67df50f0fbcd76dcec60ff3c67f45f25

Sharing

Copy URL Twitter E-mail

General

Target

67df50f0fbcd76dcec60ff3c67f45f25
Size

492KB
MD5

67df50f0fbcd76dcec60ff3c67f45f25
SHA1

bd1eb024aa37b49a39a8d35f2aef7a2a49b45acd
SHA256

3bc6daf828698a7a19c14cc6a31af9d18a8fcad9d999ab7b71c104c9b2f7d51a
SHA512

7957133a200512a572d07259fefe780d93157a97eda29256063165ac515c50fc9e328fe0486ec8b681a48a94a81a8d9c8c5047a8e021271e271a1cf4cdb5cd87
SSDEEP

12288:u7cHNGWjgXa/zlzTPQxt2NciGk3cqUsopsBhl+tln5Dbi:ukGWjZpTPQxwGk3c7sBhoP5DO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67df50f0fbcd76dcec60ff3c67f45f25

Files

67df50f0fbcd76dcec60ff3c67f45f25
.exe windows:4 windows x86 arch:x86

52dcae4d14aacfb599ac436c0afc12b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
GetConsoleCP
LoadLibraryA
GetUserDefaultLCID
CompareStringA
HeapReAlloc
GetOEMCP
GetStdHandle
IsValidLocale
TerminateProcess
GetCommandLineW
GetTimeFormatA
TlsSetValue
CreateMutexA
GetCommandLineA
GetCurrentProcessId
GetLocaleInfoA
GetTickCount
GetCurrentThreadId
SetEnvironmentVariableA
ExitProcess
SetStdHandle
FreeEnvironmentStringsA
ResetEvent
HeapSize
GetLocaleInfoW
CreateFileA
GetFileType
EnumDateFormatsExW
GetStartupInfoA
FreeLibrary
SetConsoleCtrlHandler
LCMapStringA
GetConsoleTitleW
EnumSystemLocalesA
GetConsoleOutputCP
WriteFile
RtlUnwind
GetCPInfo
TransactNamedPipe
InterlockedIncrement
UnhandledExceptionFilter
GetStartupInfoW
SetLastError
HeapAlloc
WriteConsoleW
GetEnvironmentStrings
WriteConsoleA
SetThreadAffinityMask
HeapFree
GetDateFormatA
LeaveCriticalSection
SetFilePointer
IsValidCodePage
SetUnhandledExceptionFilter
GetProcessHeap
GetTimeZoneInformation
EnterCriticalSection
VirtualAlloc
TlsFree
GetModuleHandleA
QueryPerformanceCounter
OpenMutexA
VirtualFree
GetEnvironmentStringsW
GetVersionExA
CompareStringW
InitializeCriticalSection
TlsGetValue
GetNumberFormatW
ContinueDebugEvent
InterlockedExchange
FlushFileBuffers
Sleep
ReadFile
GetModuleFileNameW
DeleteCriticalSection
TlsAlloc
EnumDateFormatsA
GetStringTypeA
CloseHandle
GetLastError
InterlockedDecrement
TerminateThread
HeapDestroy
EnumResourceTypesA
VirtualQuery
GetStringTypeW
GetConsoleMode
GetPrivateProfileIntW
GetSystemTime
IsDebuggerPresent
SetHandleCount
WideCharToMultiByte
FreeEnvironmentStringsW
GetProcAddress
HeapCreate
CopyFileExA
GetModuleFileNameA
lstrlenW
SetVolumeLabelA
SystemTimeToTzSpecificLocalTime
GetCurrentProcess
GetCurrentThread
GetMailslotInfo
GetACP
GetSystemTimeAsFileTime
MultiByteToWideChar

comdlg32

GetOpenFileNameA
PageSetupDlgW
FindTextW

wininet

InternetTimeToSystemTimeW
GetUrlCacheGroupAttributeA
SetUrlCacheHeaderData
InternetConfirmZoneCrossing
HttpSendRequestExA
ReadUrlCacheEntryStream
InternetDial
IsHostInProxyBypassList
GetUrlCacheEntryInfoExA

advapi32

RevertToSelf

comctl32

InitCommonControlsEx

user32

CreateIconFromResource
ArrangeIconicWindows
IsDlgButtonChecked
SetDoubleClickTime
SendMessageW
RegisterClassA
DefWindowProcA
IsCharAlphaNumericW
RemovePropW
PostThreadMessageW
DrawTextA
CharUpperBuffA
RegisterClassExA
LoadMenuIndirectA
DestroyIcon
MapVirtualKeyW
DdeDisconnect
GetMenuItemInfoA

Sections

.text
Size: 301KB - Virtual size: 301KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52dcae4d14aacfb599ac436c0afc12b6

Headers

File Characteristics

Imports

kernel32

comdlg32

wininet

advapi32

comctl32

user32

Sections

.text Size: 301KB - Virtual size: 301KB

.rdata Size: 68KB - Virtual size: 96KB

.data Size: 105KB - Virtual size: 104KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 301KB - Virtual size: 301KB

.rdata
Size: 68KB - Virtual size: 96KB

.data
Size: 105KB - Virtual size: 104KB

.rsrc
Size: 16KB - Virtual size: 16KB