75f4c1ba79961c3847c529aa0b3c52b4

Sharing

Copy URL Twitter E-mail

General

Target

75f4c1ba79961c3847c529aa0b3c52b4
Size

588KB
MD5

75f4c1ba79961c3847c529aa0b3c52b4
SHA1

f0daf0bb328a1bb14880e74fe57065a2dfdebb5e
SHA256

1965789bcfbfa00f0a89723f2e5e43c0a3a6101874f16a506f29159c976d72ce
SHA512

64b57b84a849eface5aa59392a0f5855a4dff30c5c0f1dd12306a17e09607e7b6e26c5ff2559ebf840af3bc9d55435a9c25a0c3537e5ea9d1d7e9e0d54f813ac
SSDEEP

12288:mFOI6+fc/0ULj1gYZYxt8J7HCyZpSJ7x1KKECt9P3iDsl:mFO/Uc/0ULj1jZYxWhHzZYJ7+hC3a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75f4c1ba79961c3847c529aa0b3c52b4

Files

75f4c1ba79961c3847c529aa0b3c52b4
.exe windows:4 windows x86 arch:x86

48eee2b7e804d8e2f66d8f897385fbd2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

SetUrlCacheConfigInfoA
CreateUrlCacheContainerA

user32

MessageBoxIndirectA
DestroyWindow
UnregisterHotKey
LoadImageW
DestroyCursor
RegisterClassExA
RegisterClassA
DdeFreeStringHandle
SetScrollRange
CreateDesktopA
ChangeDisplaySettingsExW
GetWindowWord
CreatePopupMenu
TranslateAcceleratorW
MessageBoxExA
AnimateWindow
OemKeyScan
MessageBoxA
CreateWindowExA
GetKeyNameTextW
DdeGetData
DefWindowProcA
CreateIcon
GetMenuInfo
ShowWindow
GetPropA
RedrawWindow
GetMenuContextHelpId
EnumDisplaySettingsW
ClientToScreen
GetGUIThreadInfo
GetFocus
IsWindow
DestroyIcon
LoadBitmapW
ScreenToClient
LoadIconA

advapi32

CryptEncrypt
AbortSystemShutdownW
CryptReleaseContext
RegSetKeySecurity
LookupPrivilegeDisplayNameA
RegDeleteValueW
RegConnectRegistryA
CryptVerifySignatureW
CreateServiceA
RegQueryMultipleValuesW
GetUserNameW
LookupAccountNameA
CryptGetHashParam
RegRestoreKeyA
CryptSetHashParam
LookupPrivilegeValueW
LookupPrivilegeValueA
CryptHashSessionKey
LogonUserW

gdi32

PolyBezier
CancelDC
GetObjectType
PolylineTo

comctl32

GetEffectiveClientRect
ImageList_Copy
ImageList_ReplaceIcon
InitCommonControlsEx
ImageList_AddMasked
ImageList_GetFlags
ImageList_SetDragCursorImage
ImageList_Create
ImageList_GetImageCount
ImageList_SetBkColor
ImageList_Destroy
ImageList_GetDragImage
MakeDragList
ImageList_EndDrag
ImageList_Add
ImageList_AddIcon
CreateUpDownControl
ImageList_GetImageInfo

kernel32

FreeEnvironmentStringsA
InterlockedDecrement
ReadFileEx
GetNumberFormatW
RemoveDirectoryW
GetCommandLineA
GetConsoleMode
SetLastError
WideCharToMultiByte
CloseHandle
VirtualAlloc
GetFileSize
LeaveCriticalSection
TlsFree
TerminateProcess
SetFilePointer
GetLocaleInfoA
SetLocalTime
GetStartupInfoA
CompareStringW
InterlockedExchange
GetThreadTimes
EnterCriticalSection
GetCommandLineW
IsDebuggerPresent
LoadLibraryA
SetConsoleCursorInfo
GetCurrentThreadId
CreateRemoteThread
VirtualQuery
SetLocaleInfoW
LockFile
CreateDirectoryW
MoveFileExW
TlsAlloc
FindResourceA
ContinueDebugEvent
LocalFree
WriteConsoleA
VirtualProtectEx
GetStringTypeExW
GetStringTypeW
CompareStringA
GetStartupInfoW
IsBadWritePtr
EnumSystemCodePagesW
FindNextFileA
DeleteFileA
EnumCalendarInfoA
LCMapStringW
InterlockedIncrement
GetFileType
GetShortPathNameA
SetPriorityClass
SetConsoleMode
SleepEx
GetSystemTimeAsFileTime
GlobalAlloc
OpenMutexA
GetThreadSelectorEntry
GetComputerNameW
LocalReAlloc
InitializeCriticalSection
GetVersion
LocalSize
WaitForMultipleObjects
SetHandleCount
ReadFile
GetCPInfo
HeapFree
GetStringTypeExA
GetCurrentProcess
GetModuleHandleA
SetUnhandledExceptionFilter
DeleteFiber
UnhandledExceptionFilter
GetCurrencyFormatA
RtlMoveMemory
QueryPerformanceCounter
SetCriticalSectionSpinCount
TlsSetValue
RtlUnwind
FlushFileBuffers
FreeEnvironmentStringsW
GetModuleFileNameA
GetSystemTime
VirtualFree
GetProcAddress
HeapCreate
GlobalFindAtomA
GetEnvironmentStrings
OpenSemaphoreA
GetLastError
SetThreadContext
IsValidCodePage
FoldStringA
HeapReAlloc
GetCurrentProcessId
EnumDateFormatsW
GetStdHandle
HeapAlloc
GetLocalTime
lstrcmpW
FoldStringW
GetConsoleTitleW
WriteFile
GetModuleFileNameW
SetEnvironmentVariableA
WritePrivateProfileSectionW
GetPrivateProfileSectionW
GetTickCount
lstrcat
DeleteCriticalSection
CreateDirectoryA
EnumDateFormatsA
MultiByteToWideChar
GetEnvironmentStringsW
CreateMutexA
WritePrivateProfileStringW
SetStdHandle
GetStringTypeA
TlsGetValue
SetConsoleTitleW
LCMapStringA
ExitProcess
GetCurrentThread
HeapDestroy
GetLogicalDriveStringsA
GetPrivateProfileIntA
GetTimeZoneInformation

Sections

.text
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48eee2b7e804d8e2f66d8f897385fbd2

Headers

File Characteristics

Imports

wininet

user32

advapi32

gdi32

comctl32

kernel32

Sections

.text Size: 192KB - Virtual size: 188KB

.rdata Size: 256KB - Virtual size: 253KB

.data Size: 112KB - Virtual size: 134KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 192KB - Virtual size: 188KB

.rdata
Size: 256KB - Virtual size: 253KB

.data
Size: 112KB - Virtual size: 134KB

.rsrc
Size: 24KB - Virtual size: 20KB