59070ee88330f00f5c86dda4117e4a11

Sharing

Copy URL Twitter E-mail

General

Target

59070ee88330f00f5c86dda4117e4a11
Size

272KB
MD5

59070ee88330f00f5c86dda4117e4a11
SHA1

6a0e90712659d9e0f5bbb79ae06f2ea4019d6cd1
SHA256

883fed35abe44587cd6d5219abbdd07593ada3a1b06ea1b95800a2c445e8ae84
SHA512

fb4acc8886975d56066c13e9ce426dc82ab6391957ffe938603572b337af413e5cc39896aaec0835a9380f57630fdf5447e65d46a5486417f2d0e34828e00591
SSDEEP

6144:RV6arraW1T1l2sq6sZBo/ROLcT7lZC7hopiK6Sof4:Hfrr5T1cqsZQCE7AhoQg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59070ee88330f00f5c86dda4117e4a11

Files

59070ee88330f00f5c86dda4117e4a11
.exe windows:4 windows x86 arch:x86

6017d56ce51c552c49f5f0fd202583c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpAddRequestHeadersA
InternetHangUp

gdi32

GetTextColor
CreatePolygonRgn
GetTextFaceA
GetMetaFileA
GetCharWidthA
LPtoDP
GetStretchBltMode
SelectObject
ExtSelectClipRgn

user32

SetDlgItemTextW
IsDlgButtonChecked
ChangeMenuA
GetThreadDesktop
CascadeWindows
GetSystemMetrics
MsgWaitForMultipleObjectsEx
GetTabbedTextExtentW
OemToCharBuffW
PostThreadMessageA
PackDDElParam

advapi32

LogonUserW
CryptHashData
InitializeSecurityDescriptor
RegSetValueExW
CryptGetKeyParam
StartServiceW
CryptSetProviderExW
RegSetKeySecurity
GetUserNameA
LookupSecurityDescriptorPartsW
CreateServiceW
LookupPrivilegeDisplayNameW
CryptHashSessionKey
RegDeleteKeyW
AbortSystemShutdownA
RegOpenKeyA

kernel32

IsBadWritePtr
TlsFree
GetEnvironmentStringsW
ExitProcess
GetModuleFileNameW
GetVersionExA
LCMapStringW
MultiByteToWideChar
GetSystemTimeAsFileTime
GetFileType
GetStringTypeW
FreeEnvironmentStringsA
GetStdHandle
GetLocaleInfoA
GetStartupInfoA
TerminateProcess
GetTickCount
TlsSetValue
VirtualFree
GetCurrentProcessId
GetSystemInfo
EnterCriticalSection
CompareStringW
GetCurrentProcess
HeapFree
GetModuleFileNameA
IsValidLocale
GetCPInfo
GetModuleHandleA
SetLastError
VirtualQuery
InitializeCriticalSection
HeapAlloc
CompareStringA
FreeEnvironmentStringsW
GetLocaleInfoW
VirtualProtect
IsValidCodePage
GetCommandLineA
HeapCreate
TlsAlloc
LeaveCriticalSection
HeapSize
InterlockedExchange
LoadLibraryA
GetLastError
GetCommandLineW
GetDateFormatA
WriteFile
GetCurrentThread
GetACP
HeapReAlloc
GetProcAddress
GetStartupInfoW
LCMapStringA
GetTimeFormatA
HeapDestroy
TlsGetValue
SetHandleCount
GetStringTypeA
VirtualAlloc
GetTimeZoneInformation
UnhandledExceptionFilter
GetEnvironmentStrings
EnumSystemLocalesA
GetCurrentThreadId
WideCharToMultiByte
QueryPerformanceCounter
GetOEMCP
RtlUnwind
SetEnvironmentVariableA
CreateThread
GetUserDefaultLCID
DeleteCriticalSection

shell32

SHGetSpecialFolderPathA
DoEnvironmentSubstA
SHEmptyRecycleBinA
SHAddToRecentDocs
RealShellExecuteExA
ExtractIconExW
SHEmptyRecycleBinW
SHAppBarMessage
ExtractIconA
FreeIconList
ExtractAssociatedIconA
InternalExtractIconListA
SHGetDiskFreeSpaceA
RealShellExecuteW
SHFileOperationA
SHGetFileInfoW
ShellAboutW
SHGetFileInfo
SHGetDesktopFolder
DragQueryPoint
SHUpdateRecycleBinIcon
FindExecutableA
DragFinish

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6017d56ce51c552c49f5f0fd202583c0

Headers

File Characteristics

Imports

wininet

gdi32

user32

advapi32

kernel32

shell32

Sections

.text Size: 152KB - Virtual size: 152KB

.data Size: 111KB - Virtual size: 111KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 152KB - Virtual size: 152KB

.data
Size: 111KB - Virtual size: 111KB

.rsrc
Size: 7KB - Virtual size: 7KB