669672db76e7e1e06173608658270482

Sharing

Copy URL Twitter E-mail

General

Target

669672db76e7e1e06173608658270482
Size

317KB
MD5

669672db76e7e1e06173608658270482
SHA1

44b431bea5ce7b9a1a75971e12ab0ea4c7b8a7f5
SHA256

39ba47d1cc0408dc40d5db25433a5d3462d5c0c726190440fcab86e29a6361fa
SHA512

e6151c176bdf1a1dadb849397c865976a0a1e64c7b5c37af996caba6d5e9b1bc32e4f721e0b3068f1f3b16b0c8673bd3dc429493733fc61fe1c7f95a97838220
SSDEEP

6144:F4CySuLzuO5mX8wnxVSC0XOK+KqeSivJ0jEpbrrZU:qCduGOYX8wtY9yXuaEhrra

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
669672db76e7e1e06173608658270482

Files

669672db76e7e1e06173608658270482
.exe windows:4 windows x86 arch:x86

538b1718c10c412ea5738ae05821077e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

DrawStatusTextA
ImageList_Destroy
ImageList_DragEnter
InitMUILanguage
ImageList_Draw
ImageList_Remove
ImageList_BeginDrag
ImageList_DragShowNolock
InitCommonControlsEx
ImageList_Copy
CreateStatusWindowA
ImageList_GetImageCount

user32

CreateDialogIndirectParamW
RegisterClassA
IsDlgButtonChecked
MessageBoxA
GetTabbedTextExtentA
SetTimer
RegisterClassExA
MessageBoxIndirectW
DdeDisconnect
TileWindows
CascadeChildWindows
PeekMessageW
InsertMenuW
GetListBoxInfo
GetKeyboardLayoutList
CopyRect
DdeQueryConvInfo
LoadCursorFromFileW
ShowWindow
GetDialogBaseUnits
DdeGetData
CreateWindowExW
CopyImage
RemoveMenu
GetDCEx

kernel32

OpenMutexA
IsValidLocale
VirtualQuery
VirtualAlloc
InterlockedExchange
TlsFree
GetLastError
HeapAlloc
GetLocaleInfoA
TerminateProcess
GetConsoleCP
GetStartupInfoW
HeapFree
UnhandledExceptionFilter
GetModuleFileNameW
SetUnhandledExceptionFilter
GetCommandLineA
CloseHandle
SetEnvironmentVariableA
LCMapStringA
TlsSetValue
GetCurrentThread
GetUserDefaultLCID
GetTimeFormatW
GetLocaleInfoW
GetTimeZoneInformation
HeapDestroy
FreeLibrary
GetCommandLineW
GetDateFormatA
IsValidCodePage
GetStdHandle
CompareStringW
GetModuleHandleA
SetLastError
GetACP
LCMapStringW
SetFilePointer
GetStringTypeA
HeapCreate
GetOEMCP
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
RtlUnwind
HeapReAlloc
TlsGetValue
GetModuleHandleW
IsDebuggerPresent
GetCPInfo
LoadLibraryA
EnumSystemLocalesA
InterlockedDecrement
GetModuleFileNameA
SetConsoleCtrlHandler
Sleep
InterlockedIncrement
EnterCriticalSection
GetCurrentThreadId
CreateMutexA
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeFormatA
FlushFileBuffers
WriteConsoleA
FreeEnvironmentStringsW
MultiByteToWideChar
SetStdHandle
GetCurrentProcessId
DeleteCriticalSection
CompareStringA
WriteFile
GetTickCount
HeapSize
GetConsoleOutputCP
GetStringTypeW
WriteConsoleW
GetStartupInfoA
GetFileType
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
VirtualFree
ReadFile
LeaveCriticalSection
GetProcAddress
TlsAlloc
CreateFileA
GetConsoleMode
ExitProcess

wininet

FtpRenameFileA
InternetCombineUrlA
DeleteIE3Cache
InternetCanonicalizeUrlA
InternetAttemptConnect
FindFirstUrlCacheEntryExW

Sections

.text
Size: 185KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

538b1718c10c412ea5738ae05821077e

Headers

File Characteristics

Imports

comctl32

user32

kernel32

wininet

Sections

.text Size: 185KB - Virtual size: 184KB

.rdata Size: 24KB - Virtual size: 50KB

.data Size: 87KB - Virtual size: 87KB

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 185KB - Virtual size: 184KB

.rdata
Size: 24KB - Virtual size: 50KB

.data
Size: 87KB - Virtual size: 87KB

.rsrc
Size: 19KB - Virtual size: 19KB