50be30dddd7ba462e68a5e60de1445c7

Sharing

Copy URL Twitter E-mail

General

Target

50be30dddd7ba462e68a5e60de1445c7
Size

414KB
MD5

50be30dddd7ba462e68a5e60de1445c7
SHA1

4c666076ccf20a50b5612402c29858638fd0431c
SHA256

e88c0dd5256f33d26e35b57a81843f091aa6ae2ad1770a4e8cd2a637920a5d00
SHA512

ad69c4d9a2ebc9d1a9982d56f4fd996876b7fc570ff9c9e3ed9a6aa4d9a9136b2c7d73d55c3051ed25d55273e1ea63387059af43ebdb6ecc9c1188f935f24790
SSDEEP

6144:nYWrB0nI7NH84V34PQTo9ieUUSdzhgQzhGJlOjefxj1ZZcuPlS+YFiGFer1Jp:nb0wc4JOQTaiSSDglbzZBzvlXKjeBJp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50be30dddd7ba462e68a5e60de1445c7

Files

50be30dddd7ba462e68a5e60de1445c7
.exe windows:4 windows x86 arch:x86

8b0e588bc86e9a294e3469e4048ab143

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowCaret
GetListBoxInfo
GetClassLongW
FreeDDElParam
AttachThreadInput
RegisterClassExW
GetFocus
GetDlgCtrlID
EndDeferWindowPos
DialogBoxParamA
MessageBoxW
TrackMouseEvent
FrameRect
SetDlgItemInt

comdlg32

LoadAlterBitmap
ChooseColorA
ReplaceTextW
ReplaceTextA
ChooseColorW
PrintDlgA
GetOpenFileNameW
ChooseFontA
PageSetupDlgW

advapi32

RegOpenKeyExA
InitiateSystemShutdownW
CryptEncrypt
RegRestoreKeyW
GetUserNameW
CryptDuplicateHash
StartServiceW
CryptSetProviderW
RegQueryValueA
RegConnectRegistryA
CryptSetProviderExW
CryptGetProvParam
CryptEnumProvidersA

wininet

InternetDialA
InternetSetDialState
InternetTimeFromSystemTime
HttpSendRequestExA
UpdateUrlCacheContentPath
FreeUrlCacheSpaceW
CreateUrlCacheContainerA
InternetLockRequestFile
InternetReadFileExW
RetrieveUrlCacheEntryStreamA
CreateUrlCacheGroup
InternetReadFileExA
InternetSecurityProtocolToStringA

kernel32

GetSystemTime
GetCommandLineA
WideCharToMultiByte
EnterCriticalSection
InterlockedExchange
UnhandledExceptionFilter
GetPriorityClass
GetCurrentProcess
HeapDestroy
LoadLibraryA
WriteFile
GetProcAddress
InitializeCriticalSection
GetPrivateProfileStringW
GetStringTypeA
GetStringTypeExA
GetACP
IsValidLocale
GetLocaleInfoW
TlsGetValue
GetLocaleInfoA
LCMapStringW
GetLastError
FreeEnvironmentStringsA
GetModuleFileNameA
LeaveCriticalSection
GetStringTypeW
GetFileType
WaitForSingleObject
GetSystemInfo
LocalCompact
MultiByteToWideChar
TryEnterCriticalSection
CompareStringA
HeapSize
GetNumberFormatW
HeapReAlloc
VirtualQuery
ResetEvent
SetConsoleMode
IsBadWritePtr
EnumCalendarInfoExW
TerminateProcess
GetModuleFileNameW
GetEnvironmentStrings
HeapAlloc
FlushInstructionCache
DeleteCriticalSection
FreeEnvironmentStringsW
GetNamedPipeHandleStateW
GetCommandLineW
GetOEMCP
SetHandleCount
GetTimeFormatA
GetCPInfo
WriteProfileSectionA
QueryPerformanceCounter
GetStdHandle
GetCurrentThread
GetStartupInfoA
GetEnvironmentStringsW
CompareStringW
GetCurrentThreadId
TlsSetValue
GetSystemTimeAsFileTime
HeapCreate
IsValidCodePage
TlsFree
GetUserDefaultLCID
TlsAlloc
EnumSystemLocalesA
SetLastError
GetTickCount
VirtualFree
VirtualAlloc
GetFileSize
VirtualProtect
GetDateFormatA
GetCurrentProcessId
GetStartupInfoW
LCMapStringA
ExitProcess
SetEnvironmentVariableA
GetModuleHandleA
GetVersionExA
HeapFree
RtlUnwind
GetTimeZoneInformation

gdi32

GetDCOrgEx
ExtCreateRegion

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b0e588bc86e9a294e3469e4048ab143

Headers

File Characteristics

Imports

user32

comdlg32

advapi32

wininet

kernel32

gdi32

Sections

.text Size: 136KB - Virtual size: 136KB

.data Size: 272KB - Virtual size: 271KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 136KB - Virtual size: 136KB

.data
Size: 272KB - Virtual size: 271KB

.rsrc
Size: 5KB - Virtual size: 4KB