68488b044383a1bbbd100a99daed81f7

Sharing

Copy URL

Twitter E-mail

General

Target

68488b044383a1bbbd100a99daed81f7
Size

299KB
MD5

68488b044383a1bbbd100a99daed81f7
SHA1

075099c4169588453fb720bd037813d7bdf7f3b1
SHA256

d0ec95ef0d37768eb80aec9d479df7d6649bc8dde8172ae3021d16aec0177e82
SHA512

727ac334d6052635a4908894244f8fac63fe403dc64e61a9015de9bfbc45a0ab7011a9fc7621b87a33de527fda5524267c83d87bd92e3139bc732304250bdd41
SSDEEP

6144:n6sXzFPjM5cqnw+VKgbp0DFiL+pqKM3dA8FkGdc0AmYPtIlo:6oMPw+6vidA8ecdPYP2lo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68488b044383a1bbbd100a99daed81f7

Files

68488b044383a1bbbd100a99daed81f7
.exe windows:4 windows x86 arch:x86

ec722eca180ec3a4469f83ec70cfcb1b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameW

comctl32

InitCommonControlsEx

user32

EnumPropsA
RegisterClassA
RegisterClassExA
IsChild

gdi32

GetColorSpace
PolyBezierTo
PolyPolyline
DeleteMetaFile
LineDDA
CopyEnhMetaFileW
DeviceCapabilitiesExA
GetEnhMetaFilePaletteEntries
FlattenPath
SetMiterLimit
GetWindowExtEx
GetTextCharsetInfo
GetEnhMetaFileDescriptionA
IntersectClipRect
GetTextCharacterExtra
SetGraphicsMode
AbortPath
SetTextCharacterExtra
GetPixelFormat
GetRgnBox
GetTextAlign
SetICMMode
SetBrushOrgEx

wininet

IsUrlCacheEntryExpiredA
GopherGetLocatorTypeW
InternetDialA
FtpSetCurrentDirectoryW
HttpQueryInfoA
FindFirstUrlCacheEntryExW

kernel32

ExitProcess
GetCurrentThreadId
VirtualFree
FreeEnvironmentStringsA
LCMapStringW
GetTickCount
TlsAlloc
CloseHandle
RtlUnwind
GetVersionExA
TerminateProcess
GetEnvironmentStringsW
GetFileType
HeapDestroy
FreeResource
GetSystemInfo
GetLocaleInfoW
GetUserDefaultLCID
CompareStringW
GetCurrentThread
OpenMutexA
GetEnvironmentStrings
OpenMutexW
UnhandledExceptionFilter
LoadLibraryExA
GetACP
HeapSize
WriteFile
ReadConsoleOutputW
TlsGetValue
HeapFree
CreateFileMappingW
GetLastError
GetProfileIntA
HeapAlloc
LCMapStringA
QueryPerformanceCounter
FreeEnvironmentStringsW
CreateMutexA
HeapCreate
GetProcAddress
GetOEMCP
EnumSystemLocalesA
EnterCriticalSection
GetModuleHandleA
VirtualProtect
GetTimeZoneInformation
TlsFree
FlushFileBuffers
LocalFileTimeToFileTime
EnumTimeFormatsA
GetSystemDirectoryA
GetDateFormatA
IsBadWritePtr
IsValidCodePage
GetModuleFileNameA
GetStringTypeW
GetCurrentProcessId
SetUnhandledExceptionFilter
SetStdHandle
GetVersion
SetWaitableTimer
CompareStringA
GetCPInfo
ReadFile
SetFilePointer
SetHandleCount
TlsSetValue
MultiByteToWideChar
GetStdHandle
EnumSystemCodePagesW
SetLastError
GetLocaleInfoA
ResumeThread
WideCharToMultiByte
VirtualQuery
EnumDateFormatsW
GetStringTypeA
HeapReAlloc
GetStartupInfoA
GetCommandLineA
FileTimeToSystemTime
LeaveCriticalSection
GetCurrentProcess
IsValidLocale
InterlockedExchange
SetEnvironmentVariableA
GetProfileIntW
WriteProfileSectionA
VirtualAlloc
LoadLibraryA
GlobalFlags
InitializeCriticalSection
GetSystemTimeAsFileTime
GetTimeFormatA
DeleteCriticalSection

Sections

.text
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec722eca180ec3a4469f83ec70cfcb1b

Headers

File Characteristics

Imports

comdlg32

comctl32

user32

gdi32

wininet

kernel32

Sections

.text Size: 134KB - Virtual size: 133KB

.rdata Size: 8KB - Virtual size: 18KB

.data Size: 144KB - Virtual size: 144KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 134KB - Virtual size: 133KB

.rdata
Size: 8KB - Virtual size: 18KB

.data
Size: 144KB - Virtual size: 144KB

.rsrc
Size: 11KB - Virtual size: 11KB