520da94f17c526b8d4490e0b5b0cb6bc

Sharing

Copy URL Twitter E-mail

General

Target

520da94f17c526b8d4490e0b5b0cb6bc
Size

472KB
MD5

520da94f17c526b8d4490e0b5b0cb6bc
SHA1

66838dc4417d4485165ca3bc93b441d51115835c
SHA256

cb8bb17c4658aafdf20f9b7e35930fe1e20ce7bf39dee375e91cf75f4615085d
SHA512

1d0259e7e3737532975ccfeaf3fabb711762f3add62de33c9e700b77bd3f71c83240bc7344ec7ec94053ddf09ce7933f7125b3e465b471e9ef4c3f0a43d81949
SSDEEP

6144:50hPob22p+B9jM9GCRVRKSkaAlGbvgvZRuCGSl13/BnxZZrWL6t/f/S0NbHfo28:5oPg220HwZLkamGsb5G03/BxZtHlgL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
520da94f17c526b8d4490e0b5b0cb6bc

Files

520da94f17c526b8d4490e0b5b0cb6bc
.exe windows:4 windows x86 arch:x86

56e10a2004738c0bc390f0239cdaaa57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
CreateThread
ExitThread
GetConsoleWindow
CopyFileW
LoadLibraryW
FreeLibrary
DeleteCriticalSection
DeleteFileW
FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
GetLastError
lstrcmpiW
SetLastError
SizeofResource
LoadResource
FindResourceW
CreateProcessW
FindFirstFileW
FindClose
OutputDebugStringW
DebugBreak
lstrlenA
InterlockedIncrement
InterlockedDecrement
lstrlenW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
Sleep
DeleteFileA
SetEndOfFile
GetProcAddress
CreatePipe
CreateProcessA
CreateDirectoryW
SetHandleInformation
GetLocalTime
GetEnvironmentVariableA
GetOverlappedResult
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetThreadTimes
GetSystemTimeAdjustment
GetVersionExA
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
WideCharToMultiByte
CreateFileW
CloseHandle
GetFileSize
ReadFile
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
GetStartupInfoW
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThread
GetCPInfo
GetOEMCP
IsValidCodePage
HeapDestroy
HeapCreate
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetFilePointer
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
LockResource
GetTempPathW
FindResourceA
GetVersionExW
GlobalAlloc
GlobalFree
LocalFree
LocalAlloc
GetSystemTime
OpenProcess
CreateEventW
WaitForSingleObject
SetEvent
CreateMutexW
GetTempFileNameW
ReleaseMutex
lstrcpyW
FindNextFileA
CreateEventA
FindFirstFileA
SetConsoleMode
GlobalMemoryStatus
GetWindowsDirectoryA
GetProcessTimes
MultiByteToWideChar

user32

SendMessageA
FindWindowA
wsprintfW
GetWindowLongW
SetWindowTextW
GetWindowTextW
SetWindowPos
InvalidateRect
ShowWindow
EnableWindow
GetQueueStatus
GetCapture
GetClipboardOwner
FindWindowW
GetActiveWindow
DialogBoxParamW
GetCursorPos
ClientToScreen
IsMenu
GetSubMenu
SetMenuDefaultItem
TrackPopupMenu
RegisterClassExW
LoadCursorW
GetClassInfoExW
KillTimer
SetTimer
IsWindow
DefWindowProcW
DestroyMenu
DestroyWindow
SetWindowLongW
EndPaint
BeginPaint
GetDC
GetForegroundWindow
MessageBoxW
EndDialog
DrawTextW
GetSystemMetrics
LoadImageW
DestroyIcon
GetParent
GetWindow
GetWindowRect
GetDlgItem
MapWindowPoints
CopyImage
UnregisterClassA
PostMessageW
SendMessageW
CallWindowProcW
CharNextW
wvsprintfW
LoadStringW
CreateWindowExW
GetClientRect
SystemParametersInfoW

gdi32

BitBlt
StretchBlt
DPtoLP
SelectObject
SetBkColor
GetObjectW
CreateCompatibleBitmap
DeleteDC
GetDIBits
SetTextColor
SetBkMode
DeleteObject
CreateBitmap
SetMapMode
CreateCompatibleDC
GetMapMode

advapi32

RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextW
GetTokenInformation
OpenProcessToken
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetUserNameW
RegSetValueExA
RegQueryValueExA
RegQueryValueExW
CryptEncrypt
CryptDestroyKey
CryptGetKeyParam
CryptDecrypt
CryptReleaseContext
CryptDeriveKey
RegCreateKeyA
RegOpenKeyA

shell32

Shell_NotifyIconW
SHGetFolderPathW

ole32

CoInitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CoUninitialize
OleRun
CreateStreamOnHGlobal

oleaut32

VariantClear
GetErrorInfo
SysFreeString
OleLoadPicture
VarUI4FromStr
SysAllocString

comctl32

InitCommonControlsEx

wininet

InternetCloseHandle
HttpSendRequestW
InternetConnectW
InternetQueryDataAvailable
InternetOpenW
HttpQueryInfoW
HttpOpenRequestW
InternetReadFile
DeleteUrlCacheEntryW

netapi32

NetLocalGroupGetMembers
NetApiBufferFree

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

shlwapi

PathSearchAndQualifyW

psapi

EnumProcessModules
GetModuleFileNameExW
EnumProcesses

urlmon

URLDownloadToFileW

Sections

.text
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56e10a2004738c0bc390f0239cdaaa57

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

wininet

netapi32

version

shlwapi

psapi

urlmon

Sections

.text Size: 332KB - Virtual size: 331KB

.rdata Size: 100KB - Virtual size: 98KB

.data Size: 12KB - Virtual size: 30KB

.rsrc Size: 24KB - Virtual size: 21KB

.text
Size: 332KB - Virtual size: 331KB

.rdata
Size: 100KB - Virtual size: 98KB

.data
Size: 12KB - Virtual size: 30KB

.rsrc
Size: 24KB - Virtual size: 21KB