502d1236f2450854eab60e19585907e7

Sharing

Copy URL Twitter E-mail

General

Target

502d1236f2450854eab60e19585907e7
Size

403KB
MD5

502d1236f2450854eab60e19585907e7
SHA1

5c462653a5663d08b34bde0629287f632330802c
SHA256

e07557db3af213aaa0f961ad4905c751103a2be9d33e2af312b4151795b881f6
SHA512

d9c12cd454e239611f47d271f39086709a257ec4366489bc0f76c6c82bbb77281cb18bdd77df7cd031a935991772cdd1e31f69fdb360e2d9dabdbd7c24b513af
SSDEEP

6144:7NB0zDFNm8mJFxvugQxARQ5Xnar7Swztcrfk2UXo9p/3y1nG7qouTBb7mvzWTv8N:Onm/uF5X8SwzCrfkbax4TlmKYr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
502d1236f2450854eab60e19585907e7

Files

502d1236f2450854eab60e19585907e7
.exe windows:4 windows x86 arch:x86

abc5e0f584a847e42d7be130b5afb267

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpCheckDavCompliance

comdlg32

PrintDlgW
PrintDlgA
PageSetupDlgW
ChooseColorA
ChooseFontW
GetSaveFileNameA
GetOpenFileNameW

gdi32

SetBitmapDimensionEx
CreatePolygonRgn
PolyTextOutA
StrokeAndFillPath
GetCharABCWidthsFloatA
GetColorAdjustment
SetICMProfileA
GetDeviceCaps
TextOutW
CreateEnhMetaFileA
CopyMetaFileW
CreateDIBSection
EnumFontFamiliesExW
GetLayout
CancelDC
GetTextMetricsA
GdiSetBatchLimit
GetLogColorSpaceW
SetTextColor
GetBitmapDimensionEx
CreateBrushIndirect
SetDIBColorTable
LPtoDP
UpdateICMRegKeyA

shell32

RealShellExecuteW
DragQueryFileW
ExtractAssociatedIconExA
SHGetPathFromIDListW
SHGetMalloc
SheGetDirA
DoEnvironmentSubstW
ExtractIconExA
RealShellExecuteA

kernel32

HeapAlloc
MapViewOfFileEx
SetConsoleTitleW
VirtualAlloc
MultiByteToWideChar
GetModuleFileNameW
GetModuleFileNameA
GetCurrentThread
SetLastError
WriteFile
LoadLibraryA
SetHandleCount
TerminateProcess
GetEnvironmentStringsW
HeapFree
GetLastError
RtlUnwind
GetCommandLineA
VirtualFree
HeapReAlloc
TlsSetValue
GetSystemTimeAsFileTime
GetModuleHandleA
IsBadWritePtr
TlsFree
FreeEnvironmentStringsA
ExitProcess
EnterCriticalSection
DuplicateHandle
DeleteCriticalSection
LeaveCriticalSection
GetCurrentProcessId
FlushConsoleInputBuffer
GetStartupInfoW
VirtualQuery
TlsGetValue
QueryPerformanceCounter
GetTickCount
GetCurrentProcess
GetCurrentThreadId
UnhandledExceptionFilter
GetFileType
InitializeCriticalSection
GetTempPathA
HeapDestroy
GetStdHandle
GetVersion
FreeEnvironmentStringsW
InterlockedExchange
TlsAlloc
HeapCreate
GetStartupInfoA
GetProcAddress
GetCommandLineW
GetEnvironmentStrings

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 271KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abc5e0f584a847e42d7be130b5afb267

Headers

File Characteristics

Imports

wininet

comdlg32

gdi32

shell32

kernel32

Sections

.text Size: 126KB - Virtual size: 126KB

.data Size: 271KB - Virtual size: 270KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 126KB - Virtual size: 126KB

.data
Size: 271KB - Virtual size: 270KB

.rsrc
Size: 5KB - Virtual size: 4KB