5577c5e20130d2e815ce8df6f7380e21

Sharing

Copy URL Twitter E-mail

General

Target

5577c5e20130d2e815ce8df6f7380e21
Size

382KB
MD5

5577c5e20130d2e815ce8df6f7380e21
SHA1

4447a9adc23594fcb3d15efaff4104044cb09e26
SHA256

3f39eef1019535f86194a854946705660d41f215639711d4922a9434c58e033c
SHA512

39eeac7f63289dd348fc81c0300d0965abd528056c19d2c80f109aad70b0e927257d193715bc9f9783bd5d4d4443118fea5119edd018dd0afa548511345dc9d9
SSDEEP

6144:mA0XllHRUik070+L7aEgill8aAcMgtbDBccPUlIuLgwUS0bawvayb2hDutVFu:ml0+L7lvnMglD2t+uivLahDutVF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5577c5e20130d2e815ce8df6f7380e21

Files

5577c5e20130d2e815ce8df6f7380e21
.exe windows:4 windows x86 arch:x86

bd1d3bc5e950726b8bb3bca410ba8aa1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpAddRequestHeadersA
RetrieveUrlCacheEntryFileW
GopherCreateLocatorW
InternetAlgIdToStringW
FtpCommandW
InternetCanonicalizeUrlW
InternetTimeFromSystemTimeA
HttpSendRequestA
InternetGetCookieW
SetUrlCacheHeaderData
FindFirstUrlCacheGroup
InternetGetLastResponseInfoW
FtpDeleteFileA
RetrieveUrlCacheEntryFileA
RunOnceUrlCache
CommitUrlCacheEntryW
GopherOpenFileA
ShowCertificate

gdi32

CreateEnhMetaFileA
EndPage
RectVisible
ModifyWorldTransform
GetGraphicsMode
GetGlyphOutlineA
GetSystemPaletteEntries
GetArcDirection
SetMiterLimit
GetTextCharsetInfo
TextOutA
AnimatePalette
ExtTextOutA
PlayMetaFile
CreateICA
CloseEnhMetaFile
GetSystemPaletteUse
GdiPlayScript
PolyBezier
GetWindowExtEx
GetTextCharset
GetCharWidthW

user32

RegisterClipboardFormatA
CreateMDIWindowW
GetKeyboardType
SetKeyboardState
IsCharAlphaA
SetScrollPos
MapVirtualKeyExA
UnloadKeyboardLayout
IsDialogMessageW
DlgDirSelectExW
OpenWindowStationW
EndTask
GetMenuBarInfo
GetIconInfo
AdjustWindowRect
CreateAcceleratorTableA
GetClassWord
CallWindowProcW
DrawStateW
ChangeDisplaySettingsA
GetWindowDC
SendMessageTimeoutA
GetUserObjectSecurity
DlgDirListComboBoxA

comdlg32

GetSaveFileNameA

kernel32

GetModuleHandleA
GetCurrentThreadId
VirtualAlloc
GetModuleFileNameA
TerminateProcess
VirtualQuery
HeapFree
ExitProcess
GlobalLock
InterlockedExchange
RtlUnwind
GetCurrentProcessId
GetCurrentProcess
QueryPerformanceCounter
HeapAlloc
HeapReAlloc
GetTickCount
GetProcAddress
LoadLibraryA
GetSystemTimeAsFileTime

advapi32

RegRestoreKeyW
RegLoadKeyA
GetUserNameW
RegRestoreKeyA
RegOpenKeyExA
CryptVerifySignatureA
CryptExportKey
CryptDuplicateHash
RegCreateKeyW
RegDeleteKeyA
RegOpenKeyExW
RegQueryValueExA

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 263KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd1d3bc5e950726b8bb3bca410ba8aa1

Headers

File Characteristics

Imports

wininet

gdi32

user32

comdlg32

kernel32

advapi32

Sections

.text Size: 111KB - Virtual size: 110KB

.data Size: 263KB - Virtual size: 262KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 111KB - Virtual size: 110KB

.data
Size: 263KB - Virtual size: 262KB

.rsrc
Size: 7KB - Virtual size: 6KB