49ea984c18a1a0675e45625e717d9a54

Sharing

Copy URL Twitter E-mail

General

Target

49ea984c18a1a0675e45625e717d9a54
Size

236KB
MD5

49ea984c18a1a0675e45625e717d9a54
SHA1

c71f3aeedce22e452420b66b924f7623b8a82651
SHA256

79f686c531106f439913e699a8707afd76b5e055726980b5161ff05f97ff3a96
SHA512

3cdc4a25e7abe003f4adcb6c51da2caf9ef189676f18c9f3616a59dcab730bd06f5abcbf678c817764509667d1439b10cf29c18a3580ca4baa9e547cae0365b8
SSDEEP

6144:yh1SGBYPTnG2xQxVC6d5pnla9cKwv0s5:I1SGCbBUdla9cKwX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49ea984c18a1a0675e45625e717d9a54

Files

49ea984c18a1a0675e45625e717d9a54
.exe windows:4 windows x86 arch:x86

2a966ff64db6397c1166d28c72416d97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetMapperFlags
StrokePath
GetMetaFileW
PolyPolyline
PlayMetaFile
PlayEnhMetaFileRecord
TranslateCharsetInfo
GetEnhMetaFileDescriptionW
SetStretchBltMode
GetBkMode
GetMetaRgn
GetTextColor
CreateEllipticRgn
SetBitmapDimensionEx
SetBkMode
RestoreDC
GetArcDirection
CreatePatternBrush
GetTextFaceA
GetWinMetaFileBits
PathToRegion
ExtTextOutW
AddFontResourceA
ExtTextOutA

advapi32

RegCreateKeyExW
DuplicateTokenEx
RegSetValueW
RegConnectRegistryW
CryptEnumProvidersW
RegLoadKeyW
CryptVerifySignatureA
CryptVerifySignatureW
RegQueryValueExA
AbortSystemShutdownW
CryptEnumProviderTypesW
RegOpenKeyExA
RegOpenKeyExW
CryptGetHashParam
CryptGetUserKey
RegReplaceKeyW
RegEnumKeyA
CryptDecrypt
CryptSetProvParam
CryptSetHashParam
CryptDuplicateKey
RegLoadKeyA
CryptGetDefaultProviderA

comdlg32

FindTextW
GetOpenFileNameW
ChooseColorW
PageSetupDlgA
PrintDlgA
FindTextA
GetSaveFileNameW
ReplaceTextW
ChooseFontA
PrintDlgW
GetFileTitleW
GetOpenFileNameA
PageSetupDlgW
ChooseFontW

wininet

GopherCreateLocatorA
FtpOpenFileW
IsUrlCacheEntryExpiredA
DeleteUrlCacheContainerW
LoadUrlCacheContent
InternetShowSecurityInfoByURLA
SetUrlCacheHeaderData
InternetGetConnectedStateEx
InternetReadFileExA
FindNextUrlCacheEntryA
UnlockUrlCacheEntryFile
DeleteUrlCacheEntryW
ReadUrlCacheEntryStream
InternetDialA
InternetFindNextFileW
FindFirstUrlCacheEntryA
FtpDeleteFileW
CreateUrlCacheEntryW
InternetCanonicalizeUrlW
RegisterUrlCacheNotification
InternetGetConnectedStateExA
InternetAutodialHangup

kernel32

WaitForDebugEvent
GetVersionExA
GetTickCount
GetStringTypeA
QueryPerformanceCounter
LeaveCriticalSection
GetACP
RtlUnwind
LockFile
HeapCreate
EnumSystemLocalesW
HeapSize
VirtualFree
ExitProcess
GetLastError
GetUserDefaultLCID
GetModuleFileNameA
UnhandledExceptionFilter
LCMapStringW
HeapReAlloc
EnumSystemLocalesA
GetEnvironmentStringsW
SetLastError
SetConsoleCtrlHandler
GetLocaleInfoA
LoadResource
VirtualProtect
CreateSemaphoreW
InitializeCriticalSection
GetModuleHandleA
LoadLibraryA
FreeEnvironmentStringsA
CompareStringA
TlsGetValue
WideCharToMultiByte
SetHandleCount
GetProfileStringA
InterlockedExchange
TlsFree
IsBadWritePtr
GetPrivateProfileIntA
GetDiskFreeSpaceA
SetWaitableTimer
LCMapStringA
GetCurrentThread
IsValidCodePage
FreeEnvironmentStringsW
GetCurrentProcess
SetEnvironmentVariableA
CreateWaitableTimerW
GetTimeZoneInformation
TlsAlloc
MultiByteToWideChar
HeapDestroy
DeleteCriticalSection
GetCurrentProcessId
HeapAlloc
SetTimeZoneInformation
FoldStringW
GetEnvironmentStrings
TlsSetValue
GetFileType
CompareStringW
GetCPInfo
GetStringTypeW
lstrcatW
GetSystemTimeAsFileTime
GetCurrentThreadId
VirtualAlloc
GetCompressedFileSizeW
GetCommandLineA
IsValidLocale
ConnectNamedPipe
GetLocaleInfoW
HeapFree
GetStdHandle
GetStartupInfoA
GetDateFormatA
VirtualQuery
TerminateProcess
GetSystemInfo
WriteFile
GetOEMCP
GetCurrencyFormatW
EnterCriticalSection
GetTimeFormatA
IsBadReadPtr
GetProcAddress
WriteConsoleInputW
RemoveDirectoryA

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a966ff64db6397c1166d28c72416d97

Headers

File Characteristics

Imports

gdi32

advapi32

comdlg32

wininet

kernel32

Sections

.text Size: 98KB - Virtual size: 97KB

.data Size: 134KB - Virtual size: 156KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 98KB - Virtual size: 97KB

.data
Size: 134KB - Virtual size: 156KB

.rsrc
Size: 3KB - Virtual size: 2KB