561fa052a20cf5c911c0082899fbc1c6

Sharing

Copy URL Twitter E-mail

General

Target

561fa052a20cf5c911c0082899fbc1c6
Size

568KB
MD5

561fa052a20cf5c911c0082899fbc1c6
SHA1

44a6390b062fd160ef1d6924a98dc9eb9cc91d4e
SHA256

c60b6cfd2929d7e0c7f3b8ab05ddb82a107ef928b4060d7510956524c23539fd
SHA512

c28047ba7317bc3267b3b1693682afa01c7efc7763603251db58b0e22d2a464d8e7ebdb664810c1f7900ea6a8bc7d50a6e2b4e12043206ecebaca53cc881ed01
SSDEEP

12288:jW5dnzPBOK94cALsXEBwZPmUNSVQt0wU:jWdnzBT7ALsXduALU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
561fa052a20cf5c911c0082899fbc1c6

Files

561fa052a20cf5c911c0082899fbc1c6
.exe windows:4 windows x86 arch:x86

5c11ac0fffe02bb65e9d2be59c610389

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefWindowProcA
DrawIcon
TranslateMessage
FindWindowA
SetWindowLongA
MessageBoxW
GetWindowLongW
GetClassNameW
DestroyWindow
CloseClipboard
DdeCmpStringHandles
SetMessageExtraInfo
PostMessageA
DdeConnect
PeekMessageW
GetClassLongA
DrawIconEx
RegisterClassA
TranslateMDISysAccel
CharNextW
ShowWindow
GetUserObjectInformationA
InSendMessage
EnumChildWindows
GetDesktopWindow
DeferWindowPos
CreateWindowExA
CharLowerW
SetFocus
IsMenu
FindWindowExA
GetClipboardData
RegisterClassExA
MessageBeep
GetMenuInfo
PostThreadMessageW
DlgDirListComboBoxW
GetMessageTime
DdeCreateStringHandleW
DefWindowProcW
GetMenu
GetAltTabInfo
EndTask
ChangeDisplaySettingsExW
GetNextDlgTabItem

comdlg32

ReplaceTextW
GetOpenFileNameA
ChooseFontW

comctl32

ImageList_GetDragImage
InitCommonControlsEx
GetEffectiveClientRect
ImageList_SetDragCursorImage
ImageList_GetImageCount
ImageList_Write
CreateToolbarEx
ImageList_Create
ImageList_GetImageInfo

wininet

GetUrlCacheEntryInfoA
InternetGetConnectedState
InternetTimeFromSystemTimeW
InternetGetLastResponseInfoW
FtpCreateDirectoryA
FtpOpenFileA

kernel32

EnumSystemCodePagesW
GetFileSize
SetStdHandle
HeapAlloc
GetSystemDirectoryW
GetVersionExA
SetLastError
CompareStringA
GetLastError
HeapDestroy
GetDateFormatA
IsDebuggerPresent
GetTempFileNameW
GetSystemTimeAdjustment
InterlockedIncrement
OpenFileMappingW
InitializeCriticalSection
lstrcmp
GetCompressedFileSizeW
GetDateFormatW
ReadFile
GetACP
EnumSystemCodePagesA
VirtualQuery
RtlUnwind
SetFilePointer
EnumSystemLocalesW
WritePrivateProfileSectionW
OpenEventA
GetStdHandle
FindResourceExA
SetConsoleCtrlHandler
TerminateProcess
FillConsoleOutputCharacterA
CompareStringW
FlushFileBuffers
FreeEnvironmentStringsA
GetTickCount
TlsGetValue
WriteConsoleA
GetVolumeInformationA
GetCurrentThreadId
WideCharToMultiByte
VirtualProtect
GetPrivateProfileSectionNamesA
WaitNamedPipeA
EnumSystemLocalesA
GetThreadPriority
GetLocaleInfoA
TlsSetValue
HeapLock
LocalAlloc
GetCPInfo
MapViewOfFile
IsValidCodePage
GetStringTypeA
IsValidLocale
HeapSize
GetProcAddress
UnhandledExceptionFilter
FindFirstFileExA
SetEnvironmentVariableA
WriteFile
GetConsoleCP
WriteConsoleW
GlobalDeleteAtom
GetShortPathNameA
lstrcpynA
GetModuleHandleA
TlsFree
HeapReAlloc
InterlockedDecrement
QueryPerformanceCounter
GetFileAttributesW
WriteConsoleOutputA
SystemTimeToTzSpecificLocalTime
WriteConsoleInputA
SetUnhandledExceptionFilter
VirtualFree
EnterCriticalSection
SetCriticalSectionSpinCount
GetTimeFormatA
GetStringTypeW
GetStartupInfoA
MultiByteToWideChar
CloseHandle
DeleteCriticalSection
GetThreadLocale
GetTimeZoneInformation
CreateSemaphoreW
CreateWaitableTimerW
GetOEMCP
GetCurrentProcessId
LCMapStringA
FreeLibrary
GetCurrentThread
EnumDateFormatsExW
WaitCommEvent
UnlockFile
GetFileAttributesA
GetCommandLineA
CreateFileA
GetCurrencyFormatA
TlsAlloc
DosDateTimeToFileTime
GetModuleFileNameA
GetSystemInfo
ExitProcess
CommConfigDialogA
GlobalCompact
GetLocaleInfoW
OpenMutexA
GlobalFree
HeapCreate
GetSystemTimeAsFileTime
GetFileType
FoldStringA
LoadLibraryW
GetConsoleOutputCP
GetUserDefaultLCID
HeapFree
SetConsoleWindowInfo
GetCurrentProcess
InterlockedExchange
LCMapStringW
GetEnvironmentStrings
SetHandleCount
GetProcessHeap
Sleep
FreeEnvironmentStringsW
OutputDebugStringW
VirtualAlloc
CreateMutexA
GetEnvironmentStringsW
RtlMoveMemory
LocalFileTimeToFileTime
LeaveCriticalSection
GetAtomNameW
WriteConsoleOutputCharacterA
GetStringTypeExW
LocalShrink
LoadLibraryA
EnumCalendarInfoExW
GlobalAlloc
GetConsoleMode

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c11ac0fffe02bb65e9d2be59c610389

Headers

File Characteristics

Imports

user32

comdlg32

comctl32

wininet

kernel32

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 256KB - Virtual size: 254KB

.data Size: 120KB - Virtual size: 132KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 256KB - Virtual size: 254KB

.data
Size: 120KB - Virtual size: 132KB

.rsrc
Size: 20KB - Virtual size: 17KB