465f5f9c36dadd00a46c77b9815cd6f8

Sharing

Copy URL Twitter E-mail

General

Target

465f5f9c36dadd00a46c77b9815cd6f8
Size

416KB
MD5

465f5f9c36dadd00a46c77b9815cd6f8
SHA1

176b498d3a3d1a938a15e724de0942a7598681d7
SHA256

6efed23aae5c5b243f35190c508e248d64e3aa50da6a9f9767ff94c66f51a936
SHA512

a634b7d1f0174a94cb26c1756f7bb14cf67920a2f4d730ad2b278b17ee091793d745603641ad8b6192873d72ec91e6b5acfe13381000f2cf0fe64ef679bd0300
SSDEEP

6144:AG2/idsrX9bZEiOWG6FKZ+9dHwwZ+keshvfhD6dQWAn51g7CmHSn53qJE5bwbek9:AGOTVy600HwzkpXhwUns7JHS93ao+1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
465f5f9c36dadd00a46c77b9815cd6f8

Files

465f5f9c36dadd00a46c77b9815cd6f8
.exe windows:4 windows x86 arch:x86

aeda8924e489430e364f2f8e48c18ebc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
WideCharToMultiByte
MultiByteToWideChar
GetAtomNameW
SetVolumeLabelA
FillConsoleOutputCharacterW
GetEnvironmentStrings
GetCurrentProcessId
SetEnvironmentVariableA
GetSystemInfo
LCMapStringW
GetStringTypeW
ExitProcess
OpenMutexW
WritePrivateProfileSectionW
CompareStringW
HeapDestroy
GetConsoleCursorInfo
GetPrivateProfileIntA
TlsGetValue
SetComputerNameA
CreateDirectoryA
GlobalUnlock
EnumSystemCodePagesA
HeapSize
ReleaseMutex
CompareStringA
WriteFile
SetFileTime
OpenMutexA
VirtualAlloc
GetVolumeInformationA
GetSystemTimeAsFileTime
GetCurrentProcess
LockFile
ConvertDefaultLocale
FindResourceA
RtlUnwind
GetVersionExA
CloseHandle
GetOEMCP
LeaveCriticalSection
SetConsoleScreenBufferSize
MoveFileW
TlsSetValue
GetThreadLocale
ReadConsoleInputA
MoveFileExA
HeapCreate
GetExitCodeProcess
SetThreadIdealProcessor
CreateMutexA
HeapFree
TlsFree
SuspendThread
GetTimeZoneInformation
GetThreadSelectorEntry
GetCommandLineA
TryEnterCriticalSection
WriteConsoleOutputW
LCMapStringA
CreateSemaphoreA
GetFileAttributesExA
GlobalCompact
IsValidLocale
GetCurrentDirectoryA
MoveFileA
VirtualFreeEx
ReadFile
SetStdHandle
lstrcmpA
GetACP
HeapAlloc
GetProcAddress
SetHandleCount
GetUserDefaultLCID
GetFileType
LoadLibraryExW
DeleteCriticalSection
GetTimeFormatA
GetCompressedFileSizeW
OpenEventA
GetTickCount
PulseEvent
InitializeCriticalSection
EnumSystemLocalesA
GetSystemTimeAdjustment
GetEnvironmentStringsW
VirtualProtect
GetStartupInfoW
FileTimeToDosDateTime
VirtualQuery
GetModuleFileNameA
LoadResource
EnterCriticalSection
GetModuleHandleW
FreeEnvironmentStringsA
GetPrivateProfileSectionW
GetProcessHeap
FindFirstFileExA
LoadLibraryA
InterlockedExchange
UnhandledExceptionFilter
GetLocaleInfoA
GetModuleHandleA
GetProfileStringA
QueryPerformanceCounter
GetProcessShutdownParameters
VirtualFree
GetWindowsDirectoryW
GetLastError
SetConsoleWindowInfo
GetCurrentThreadId
GetDateFormatA
GetStdHandle
GetShortPathNameW
EnumResourceNamesA
AddAtomW
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
GetVersion
GetCurrentThread
UnlockFileEx
GetCommandLineW
RtlMoveMemory
TerminateProcess
FreeEnvironmentStringsW
GetProcessHeaps
GetLogicalDriveStringsA
SetFilePointer
SetEvent
SetConsoleCP
GetModuleFileNameW
GetStartupInfoA
GetLocaleInfoW
OpenSemaphoreW
IsBadWritePtr
GetPrivateProfileSectionA
HeapReAlloc
GetStringTypeA
GetCPInfo
lstrcatA
TlsAlloc
SetLastError
GetProcAddress

