7209665114b58d2d1d08e695e068e5ae

Sharing

Copy URL Twitter E-mail

General

Target

7209665114b58d2d1d08e695e068e5ae
Size

557KB
MD5

7209665114b58d2d1d08e695e068e5ae
SHA1

24a9f506e50fe836e00b9d8592f3e04c91ba993e
SHA256

c0ec3d14816015842c946c0820715ba55bcc98c696df666de9b973a21464a396
SHA512

9443590fb2a9c8b98763451ba43ecfb8642f2bf81be7f5ef280268fcb311ee1dd356f3d786ce4ada9731c02a390032f885f9f7ad8a8663480ee188b28c4daba3
SSDEEP

12288:i1Y5pVA3PhKrxgpGwp8BKhrTkHco9AQa3weSSQVj:+Y5pVA3PhKdgph8BkHkbsw5SQVj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7209665114b58d2d1d08e695e068e5ae

Files

7209665114b58d2d1d08e695e068e5ae
.exe windows:4 windows x86 arch:x86

504d443baba5b6e5df524f72ab084a6c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExW
CryptHashData
CryptVerifySignatureA
AbortSystemShutdownW

gdi32

AddFontResourceW
SetICMMode
SetMetaFileBitsEx
GetPixelFormat
SetPixel
ExtFloodFill
GetKerningPairsW
CopyMetaFileA
GetCharWidthA
CreateDIBPatternBrush
SetMagicColors
GetTextExtentExPointW
SetViewportExtEx
SetPaletteEntries
EqualRgn

kernel32

GetStringTypeA
CreateProcessA
LoadLibraryA
WideCharToMultiByte
WriteFile
EnumCalendarInfoExA
CompareStringW
OpenMutexA
FreeLibrary
SetLocaleInfoW
GetTimeFormatA
FreeEnvironmentStringsW
LeaveCriticalSection
GetCurrentThread
ExitProcess
GetCurrentProcess
GetConsoleMode
GetSystemDirectoryW
ReadFile
HeapFree
FlushFileBuffers
TlsAlloc
GetCPInfo
FreeEnvironmentStringsA
WriteConsoleA
GetStringTypeW
HeapLock
CreateMutexA
GetNamedPipeInfo
CreateFileA
SetUnhandledExceptionFilter
TerminateProcess
GetStdHandle
SetFilePointer
CompareStringA
SetHandleCount
SetEnvironmentVariableA
TlsSetValue
SetLastError
VirtualFree
LCMapStringA
EnterCriticalSection
OpenProcess
GetUserDefaultLCID
GetCurrentThreadId
InterlockedExchange
HeapReAlloc
GetModuleFileNameA
SetStdHandle
MultiByteToWideChar
GetTimeZoneInformation
GetStartupInfoA
IsValidCodePage
GlobalFlags
GetProcessHeap
GetOEMCP
RtlUnwind
GetCurrentProcessId
VirtualAlloc
GetLocaleInfoW
DeleteAtom
InitializeCriticalSection
HeapSize
GetDateFormatA
TransactNamedPipe
GetModuleHandleA
GetEnvironmentStrings
SetConsoleCtrlHandler
HeapDestroy
DeleteCriticalSection
HeapAlloc
EnumSystemLocalesA
GetSystemTimeAsFileTime
IsValidLocale
CloseHandle
GetTickCount
InterlockedIncrement
InterlockedDecrement
IsDebuggerPresent
GetLastError
VirtualQuery
GetLocaleInfoA
GetEnvironmentStringsW
UnhandledExceptionFilter
ReadConsoleInputW
LCMapStringW
GetCommandLineA
GetVersionExA
GetACP
TlsFree
GetConsoleCP
GetProcAddress
GetFileType
TlsGetValue
QueryPerformanceCounter
WriteConsoleW
HeapCreate
Sleep
GetConsoleOutputCP

user32

CreateDialogParamA
CreateAcceleratorTableW
SetCaretPos
TranslateMDISysAccel
GetClassWord
IsDialogMessage
ActivateKeyboardLayout
VkKeyScanW
GetMenu
EnumDisplaySettingsA
SetMenuItemInfoW
SetDlgItemTextW
CharUpperBuffW
SetWindowsHookExA
TileChildWindows
SetWindowWord
AppendMenuW
InsertMenuItemA
RegisterClassExA
InsertMenuW
DdeReconnect
GetParent
RemoveMenu
RegisterClassA
CreateCursor
SwitchToThisWindow

comdlg32

ReplaceTextW
PrintDlgW

wininet

FtpRemoveDirectoryW
InternetReadFile
InternetShowSecurityInfoByURLW
InternetErrorDlg
FindNextUrlCacheEntryA
IsHostInProxyBypassList
IncrementUrlCacheHeaderData
InternetInitializeAutoProxyDll
InternetTimeFromSystemTimeW

comctl32

InitCommonControlsEx

Sections

.text
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 358KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

504d443baba5b6e5df524f72ab084a6c

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

user32

comdlg32

wininet

comctl32

Sections

.text Size: 181KB - Virtual size: 181KB

.rdata Size: 10KB - Virtual size: 42KB

.data Size: 358KB - Virtual size: 358KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 181KB - Virtual size: 181KB

.rdata
Size: 10KB - Virtual size: 42KB

.data
Size: 358KB - Virtual size: 358KB

.rsrc
Size: 5KB - Virtual size: 5KB