506a8594fbf84e58aca3f77ed63ae0f0

Sharing

Copy URL

Twitter E-mail

General

Target

506a8594fbf84e58aca3f77ed63ae0f0
Size

680KB
MD5

506a8594fbf84e58aca3f77ed63ae0f0
SHA1

197131d4199aba92ce15812e4e47e3e81b33b967
SHA256

5ee16b2df0de1648f4df25e81662bb631517e0664a4f60e83c3b986f2845d0e4
SHA512

84170db54fab538e447261602481a891473322fc9ecebaeafbb59d748b7650c4f51d4894625657b1912b14065ded7defd6b913bd3bc88076a6cbb1df28d269ab
SSDEEP

12288:phzUi6y9SCaSpRINi2luujRBrRObIwOTBwzOHWAqjsI6wiynzsI9GwWJb9T4p0nW:pi0l9B2lxNBmIwInfI6wiyzsH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
506a8594fbf84e58aca3f77ed63ae0f0

Files

506a8594fbf84e58aca3f77ed63ae0f0
.exe windows:4 windows x86 arch:x86

b9a843160afe7b45c3c84bc81b82e8bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

DrawStatusTextA
ImageList_AddMasked
ImageList_DragLeave
InitMUILanguage
ImageList_DragShowNolock
MakeDragList
InitCommonControlsEx
ImageList_GetIcon

user32

CreateWindowExW
SetWindowLongA
RegisterClassA
LoadAcceleratorsA
IsWindowUnicode
LoadCursorW
MapVirtualKeyA
DefWindowProcW
ClientToScreen
CreateWindowExA
UnregisterClassW
GetGUIThreadInfo
EnumDisplaySettingsExW
FindWindowW
GetWindowDC
ReleaseDC
CreateDialogIndirectParamW
GetMessageW
CloseDesktop
GetScrollPos
MonitorFromRect
RegisterClassExA
EndTask
GetCursorInfo
CopyAcceleratorTableW
MapVirtualKeyExA
GetClipCursor
GetTopWindow
InsertMenuItemA
MessageBoxW
EnumWindowStationsA
DestroyWindow
ShowWindow

advapi32

CryptReleaseContext
CryptGetProvParam
RegEnumKeyA
RegSaveKeyA
LogonUserA
CryptSignHashA
CryptSetProviderW
StartServiceW
CryptDeriveKey
CryptContextAddRef
DuplicateToken
RegQueryValueExA
RegCloseKey
RegOpenKeyA

kernel32

SetEnvironmentVariableA
CreateFileA
WriteConsoleW
IsValidCodePage
EnumSystemLocalesW
GetLocaleInfoW
InterlockedDecrement
ExitProcess
HeapSize
GetVersionExA
GetACP
InterlockedIncrement
CompareStringW
CloseHandle
GetLocaleInfoA
EnterCriticalSection
GetTimeZoneInformation
lstrcmp
GetThreadContext
GetLastError
VirtualFree
CreateDirectoryExW
GetModuleFileNameW
GetCommandLineW
HeapDestroy
EnumResourceTypesW
SetHandleCount
RtlUnwind
GetTickCount
GetCurrentThreadId
LoadLibraryA
lstrcmpA
FreeEnvironmentStringsA
SetFilePointer
GetStdHandle
OpenMutexA
SetStdHandle
GetExitCodeThread
GetStartupInfoW
TlsGetValue
VirtualAlloc
SetUnhandledExceptionFilter
GetStringTypeA
GetConsoleOutputCP
WideCharToMultiByte
SetLastError
GetOEMCP
ReadFile
FlushFileBuffers
IsValidLocale
GetCPInfo
TlsSetValue
WriteFile
GetConsoleCP
GlobalFree
HeapReAlloc
MultiByteToWideChar
GetProcessHeap
GetCurrentProcessId
GetDateFormatA
GetEnvironmentStrings
GetStartupInfoA
GetSystemDefaultLCID
HeapFree
FreeLibrary
LeaveCriticalSection
GetModuleFileNameA
IsDebuggerPresent
TerminateProcess
GetCommandLineA
TlsFree
GetFileType
FreeEnvironmentStringsW
CompareStringA
LCMapStringW
WriteConsoleA
LCMapStringA
QueryPerformanceCounter
UnhandledExceptionFilter
Sleep
InterlockedExchange
VirtualQuery
WriteConsoleInputW
GetEnvironmentStringsW
GetCurrentProcess
GetPrivateProfileIntA
GetModuleHandleA
GetSystemTimeAsFileTime
EnumResourceTypesA
CreateMutexA
GetCurrentThread
HeapCreate
GetTimeFormatA
EnumSystemLocalesA
lstrcpy
TlsAlloc
InitializeCriticalSection
GetShortPathNameW
SetConsoleCtrlHandler
GetConsoleMode
HeapAlloc
GetProcAddress
GetStringTypeW
DeleteCriticalSection
GetUserDefaultLCID

shell32

ShellExecuteEx
RealShellExecuteA

Sections

.text
Size: 220KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9a843160afe7b45c3c84bc81b82e8bc

Headers

File Characteristics

Imports

comctl32

user32

advapi32

kernel32

shell32

Sections

.text Size: 220KB - Virtual size: 217KB

.rdata Size: 256KB - Virtual size: 254KB

.data Size: 116KB - Virtual size: 125KB

.rsrc Size: 84KB - Virtual size: 81KB

.text
Size: 220KB - Virtual size: 217KB

.rdata
Size: 256KB - Virtual size: 254KB

.data
Size: 116KB - Virtual size: 125KB

.rsrc
Size: 84KB - Virtual size: 81KB