500868ffa67f90c821b29c850ae27c03

Sharing

Copy URL Twitter E-mail

General

Target

500868ffa67f90c821b29c850ae27c03
Size

392KB
MD5

500868ffa67f90c821b29c850ae27c03
SHA1

3ac5c27e39acf34de1ce2559030d663f80ebb8f8
SHA256

8b4b966842b13cff4ce74e25e6629c1856cc8ac2d739d3dd650fdcc6d3bfd6f9
SHA512

1e6af7973c0cbf23fa9a9a2ff72349d28f9dfb9e324e0c50094e1af96248a57fac4b9389f8ebf78a4b94b436dd6ae2c56898cb7876c1df413b7f43ab2e102af5
SSDEEP

6144:y+i7rJWGOfU3YEYtNFm0lEaaykhLpc+qUj5Jr4zemNzp6tXa+f5iub:y+i7rsfU3YEYI0lE7+U3rYVw135iI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
500868ffa67f90c821b29c850ae27c03

Files

500868ffa67f90c821b29c850ae27c03
.exe windows:4 windows x86 arch:x86

b041765589372730123c9872509f63c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx
ImageList_GetImageRect
ImageList_Destroy
CreateStatusWindowA
ImageList_Merge

user32

CreateCursor
DrawIcon
GetTabbedTextExtentW
KillTimer
GetMessageA
TranslateMessage
DdeAccessData
ShowOwnedPopups
CheckRadioButton
ActivateKeyboardLayout
LoadMenuIndirectA
SystemParametersInfoA
PostMessageA
GetWindowDC
LoadStringW
UnregisterClassW
GetCapture
MessageBeep
SetPropA
SetFocus
RegisterClassA
DdeImpersonateClient
IsClipboardFormatAvailable
GetSysColorBrush
GetMessageTime
ScrollWindowEx
FindWindowW
DdeClientTransaction
DlgDirSelectExA
SetShellWindow
EnumDisplayDevicesA
RegisterClassExA
IsZoomed
RegisterClipboardFormatW
MessageBoxA
ScreenToClient
LookupIconIdFromDirectoryEx
GetClipboardFormatNameW
DdeAbandonTransaction
PackDDElParam
GetProcessWindowStation
LoadImageW

advapi32

CryptHashData
LookupPrivilegeNameW
RegCreateKeyA
CryptGenRandom
CryptGetProvParam
CryptDuplicateHash
CryptSignHashA
CryptCreateHash
CryptEncrypt
CryptVerifySignatureA
RegSaveKeyW
AbortSystemShutdownA
RegOpenKeyExW
CryptSetProvParam
RegQueryInfoKeyA

gdi32

GetObjectW
CopyEnhMetaFileW
StrokeAndFillPath
CreateICA
GetTextExtentPointW
SetTextColor
CreateDiscardableBitmap
StartDocW
CancelDC
CheckColorsInGamut
GetDeviceCaps
ScaleWindowExtEx
DeleteDC
GetEnhMetaFilePaletteEntries
CreateDIBPatternBrush
SetMetaRgn
RectVisible
SetWindowOrgEx
CreateDCW
PolyBezierTo
CreateFontIndirectW
SetPixelV

kernel32

EnumSystemLocalesA
WriteFile
GetLastError
GetStringTypeA
GlobalFlags
RemoveDirectoryW
GetLocaleInfoW
GetEnvironmentStringsW
GetModuleHandleA
GetModuleFileNameA
GetCPInfo
VirtualFree
IsValidLocale
SetStdHandle
SetHandleCount
ReadFile
WideCharToMultiByte
SetFilePointer
DeleteCriticalSection
GetProfileIntA
GetModuleFileNameW
GetCommandLineA
InterlockedExchange
LoadLibraryA
LCMapStringW
GetTickCount
IsBadWritePtr
SetLastError
TlsSetValue
FreeEnvironmentStringsA
GetTimeZoneInformation
SetEnvironmentVariableA
TerminateProcess
SetVolumeLabelA
LocalUnlock
GetVersionExA
GetLocaleInfoA
GetTimeFormatA
GetDateFormatA
CreateMutexA
GetSystemInfo
HeapAlloc
OpenMutexA
GetUserDefaultLCID
TlsFree
HeapReAlloc
GetLogicalDriveStringsA
IsValidCodePage
GetOEMCP
HeapCreate
CloseHandle
GetSystemTimeAsFileTime
GetStartupInfoA
GetFileType
GetEnvironmentStrings
GetCommandLineW
GetCurrentProcessId
TlsGetValue
CompareStringW
GetStringTypeW
HeapDestroy
CompareStringA
LCMapStringA
ReadConsoleInputW
VirtualProtect
EnterCriticalSection
GetStartupInfoW
QueryPerformanceCounter
InitializeCriticalSection
UnhandledExceptionFilter
GetProcAddress
HeapSize
GetCurrentThreadId
GetStdHandle
FindResourceA
FlushFileBuffers
MultiByteToWideChar
GetCurrentThread
GetACP
SetComputerNameW
LeaveCriticalSection
TlsAlloc
VirtualQuery
VirtualAlloc
FreeEnvironmentStringsW
ExitProcess
GetCurrentProcess
RtlUnwind
HeapFree

comdlg32

LoadAlterBitmap
GetFileTitleW
PrintDlgW

wininet

InternetGoOnline
InternetConnectW
FtpGetCurrentDirectoryW
FtpOpenFileA
ReadUrlCacheEntryStream
CreateUrlCacheEntryW
SetUrlCacheEntryInfoW

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b041765589372730123c9872509f63c1

Headers

File Characteristics

Imports

comctl32

user32

advapi32

gdi32

kernel32

comdlg32

wininet

Sections

.text Size: 144KB - Virtual size: 143KB

.rdata Size: 132KB - Virtual size: 129KB

.data Size: 100KB - Virtual size: 107KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 144KB - Virtual size: 143KB

.rdata
Size: 132KB - Virtual size: 129KB

.data
Size: 100KB - Virtual size: 107KB

.rsrc
Size: 12KB - Virtual size: 10KB