gdi32

GetNearestPaletteIndex
GetCharWidth32A
GetTextAlign
CreateSolidBrush
IntersectClipRect
GetColorAdjustment
EndDoc
RectVisible
GetTextMetricsA

comctl32

ImageList_DrawEx
ImageList_Create
ImageList_Write
InitMUILanguage
ImageList_SetIconSize
GetEffectiveClientRect
ImageList_DragShowNolock
ImageList_BeginDrag
DrawStatusTextW
ImageList_Draw
ImageList_GetIcon
DrawStatusText
ImageList_SetImageCount
ImageList_Add
InitCommonControlsEx
ImageList_Duplicate
ImageList_EndDrag
ImageList_LoadImageW
ImageList_AddIcon
ImageList_Destroy
CreatePropertySheetPageA
ImageList_GetIconSize
ImageList_GetDragImage

wininet

DeleteUrlCacheContainerA
HttpQueryInfoW
FtpRenameFileW
GetUrlCacheHeaderData
InternetConnectW

user32

SetForegroundWindow
EnumDisplayDevicesA
MapWindowPoints
ShowWindow
ScreenToClient
GetWindowRgn
SetMessageQueue
MonitorFromPoint
EditWndProc
DdeUnaccessData
CharNextA
RegisterClassW
DestroyWindow
ShowWindowAsync
SetScrollPos
BroadcastSystemMessageA
LoadIconW
IsWindow
ReleaseCapture
PostMessageW
GetAsyncKeyState
GetUpdateRect
SetPropA
DispatchMessageW
GetPriorityClipboardFormat
ClipCursor
LookupIconIdFromDirectoryEx
GetSysColor
GetClassNameA
ToAscii
CallWindowProcA
DragObject
CreateDialogParamA
CreateWindowExW
GetWindowWord
GetFocus
GrayStringW
CallMsgFilterW
OpenWindowStationW
GetTabbedTextExtentW
MessageBoxA
ExitWindowsEx
MoveWindow
GetCaretBlinkTime
RegisterClassExA
InvalidateRgn
DrawFocusRect
DrawIcon
DispatchMessageA
UnloadKeyboardLayout
DefMDIChildProcW
GetUpdateRgn
GetWindowPlacement
DdeAccessData
RegisterDeviceNotificationA
DrawStateA
DefWindowProcA
DdeConnectList
IsCharUpperW
LoadMenuIndirectA
GetNextDlgGroupItem
SetThreadDesktop
DrawFrame
OpenWindowStationA
GetWindowModuleFileNameA
CreateDialogIndirectParamA
DdeQueryNextServer
InSendMessage
GetPropW
DlgDirSelectComboBoxExA
RegisterClassA
VkKeyScanA

advapi32

StartServiceW
CryptEnumProviderTypesW
CryptImportKey
CryptEnumProvidersA
StartServiceA
RegEnumKeyExW
LookupPrivilegeNameA
RegFlushKey
RegDeleteKeyW
CryptSetKeyParam
CryptContextAddRef
CryptVerifySignatureA
CryptSetProviderExA
RegQueryValueExA
RegOpenKeyW
RegLoadKeyW
CryptGetDefaultProviderA
InitiateSystemShutdownW
LookupAccountNameA
ReportEventW
RegConnectRegistryA
RegEnumKeyA

Sections

.text
Size: 196KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aeda8924e489430e364f2f8e48c18ebc

Headers

File Characteristics

Imports

kernel32

gdi32

comctl32

wininet

user32

advapi32

Sections

.text Size: 196KB - Virtual size: 193KB

.rdata Size: 76KB - Virtual size: 72KB

.data Size: 92KB - Virtual size: 102KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 196KB - Virtual size: 193KB

.rdata
Size: 76KB - Virtual size: 72KB

.data
Size: 92KB - Virtual size: 102KB

.rsrc
Size: 48KB - Virtual size: 47KB