59513ac522f7e422d760052e550f3f62

Sharing

Copy URL Twitter E-mail

General

Target

59513ac522f7e422d760052e550f3f62
Size

448KB
MD5

59513ac522f7e422d760052e550f3f62
SHA1

edb28c10d6a6955630d3f12470ddaa8452a1f18f
SHA256

c80fd88d285c67bb2e316b23d0ceedb2b1cd8a2267d6c7f198c2e2930f880df8
SHA512

8a636de14b70f2b9764b1de2edac03a2e2016f1c2bab057268d5833bd89bcd350b9ac032668e470a92ad60dfc9a78cfbb71f459c28b303e091ea21d9534b8683
SSDEEP

6144:iVhL1I1zylye1ZrEsxNvziCoNB7Ja2IoI7Osg3adiP1+PfNelw8o/gLcr+cBLhUG:OhLS1GlFL7xwBk2adiPoIZ4rTLiguo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59513ac522f7e422d760052e550f3f62

Files

59513ac522f7e422d760052e550f3f62
.exe windows:4 windows x86 arch:x86

05791a9d318482bf7f89db2895a9f72a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupPrivilegeDisplayNameW
LookupAccountNameW
LogonUserA
GetUserNameW
RegReplaceKeyA
CryptEnumProvidersA
LookupSecurityDescriptorPartsW
RegSaveKeyA
CryptImportKey
RegEnumKeyW
CryptGenKey
ReportEventA
RegEnumValueA
StartServiceW
RegConnectRegistryA

comdlg32

GetOpenFileNameW
ReplaceTextA
ChooseColorA
PrintDlgW
GetSaveFileNameW
LoadAlterBitmap
PageSetupDlgA
ReplaceTextW
PrintDlgA
GetOpenFileNameA
ChooseFontW

gdi32

RemoveFontResourceW
GetTextMetricsW
DeleteEnhMetaFile
EndPath
ColorMatchToTarget
GetICMProfileA
GetEnhMetaFileDescriptionA
PatBlt
DeleteObject
CreateBrushIndirect
ExtEscape
GetMapMode
UnrealizeObject

user32

EnumDisplaySettingsExW
GetWindowThreadProcessId
GetProcessWindowStation
MapDialogRect
BeginPaint
AdjustWindowRectEx
DeferWindowPos
TrackMouseEvent
GetWindow
ModifyMenuA
GetClientRect
CreateAcceleratorTableA
DefDlgProcA
DdeCreateDataHandle
TabbedTextOutW
EnumWindowStationsA
GetNextDlgGroupItem
IsDlgButtonChecked
GetPriorityClipboardFormat
RegisterClassExA
EnableWindow

kernel32

VirtualAlloc
GetCurrentThread
GetEnvironmentStringsW
InterlockedExchange
CompareStringA
LeaveCriticalSection
CreateDirectoryA
GetCommandLineA
QueryPerformanceCounter
TlsSetValue
GetNamedPipeHandleStateA
LoadLibraryExW
GetDateFormatA
EnumResourceTypesW
WritePrivateProfileSectionW
SetLastError
VirtualFree
TlsAlloc
CompareStringW
SetThreadPriority
GetEnvironmentVariableA
GetSystemInfo
GetCurrentThreadId
LocalUnlock
GetACP
ExitProcess
GetSystemTimeAsFileTime
GetOEMCP
GetCompressedFileSizeW
GetStringTypeA
HeapSize
WriteFile
ExitThread
GetEnvironmentStrings
HeapFree
GetStdHandle
IsValidLocale
LoadLibraryA
FreeEnvironmentStringsA
GetLongPathNameA
HeapAlloc
GetLastError
GetCPInfo
TlsGetValue
VirtualQuery
GetStringTypeW
GetCurrentProcessId
IsValidCodePage
ReadFile
GetModuleHandleA
IsBadWritePtr
HeapCreate
GetProfileIntA
TlsFree
OpenEventW
GetFileType
FreeEnvironmentStringsW
HeapReAlloc
GetTickCount
GetStartupInfoA
GetCurrentProcess
LCMapStringA
WritePrivateProfileStructW
SetConsoleTitleA
SetHandleCount
WideCharToMultiByte
GetModuleFileNameA
GetLocaleInfoW
GetLocaleInfoA
UnhandledExceptionFilter
SetConsoleCursorInfo
RtlMoveMemory
GetProcAddress
HeapDestroy
TerminateProcess
EnterCriticalSection
RtlUnwind
GetUserDefaultLCID
GetTimeFormatA
DeleteCriticalSection
SetEnvironmentVariableA
VirtualProtect
MultiByteToWideChar
lstrcmpiA
LCMapStringW
EnumSystemLocalesA
GetTimeZoneInformation
InitializeCriticalSection
MoveFileExW
ReadConsoleOutputW
GetVersionExA

wininet

InternetCrackUrlA
FtpCommandW
ReadUrlCacheEntryStream
InternetConnectW
FindNextUrlCacheEntryW
FtpGetFileSize
SetUrlCacheEntryGroupW
InternetSetOptionExA
FtpRemoveDirectoryA
FtpGetFileW
RegisterUrlCacheNotification
InternetGetLastResponseInfoA
FindFirstUrlCacheGroup
InternetWriteFile

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05791a9d318482bf7f89db2895a9f72a

Headers

File Characteristics

Imports

advapi32

comdlg32

gdi32

user32

kernel32

wininet

Sections

.text Size: 168KB - Virtual size: 167KB

.data Size: 275KB - Virtual size: 274KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 168KB - Virtual size: 167KB

.data
Size: 275KB - Virtual size: 274KB

.rsrc
Size: 4KB - Virtual size: 4KB