73a0f46712752536c381e0994c1b9576

Sharing

Copy URL Twitter E-mail

General

Target

73a0f46712752536c381e0994c1b9576
Size

394KB
MD5

73a0f46712752536c381e0994c1b9576
SHA1

5032d271fc7b3d398756598d44caf3f556b8b199
SHA256

ae7f9848cfbdefa7b37f9ee80fde6bbcd62a376833076b1a5f35ac74d02cc35a
SHA512

994a9ce53f28d0288b41b39bc6f20560aa31bc293ef08ae1dd1766d42931b1e4d2df84b66d35c83b96383242b7a1472f53a1f70df715a78609200a6d8e828388
SSDEEP

6144:T6KLqJ0Za71tn4smMm1HXfAAGB4lh5/8TN2MkHkIROiOBkY0GPI7ehNX:1ZaJt4smM2zJh2pIROiG9XI7ehN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73a0f46712752536c381e0994c1b9576

Files

73a0f46712752536c381e0994c1b9576
.exe windows:4 windows x86 arch:x86

0baca68cbfc3992d7381120437f42c8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

SetUrlCacheEntryGroupW
FindFirstUrlCacheGroup
FtpPutFileEx
SetUrlCacheEntryGroupA
FtpGetFileW
InternetTimeFromSystemTimeA
InternetQueryDataAvailable
FindFirstUrlCacheEntryW
FindNextUrlCacheEntryA
DeleteUrlCacheGroup
InternetSetDialState
HttpSendRequestExA
FindNextUrlCacheGroup
InternetTimeFromSystemTime
FtpGetFileSize
HttpOpenRequestA
FindNextUrlCacheEntryExW
SetUrlCacheConfigInfoA
InternetTimeToSystemTimeA
InternetFortezzaCommand
HttpSendRequestA
FindNextUrlCacheContainerW
HttpSendRequestExW
UnlockUrlCacheEntryStream
FindFirstUrlCacheContainerW

comdlg32

PrintDlgW
FindTextA
ReplaceTextA
PageSetupDlgW
GetOpenFileNameA
ChooseFontA
PrintDlgA
ChooseFontW
PageSetupDlgA
GetSaveFileNameW
GetFileTitleW
FindTextW
GetOpenFileNameW
GetSaveFileNameA
ChooseColorA
GetFileTitleA
LoadAlterBitmap
ChooseColorW

user32

ShowOwnedPopups
EnableWindow
MonitorFromWindow
BeginDeferWindowPos
CharUpperBuffA
EnumClipboardFormats

shell32

SHInvokePrinterCommandW
ShellAboutA
DragAcceptFiles
SHEmptyRecycleBinW
DoEnvironmentSubstW
RealShellExecuteExW
InternalExtractIconListW
SHGetInstanceExplorer
SHFileOperationA
SHGetFileInfo
RealShellExecuteW
SHEmptyRecycleBinA
ExtractAssociatedIconExW
ShellExecuteW
SheChangeDirExW
SHQueryRecycleBinW
ShellExecuteExW
DuplicateIcon
RealShellExecuteA
DragFinish
ShellAboutW
SHGetFileInfoA
SHFormatDrive

kernel32

GetCPInfo
CreateEventW
GetEnvironmentStrings
VirtualFree
InitializeCriticalSection
VirtualProtect
GetProcAddress
IsBadWritePtr
GetProfileIntW
SetLastError
RaiseException
GetTimeFormatA
SetWaitableTimer
GetDateFormatA
GetCurrentThreadId
IsValidCodePage
LCMapStringA
GetStringTypeW
HeapReAlloc
GetUserDefaultLCID
HeapAlloc
LeaveCriticalSection
GetCommandLineA
EnterCriticalSection
FreeEnvironmentStringsW
SetEnvironmentVariableA
CompareStringW
RtlMoveMemory
GetModuleHandleA
HeapCreate
ExitProcess
SetHandleCount
GetTempFileNameA
GetFileType
GetCalendarInfoW
LoadLibraryA
GetCurrentThread
IsValidLocale
HeapFree
MapViewOfFile
GetStartupInfoA
FreeEnvironmentStringsA
GetVersionExA
GetSystemInfo
UnhandledExceptionFilter
TlsSetValue
RtlUnwind
LCMapStringW
MultiByteToWideChar
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoW
InterlockedExchange
TlsAlloc
GetTickCount
CompareStringA
VirtualQuery
GetStdHandle
lstrcatA
GetTimeZoneInformation
TlsFree
EnumSystemLocalesA
GetLastError
GetACP
HeapSize
TlsGetValue
WriteProfileSectionW
GetCurrentProcess
QueryPerformanceCounter
WriteFile
GetStringTypeA
WideCharToMultiByte
HeapDestroy
VirtualAlloc
TerminateProcess
GetModuleFileNameA
GetEnvironmentStringsW
DeleteCriticalSection
GetOEMCP
GetLocaleInfoA

advapi32

RegQueryMultipleValuesA
CryptGetHashParam
RegEnumKeyExA
CreateServiceW
RegLoadKeyA
RegOpenKeyA
InitiateSystemShutdownA
InitiateSystemShutdownW
RegEnumKeyW
RegQueryInfoKeyW
CryptImportKey

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0baca68cbfc3992d7381120437f42c8a

Headers

File Characteristics

Imports

wininet

comdlg32

user32

shell32

kernel32

advapi32

Sections

.text Size: 109KB - Virtual size: 109KB

.data Size: 276KB - Virtual size: 283KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 109KB - Virtual size: 109KB

.data
Size: 276KB - Virtual size: 283KB

.rsrc
Size: 8KB - Virtual size: 7KB