59d5a635f9bd5c25f6b687b04987aed2

Sharing

Copy URL Twitter E-mail

General

Target

59d5a635f9bd5c25f6b687b04987aed2
Size

306KB
MD5

59d5a635f9bd5c25f6b687b04987aed2
SHA1

9bab0e9e948c996e94193eba7bbeb30b200b492a
SHA256

c87fa21dae9028e1ebc9ff42f429c012e7e12866a4f47935dfac8e7ea1bf7fe5
SHA512

5ce74a46ea2d51c777d3c6ab3ad092827af7680780ce4e7761ba1ce5ed49935b191190059756cc1a94f5af65058c8f9205c734dc1f9b7a9ae2b5a8da4694a717
SSDEEP

6144:hbbx88nvIcmGwsx4IFQKihXoE2037/0TP3EBAvFElsDPsSV0KGcJ:h/x8KviI4AQxtMVvFKsDHV/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59d5a635f9bd5c25f6b687b04987aed2

Files

59d5a635f9bd5c25f6b687b04987aed2
.exe windows:4 windows x86 arch:x86

8989007c74e848332264dd8ee76fc1e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetConnectA
GetUrlCacheEntryInfoExW
FindFirstUrlCacheEntryExA
InternetInitializeAutoProxyDll
InternetSecurityProtocolToStringA
FtpGetFileSize

kernel32

ExitProcess
WriteConsoleW
CreateMutexA
GetConsoleOutputCP
EnumResourceTypesW
InitializeCriticalSection
CloseHandle
GetCommandLineW
IsDebuggerPresent
GetEnvironmentVariableA
TlsFree
LCMapStringW
SetFilePointer
HeapAlloc
GetStartupInfoA
OpenEventA
FreeEnvironmentStringsA
MapViewOfFileEx
GetCurrentThread
GetModuleFileNameA
TerminateProcess
TlsSetValue
WriteConsoleOutputAttribute
GetCurrentProcess
GetCurrentThreadId
WriteFile
CompareStringA
InterlockedExchange
CreateFileA
TerminateThread
IsValidLocale
LoadModule
WideCharToMultiByte
SetConsoleCtrlHandler
GetStringTypeA
GetSystemTimeAsFileTime
FlushFileBuffers
QueryPerformanceCounter
WriteConsoleA
GetConsoleMode
GetLocaleInfoW
DeleteCriticalSection
GetCPInfo
VirtualAlloc
InterlockedIncrement
FreeEnvironmentStringsW
GetConsoleCP
GetStdHandle
LoadLibraryA
GetFileType
ReadFile
GetEnvironmentStringsW
Sleep
SetEnvironmentVariableA
GetLocaleInfoA
SetUnhandledExceptionFilter
GetModuleFileNameW
GetEnvironmentStrings
MultiByteToWideChar
VirtualFree
FindResourceExW
IsValidCodePage
HeapSize
EnterCriticalSection
FindNextFileW
GetProcessHeap
HeapDestroy
LCMapStringA
GetVersionExA
GetStringTypeW
OpenMutexA
GetProfileStringW
LeaveCriticalSection
HeapReAlloc
lstrcpyn
RemoveDirectoryW
HeapFree
EnumSystemLocalesA
TlsAlloc
GetStartupInfoW
RtlUnwind
GetDateFormatA
GetACP
TlsGetValue
HeapCreate
LocalUnlock
InterlockedDecrement
GetCurrentProcessId
ReadConsoleInputA
GetThreadTimes
LocalReAlloc
UnhandledExceptionFilter
GetLastError
SetLastError
GetTickCount
SetHandleCount
FreeLibrary
GetTimeZoneInformation
LoadLibraryW
ReadConsoleW
GetCommandLineA
VirtualQuery
GetTimeFormatA
WritePrivateProfileSectionA
GetModuleHandleA
SetStdHandle
GetUserDefaultLCID
GetOEMCP
GetProcAddress
CompareStringW

user32

GetWindowLongW
CreateIcon
GetClassLongW
DispatchMessageA
DispatchMessageW
ScrollWindow
RegisterClassExA
RegisterClassA

comdlg32

GetOpenFileNameW
FindTextA
GetOpenFileNameA
PrintDlgA

comctl32

InitCommonControlsEx

shell32

ExtractIconEx
DragAcceptFiles

Sections

.text
Size: 185KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8989007c74e848332264dd8ee76fc1e4

Headers

File Characteristics

Imports

wininet

kernel32

user32

comdlg32

comctl32

shell32

Sections

.text Size: 185KB - Virtual size: 184KB

.rdata Size: 16KB - Virtual size: 27KB

.data Size: 88KB - Virtual size: 88KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 185KB - Virtual size: 184KB

.rdata
Size: 16KB - Virtual size: 27KB

.data
Size: 88KB - Virtual size: 88KB

.rsrc
Size: 16KB - Virtual size: 15KB