP2EoIdBocwKL8lUzaI4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
440fd0d6a47a34841e6e0b350ffd92f2

Files

440fd0d6a47a34841e6e0b350ffd92f2
.exe windows:4 windows x86 arch:x86

b9d7ccc7b2afc0cb5b61d9d0210088b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateStatusWindowA
InitCommonControlsEx
CreateStatusWindow
ImageList_LoadImageW
ImageList_Destroy
ImageList_Write
ImageList_SetFilter
ImageList_Read
ImageList_BeginDrag
ImageList_DragEnter
ImageList_GetImageCount

wininet

CreateUrlCacheEntryA
FtpFindFirstFileA

user32

DefWindowProcW
DialogBoxParamA
GetNextDlgGroupItem
EnumClipboardFormats
SetClipboardViewer
OemToCharBuffW
EmptyClipboard
RegisterClassExA
BringWindowToTop
RegisterClassA
GetDialogBaseUnits
SetFocus
ActivateKeyboardLayout
LoadAcceleratorsW
SetWindowLongW
GetDC
EnumDisplayDevicesW
GetClipCursor
IsRectEmpty
CharLowerW
RedrawWindow
CreateDialogIndirectParamA
IntersectRect
MapDialogRect
RegisterDeviceNotificationA
GetCursorInfo
CreateWindowStationA
GetWindowThreadProcessId
ChangeDisplaySettingsW

kernel32

EnterCriticalSection
GetStartupInfoW
VirtualAlloc
GetVersionExA
GetStringTypeA
GetModuleFileNameW
HeapCreate
TerminateProcess
GetCPInfo
CreateFileA
GetCurrentProcess
SetStdHandle
HeapFree
GetFileType
GetCurrentProcessId
ReadFile
GetCommandLineA
LeaveCriticalSection
RtlUnwind
TlsAlloc
GetTempFileNameA
MultiByteToWideChar
LocalReAlloc
CreateMutexA
GetProcAddress
GetEnvironmentStringsW
GetPrivateProfileStructA
lstrcat
OpenMutexA
GetEnvironmentStrings
GetStartupInfoA
IsValidCodePage
GetSystemTimeAsFileTime
IsBadWritePtr
GetModuleFileNameA
GetLocaleInfoA
OpenSemaphoreW
IsValidLocale
SetHandleCount
CompareStringW
LCMapStringW
TlsGetValue
HeapAlloc
SetFilePointer
GetCurrentThreadId
GetSystemInfo
LocalFileTimeToFileTime
InitializeCriticalSection
FlushFileBuffers
InterlockedIncrement
GetModuleHandleA
GetStringTypeW
GetTimeFormatA
LCMapStringA
CompareStringA
VirtualProtect
GetCurrentThread
EnumSystemLocalesA
FreeEnvironmentStringsW
GetACP
GetStdHandle
SetLastError
QueryPerformanceCounter
VirtualFree
UnhandledExceptionFilter
GetTickCount
SetVolumeLabelW
LoadLibraryA
TlsSetValue
HeapSize
FreeEnvironmentStringsA
CloseHandle
GetUserDefaultLCID
GetCommandLineW
ExitProcess
GetFullPathNameA
GetLastError
GetLocaleInfoW
GetDateFormatA
GetProfileStringA
HeapReAlloc
HeapDestroy
TlsFree
DeleteCriticalSection
WriteFile
InterlockedExchange
GetTimeZoneInformation
SetEnvironmentVariableA
VirtualQuery
GetOEMCP
WideCharToMultiByte

Sections

.text
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9d7ccc7b2afc0cb5b61d9d0210088b1

Headers

File Characteristics

Imports

comctl32

wininet

user32

kernel32

Sections

.text Size: 168KB - Virtual size: 164KB

.rdata Size: 256KB - Virtual size: 253KB

.data Size: 112KB - Virtual size: 132KB

.rsrc Size: 56KB - Virtual size: 55KB

.text
Size: 168KB - Virtual size: 164KB

.rdata
Size: 256KB - Virtual size: 253KB

.data
Size: 112KB - Virtual size: 132KB

.rsrc
Size: 56KB - Virtual size: 55KB