536cfa57654ca409ea53391b6f4d3361

Sharing

Copy URL Twitter E-mail

General

Target

536cfa57654ca409ea53391b6f4d3361
Size

116KB
MD5

536cfa57654ca409ea53391b6f4d3361
SHA1

bf43416366a8389192ffea8bc07f6e4cce22aeac
SHA256

60d730f6cb333b994bbe4dfe49201899d0107e01639cc05dcc5c9ab84c6723d9
SHA512

895d1ddc752e954a5b5ef091828dff1e6c1ebbcc19b0bdd160fbe47ced8bf412409bcfe5f79a49fa4f840a07699d2b16db2ec7a5544a2b8439844db756326760
SSDEEP

768:8JPo4jP60dO+hSaGAAsyRCzAZRO3lijIuAFrrsYOH/RQGxNqivRFL5OHP1KlqgTQ:8Jf+QnAlCEZRoiZuX4H/GAHYwlvTz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
536cfa57654ca409ea53391b6f4d3361

Files

536cfa57654ca409ea53391b6f4d3361
.exe windows:4 windows x86 arch:x86

33c3c2bd8bfcca26f14351e147d60ab4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
Process32Next
Process32First
CreateToolhelp32Snapshot
CopyFileA
GetSystemDirectoryA
GetLastError
CreateMutexA
lstrlenA
SetEnvironmentVariableA
CompareStringW
CompareStringA
ExitProcess
SetEndOfFile
GetSystemInfo
VirtualProtect
GetLocaleInfoA
CreateFileA
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
SetFilePointer
GetTimeZoneInformation
IsBadWritePtr
VirtualAlloc
VirtualQuery
InterlockedExchange
GetStringTypeW
GetVersionExA
CloseHandle
LoadLibraryA
ReadFile
GetProcAddress
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
RtlUnwind
RaiseException
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
GetACP
GetOEMCP
GetCPInfo
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
SetUnhandledExceptionFilter
HeapReAlloc
HeapSize
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetFileAttributesA

user32

CreateWindowExA
KillTimer
DestroyWindow
DefWindowProcA
PostQuitMessage
EndDialog
DialogBoxParamA
CharLowerA
LoadStringA
LoadAcceleratorsA
SetTimer
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
LoadIconA
LoadCursorA
RegisterClassExA
BeginPaint
EndPaint

advapi32

RegOpenKeyA
RegSetValueExA

shell32

ShellExecuteA

wininet

InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetGetConnectedState

winmm

timeGetTime

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33c3c2bd8bfcca26f14351e147d60ab4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wininet

winmm

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 48KB - Virtual size: 47KB