71ad204cfc1ad47428541e751f60e92c

Sharing

Copy URL Twitter E-mail

General

Target

71ad204cfc1ad47428541e751f60e92c
Size

508KB
MD5

71ad204cfc1ad47428541e751f60e92c
SHA1

97cde0fbab51cac098271b247020125589fc89cb
SHA256

fd3406168748ba0e7e5081c98ae0ad4f35c4a058d3b7abe27135515ffefa303c
SHA512

8cbbf4d41f5a06656005eba787a10d591760b32eb7620d533cfb1efaec4b440155aef9c1558f00480f04e9cd338735e202394f8432718ffa3c15523f65760ba7
SSDEEP

12288:20fq53GXTRRL5dcQkbZegY8m+DZoO6AjFppwGIEG4:5fEGjRRL59kbg/8m8oVAjVw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71ad204cfc1ad47428541e751f60e92c

Files

71ad204cfc1ad47428541e751f60e92c
.exe windows:4 windows x86 arch:x86

90c2f5c46a8d21fd485e1b51a4f182ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ReplaceTextA

kernel32

GetLocaleInfoW
GetTimeFormatA
lstrlen
GetVersionExA
SetHandleCount
LocalFileTimeToFileTime
SetLastError
TlsFree
LCMapStringA
InterlockedDecrement
HeapSize
LCMapStringW
GetACP
GetCommandLineA
EnumSystemLocalesA
GetLocaleInfoA
HeapValidate
GetStringTypeExA
RtlUnwind
GetTickCount
OpenMutexA
VirtualAlloc
HeapLock
GetProcAddress
IsDebuggerPresent
GetSystemTimeAsFileTime
GetStdHandle
IsValidCodePage
IsValidLocale
EnumCalendarInfoA
SetConsoleCtrlHandler
WaitForMultipleObjects
GetEnvironmentStringsW
GetStringTypeW
CreateMutexA
GetProcessHeap
HeapReAlloc
GetUserDefaultLCID
GlobalReAlloc
InterlockedExchange
SetStdHandle
GetCurrentProcess
LoadLibraryA
SystemTimeToTzSpecificLocalTime
CreateFileA
GetFileType
InitializeCriticalSection
HeapFree
GetCurrentProcessId
FreeEnvironmentStringsW
GetCPInfo
GetOEMCP
GetCurrentThreadId
GetTimeZoneInformation
SetConsoleActiveScreenBuffer
GetConsoleTitleW
UnhandledExceptionFilter
EnterCriticalSection
GetConsoleMode
SetUnhandledExceptionFilter
MultiByteToWideChar
TerminateProcess
GetLastError
FillConsoleOutputCharacterW
SetEnvironmentVariableA
TlsSetValue
FreeEnvironmentStringsA
GetConsoleOutputCP
WideCharToMultiByte
VirtualQuery
FindFirstFileExW
GetModuleHandleA
GetEnvironmentStrings
CompareStringA
LeaveCriticalSection
ConnectNamedPipe
WriteConsoleOutputA
QueryPerformanceCounter
ReadFile
CompareStringW
WriteConsoleA
DeleteCriticalSection
TlsGetValue
FindNextFileW
SetLocaleInfoA
HeapDestroy
WriteFile
ExitProcess
InterlockedIncrement
GetModuleFileNameA
Sleep
GetConsoleCP
FreeLibrary
HeapAlloc
WriteConsoleW
GetCurrentThread
SetCurrentDirectoryA
LocalSize
TlsAlloc
HeapCreate
VirtualFree
GetStartupInfoA
InterlockedExchangeAdd
GetDateFormatA
GetStringTypeA
FlushFileBuffers
CloseHandle
SetFilePointer

comctl32

InitCommonControlsEx

user32

RegisterClassExA
CopyAcceleratorTableW
RegisterClassA
MonitorFromWindow

wininet

GopherOpenFileA

Sections

.text
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90c2f5c46a8d21fd485e1b51a4f182ae

Headers

File Characteristics

Imports

comdlg32

kernel32

comctl32

user32

wininet

Sections

.text Size: 169KB - Virtual size: 168KB

.rdata Size: 9KB - Virtual size: 22KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 169KB - Virtual size: 168KB

.rdata
Size: 9KB - Virtual size: 22KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 15KB - Virtual size: 15KB