51268b890d4e35437667ae6186640158

Sharing

Copy URL Twitter E-mail

General

Target

51268b890d4e35437667ae6186640158
Size

248KB
MD5

51268b890d4e35437667ae6186640158
SHA1

fbe0c05687392003c3fec5eb074e4a7e682d871c
SHA256

e734b35f4dab68e9242eac44249ed9c39ce581b8a83492f085591c04705c68df
SHA512

0c8fa3bfac1d6776524f9bb7928415517a8e8d397ee4ef05c20963eaf023f9f0530d191625506814cc94082a3813c2ff9d42ff65fe866233399450bc5a67375c
SSDEEP

6144:pTi7BucU6Adaf0lBetvSi7QBdRu2tuGCcY/CNQqH:pTfl6AdAtzQZpu9y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51268b890d4e35437667ae6186640158

Files

51268b890d4e35437667ae6186640158
.exe windows:4 windows x86 arch:x86

24af167c45c4c8fcf9c03f07e4a1cf7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
FlushFileBuffers
CloseHandle
CreateFileA
GetExitCodeProcess
SetConsoleCtrlHandler
CreateProcessA
GetSystemPowerStatus
OpenProcess
TerminateProcess
OutputDebugStringA
SetCurrentDirectoryA
GetVersionExA
WriteFile
ExpandEnvironmentStringsA
FindClose
HeapReAlloc
GetLastError
PeekNamedPipe
GetFileInformationByHandle
CreateDirectoryA
GetConsoleMode
SetConsoleMode
GlobalMemoryStatus
HeapAlloc
ReadConsoleInputA
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
SetStdHandle
RaiseException
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcessId
ReleaseSemaphore
OpenSemaphoreA
GetCurrentThreadId
GetCurrentProcess
WaitForSingleObject
CreateSemaphoreA
Sleep
GetSystemTime
WaitForMultipleObjects
GetStartupInfoA
FindFirstFileA
HeapDestroy
HeapCreate
HeapFree
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
GetTimeZoneInformation
GetLocalTime
InterlockedDecrement
InterlockedIncrement
MoveFileA
ExitProcess
VirtualAlloc
GetCommandLineA
GetVersion
EnterCriticalSection
LeaveCriticalSection
CreateThread
TlsSetValue
ExitThread
DeleteFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetLastError
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
GetFileType
GetProcAddress
GetModuleHandleA
TlsAlloc
GetStdHandle
WideCharToMultiByte
TlsGetValue
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
ReadFile
SetHandleCount

user32

MessageBoxA

advapi32

RegCloseKey
RegOpenKeyA
RegSetValueExA
OpenSCManagerA
OpenServiceA
RegQueryValueExA
CreateServiceA
CloseServiceHandle
DeleteService
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
SetServiceStatus
RegCreateKeyExA

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA

rpcrt4

UuidCreate

wsock32

closesocket
select
recv
send
socket
setsockopt
bind
connect
getsockname
ntohl
ntohs
gethostbyname
ioctlsocket
WSAStartup
htons
htonl

Sections

.text
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24af167c45c4c8fcf9c03f07e4a1cf7b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

rpcrt4

wsock32

Sections

.text Size: 172KB - Virtual size: 168KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 36KB - Virtual size: 49KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 172KB - Virtual size: 168KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 36KB - Virtual size: 49KB

.rsrc
Size: 28KB - Virtual size: 27KB