54a07aa18a98d7ee3ea43c3115cfc956

Sharing

Copy URL

Twitter E-mail

General

Target

54a07aa18a98d7ee3ea43c3115cfc956
Size

436KB
MD5

54a07aa18a98d7ee3ea43c3115cfc956
SHA1

d777bbe125e867039b735901ba33d9ba07ce31c3
SHA256

866de496c6d803261ceb228c55c795a5ddc0ecc40ac360f6664df0d5aa39bc74
SHA512

59f5241d6480ad6f4669b6392e8b653bc482ac2af420558c56cba2e7400e2ea1b911d75e843f962279ced5934c9fb99a2004f197d8fb561c8c11431d38e3bf52
SSDEEP

12288:WlwCaQ24UGiO8rzeK8JOwqSpD0a344c487KZ5hjqR65rhH:WlLkM86qSFD44R8eZfNl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54a07aa18a98d7ee3ea43c3115cfc956

Files

54a07aa18a98d7ee3ea43c3115cfc956
.exe windows:4 windows x86 arch:x86

d9a1aab20fabc0886ed8aef4e2837858

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetGetConnectedStateExA
IncrementUrlCacheHeaderData
HttpQueryInfoW
DeleteUrlCacheContainerW
InternetGetLastResponseInfoA
InternetSetOptionW
InternetGoOnlineW
InternetAlgIdToStringW

comdlg32

GetFileTitleA
PrintDlgA

gdi32

GetEnhMetaFileA
GetFontLanguageInfo
SelectPalette
EnumFontsW
LineTo
PathToRegion
GetTextExtentExPointW
EndPath
CreateDCW
GetKerningPairsA
SetViewportOrgEx
EnumEnhMetaFile
GetROP2
GdiPlayDCScript
GetRgnBox
GetColorAdjustment
CreateBitmap
GetLogColorSpaceW

kernel32

GetLocaleInfoW
GetTickCount
EnterCriticalSection
VirtualAlloc
GetEnvironmentStringsW
InterlockedExchange
GetDateFormatA
GetCurrentThread
ExitProcess
TlsFree
GetModuleFileNameW
SetEnvironmentVariableA
GlobalAddAtomA
GetSystemDirectoryW
HeapAlloc
FreeResource
InitializeCriticalSectionAndSpinCount
GetEnvironmentStringsA
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
InterlockedDecrement
GetCompressedFileSizeA
GetFileType
CreateNamedPipeW
RtlUnwind
FreeLibrary
InterlockedIncrement
GetCPInfo
LocalSize
GetStdHandle
VirtualFree
TlsGetValue
LeaveCriticalSection
UnhandledExceptionFilter
GetStringTypeA
TerminateProcess
GetUserDefaultLCID
WriteFile
Sleep
GetTimeFormatA
TlsSetValue
DeleteCriticalSection
WideCharToMultiByte
HeapDestroy
GetACP
GetCurrentProcess
GetCommandLineW
GetProcAddress
GetStringTypeW
TlsAlloc
VirtualQuery
GlobalSize
GetSystemTimeAsFileTime
FileTimeToSystemTime
GetOEMCP
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
TryEnterCriticalSection
GetCurrentThreadId
GetTimeZoneInformation
FindNextChangeNotification
LoadModule
LoadLibraryA
GetCurrentProcessId
FreeEnvironmentStringsW
CompareStringW
IsDebuggerPresent
HeapCreate
GetLocaleInfoA
GetComputerNameA
GetStartupInfoA
HeapReAlloc
GetModuleHandleA
SetConsoleCtrlHandler
SetLastError
LCMapStringW
HeapSize
CompareStringA
HeapFree
GetModuleHandleW
SetHandleCount
LCMapStringA
SetUnhandledExceptionFilter
GetExitCodeProcess
WriteFileEx
GetLastError
MultiByteToWideChar
GetTempPathW
ResumeThread

shell32

ExtractIconExW
SHGetSpecialFolderPathW

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9a1aab20fabc0886ed8aef4e2837858

Headers

File Characteristics

Imports

wininet

comdlg32

gdi32

kernel32

shell32

Sections

.text Size: 137KB - Virtual size: 136KB

.rdata Size: 9KB - Virtual size: 24KB

.data Size: 280KB - Virtual size: 280KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 137KB - Virtual size: 136KB

.rdata
Size: 9KB - Virtual size: 24KB

.data
Size: 280KB - Virtual size: 280KB

.rsrc
Size: 9KB - Virtual size: 8KB