5346b765b87882b68bbb337ab561690a

Sharing

Copy URL Twitter E-mail

General

Target

5346b765b87882b68bbb337ab561690a
Size

451KB
MD5

5346b765b87882b68bbb337ab561690a
SHA1

c38c4feb863f56c8d98138b7615e852a49daf6b5
SHA256

04e49de3eca66617ff8c00d9df78b8370be2078dcf37f095dfece3056ce42c2d
SHA512

9ed1bce3b06e7ebcd6545da05dfa219d0b2fef3fbd4af0c4e7b026e503440e1049c64f6bd3a831a5339f3f8d64b3aaa5eed986407fd274df923313d63e1a7678
SSDEEP

12288:m5NcVcZStPh3inSn/PinUzNcxRKH4n3bGDJ0rqj1:oqVcZQn//cjKHAI31

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5346b765b87882b68bbb337ab561690a

Files

5346b765b87882b68bbb337ab561690a
.exe windows:4 windows x86 arch:x86

5791f6738836e8a146623cb3dbc7d257

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

CommitUrlCacheEntryA
FtpGetFileEx
InternetGoOnline
SetUrlCacheEntryInfoW
CreateUrlCacheEntryW
FtpGetFileSize
GetUrlCacheConfigInfoW
InternetDialA
ShowCertificate
InternetGetConnectedStateExW
UnlockUrlCacheEntryStream
InternetTimeFromSystemTimeW
ShowX509EncodedCertificate
InternetDial
FtpCommandW
FtpOpenFileA
InternetConnectA
HttpEndRequestW
FindNextUrlCacheEntryExA

comdlg32

GetSaveFileNameA
PageSetupDlgA
PageSetupDlgW
ReplaceTextW
GetSaveFileNameW
ChooseColorA
FindTextW
LoadAlterBitmap
ChooseFontA
GetOpenFileNameW
ReplaceTextA
ChooseColorW
ChooseFontW
GetFileTitleA
GetOpenFileNameA
PrintDlgA
FindTextA

advapi32

ReportEventW
RegEnumKeyA
CryptGetKeyParam
RegQueryValueExA
CryptContextAddRef
CryptSetProviderExA
CryptExportKey
RegDeleteValueA
ReportEventA
CryptGetUserKey
DuplicateToken
RegQueryMultipleValuesW
RegQueryMultipleValuesA
RegLoadKeyA
RegSaveKeyW
CryptSignHashW
InitiateSystemShutdownW
RegQueryInfoKeyA
LogonUserA

shell32

DragQueryPoint
DragFinish
SHGetSpecialFolderPathW
SHFreeNameMappings
SHBrowseForFolder
SHGetPathFromIDListA
SHInvokePrinterCommandA
SHGetNewLinkInfo
SHGetDataFromIDListA
ShellExecuteA
RealShellExecuteA
ShellExecuteExA
RealShellExecuteExW
ShellAboutW
SHFormatDrive
SHGetDesktopFolder
ExtractAssociatedIconExA

kernel32

VirtualFree
GetCurrentThread
HeapAlloc
CompareStringA
LeaveCriticalSection
DeleteCriticalSection
GetTickCount
FileTimeToLocalFileTime
HeapFree
GetLocaleInfoA
InterlockedDecrement
EnumSystemLocalesA
HeapDestroy
TlsSetValue
QueryPerformanceCounter
Sleep
SetConsoleCursorPosition
GetStringTypeA
FreeEnvironmentStringsA
GetLocaleInfoW
TlsAlloc
GetCurrentProcessId
RtlUnwind
GetCPInfo
GetStdHandle
InitializeCriticalSection
CompareStringW
IsDebuggerPresent
IsValidLocale
GetStringTypeW
TlsFree
ExitProcess
TerminateProcess
GetProcessHeap
VirtualQuery
GetModuleHandleA
GetStartupInfoA
HeapCreate
SetLastError
GetFileAttributesExW
SetUnhandledExceptionFilter
ResetEvent
WideCharToMultiByte
GetEnvironmentStrings
SetEnvironmentVariableA
InterlockedExchange
GetDateFormatA
MultiByteToWideChar
FreeLibrary
LCMapStringA
GetFileAttributesExA
GetTimeFormatA
GetTimeZoneInformation
GetProcAddress
GetFileType
VirtualAlloc
GetModuleFileNameA
WritePrivateProfileStringW
HeapSize
EnumCalendarInfoExW
DebugActiveProcess
GetOEMCP
FreeEnvironmentStringsW
HeapReAlloc
GetACP
GetVersionExA
WritePrivateProfileStructW
GetUserDefaultLCID
GetCurrentProcess
SetConsoleCtrlHandler
TlsGetValue
lstrcpyW
InterlockedIncrement
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
ReadConsoleOutputAttribute
GetLastError
GetSystemDirectoryW
LCMapStringW
GetCommandLineA
EnterCriticalSection
GetCurrentThreadId
SetHandleCount
LoadLibraryA
GetSystemTimeAsFileTime
IsValidCodePage

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5791f6738836e8a146623cb3dbc7d257

Headers

File Characteristics

Imports

wininet

comdlg32

advapi32

shell32

kernel32

Sections

.text Size: 160KB - Virtual size: 160KB

.data Size: 276KB - Virtual size: 281KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 160KB - Virtual size: 160KB

.data
Size: 276KB - Virtual size: 281KB

.rsrc
Size: 13KB - Virtual size: 12KB