67995a56d1831b6918fb6e7f1fe991ff

Sharing

Copy URL Twitter E-mail

General

Target

67995a56d1831b6918fb6e7f1fe991ff
Size

320KB
MD5

67995a56d1831b6918fb6e7f1fe991ff
SHA1

34a083e8a13e60cfd6fd4a4a02e3bc97b5f78ee9
SHA256

a84bb86709d29e0dfb5ae575a7fb40e27614c371a74a140542a44c49516c03fd
SHA512

350d3dc4471c50e7b628b395e90cada67d4c9171a05606c0bef3ac232cc9aed08d542684d5e27c25cf1d095b7a2b83f1b607283daa8d566c0bf1731f1577f9e7
SSDEEP

6144:QLMPILD6gwZGSSpi6Llrs0TwqZmjBbgfH0xu0CN6CU5+9Cx0caouqKIFCSS:QgISDZGSSpbp40TwKABbYHfN/U2CSUFW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67995a56d1831b6918fb6e7f1fe991ff

Files

67995a56d1831b6918fb6e7f1fe991ff
.exe windows:4 windows x86 arch:x86

2ec21e60c597a8b107eb1dd7bf09b531

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

CreateUrlCacheEntryW
FindCloseUrlCache
InternetSetOptionExW
HttpCheckDavCompliance
InternetOpenUrlW
ShowClientAuthCerts

user32

ToUnicodeEx
SetDebugErrorLevel
DdeSetQualityOfService
SwitchToThisWindow
MapDialogRect
LookupIconIdFromDirectory
GetMenuItemInfoW
RegisterClassExA
LoadCursorW
GetQueueStatus
GetWindowTextLengthA
SetTimer
RegisterClassA
CheckRadioButton
DdeQueryStringW
SetCursorPos
OffsetRect

comctl32

InitCommonControlsEx

kernel32

Sleep
GetSystemTimeAsFileTime
GetTimeFormatA
TlsGetValue
RtlUnwind
SetHandleCount
CreateFileA
GetEnvironmentStringsW
MultiByteToWideChar
OpenMutexA
HeapFree
HeapSize
GetFileType
IsValidLocale
DeleteCriticalSection
SetConsoleCtrlHandler
WideCharToMultiByte
InterlockedExchange
HeapDestroy
GetUserDefaultLCID
GetStartupInfoW
UnhandledExceptionFilter
GetModuleHandleA
EnumSystemLocalesA
GetConsoleCP
SetEnvironmentVariableA
FreeLibrary
GetStartupInfoA
GetTickCount
VirtualAlloc
GetStringTypeW
HeapCreate
IsDebuggerPresent
CompareStringW
GetModuleHandleW
GetStringTypeA
VirtualFree
SetFilePointer
QueryPerformanceCounter
GetLocaleInfoW
CloseHandle
GetCurrentThreadId
GetOEMCP
GetTimeZoneInformation
GetConsoleMode
WriteConsoleW
GetCPInfo
GetCommandLineW
IsValidCodePage
ExitProcess
FlushFileBuffers
TlsAlloc
LeaveCriticalSection
InterlockedDecrement
GetProcAddress
InterlockedIncrement
TlsSetValue
SetLastError
FreeEnvironmentStringsW
LCMapStringA
CompareStringA
SetUnhandledExceptionFilter
WriteConsoleA
LoadLibraryA
GetModuleFileNameW
CreateMutexA
TerminateProcess
GetCompressedFileSizeA
GetConsoleOutputCP
SetStdHandle
GetCurrentProcessId
HeapAlloc
GetModuleFileNameA
GetCurrentThread
GetStdHandle
VirtualQuery
LCMapStringW
EnterCriticalSection
GetCurrentProcess
GetLastError
InitializeCriticalSectionAndSpinCount
HeapReAlloc
GetACP
ReadFile
GetCommandLineA
WriteFile
GetLocaleInfoA
TlsFree
GetDateFormatA

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ec21e60c597a8b107eb1dd7bf09b531

Headers

File Characteristics

Imports

wininet

user32

comctl32

kernel32

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 9KB - Virtual size: 18KB

.data Size: 171KB - Virtual size: 171KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 9KB - Virtual size: 18KB

.data
Size: 171KB - Virtual size: 171KB

.rsrc
Size: 8KB - Virtual size: 7KB