86e6458765652537466b50a2f90fc06e

Sharing

Copy URL

Twitter E-mail

General

Target

86e6458765652537466b50a2f90fc06e
Size

512KB
MD5

86e6458765652537466b50a2f90fc06e
SHA1

cbf8cedf52fc1f374bfbd3c36f7d8c384c037996
SHA256

ae0e20682a364e79dc869f94749bc34298447fae0ea35d14292e01560fecef0c
SHA512

e9a0b15674d3f2c2b2ca2bb2963b37fde85d6ab1c44136a39828d506563d62d299f3e2b2c4af4471504bc920480b5f3fadbf73e37d9054f8d88fa9d745e85e63
SSDEEP

12288:9ueDWnyknlU1xgclBw2MDOeC/FSEiW3ER12MuiQNbGEv2D3naY+gGRNY:ccWvnluxgclC2MSeiOWSWNaEnYe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86e6458765652537466b50a2f90fc06e

Files

86e6458765652537466b50a2f90fc06e
.exe windows:4 windows x86 arch:x86

a075af83f8f87180f5082ccb6ec138d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Draw
ImageList_SetIconSize
ImageList_Read
CreateStatusWindow
ImageList_SetFilter
ImageList_SetOverlayImage
InitMUILanguage
ImageList_GetIconSize
CreateToolbar
_TrackMouseEvent
CreatePropertySheetPage
ImageList_GetImageCount
CreatePropertySheetPageW
ImageList_GetDragImage
DrawInsert
InitCommonControlsEx
ImageList_GetImageRect
ImageList_Create

shell32

RealShellExecuteW
DragFinish
InternalExtractIconListA

user32

GetWindowTextW
DefWindowProcA
CloseDesktop
OemToCharW
DefDlgProcW
ShowWindow
OpenDesktopW
InSendMessageEx
ChangeMenuA
LoadBitmapA
DragObject
SetMenuItemBitmaps
CharToOemBuffA
GetClassNameW
GetUserObjectInformationW
ToUnicode
CreateWindowExW
DdeQueryStringW
GetWindow
DrawIconEx
EmptyClipboard
RegisterClassA
DdeKeepStringHandle
RegisterClassExA
DestroyWindow
SetMenuItemInfoA
DispatchMessageA
SetWindowPlacement
ShowCaret
GetUserObjectInformationA
GetAsyncKeyState
UnionRect
PostThreadMessageW
MessageBoxA
GetMessageTime
GetCursorPos
DrawAnimatedRects
SetMenuItemInfoW
SetThreadDesktop
MessageBoxW
CallMsgFilterW
GetKeyNameTextA

wininet

FtpRenameFileW
FtpRemoveDirectoryW
InternetQueryFortezzaStatus
FtpFindFirstFileA
GopherGetAttributeA

advapi32

CryptDestroyHash
InitiateSystemShutdownW
RegEnumKeyW
RegQueryMultipleValuesW
CryptSetProviderW
CryptSetKeyParam
ReportEventA
CryptHashSessionKey
RegEnumKeyExW
RegQueryInfoKeyW
LookupPrivilegeNameW
RegDeleteValueW
RegQueryMultipleValuesA
CryptEnumProviderTypesW
CryptGenRandom
RegSetKeySecurity
CryptSetProviderExW
RegCreateKeyExA
AbortSystemShutdownA
CryptCreateHash
RegSetValueA
CryptSetHashParam

kernel32

WriteFile
SetThreadLocale
TerminateProcess
GetAtomNameA
QueryPerformanceCounter
GetCurrentProcessId
SetLastError
VirtualFree
GetProfileSectionW
GetVersion
LocalSize
IsBadWritePtr
LCMapStringA
GetLastError
GetComputerNameW
lstrcmpi
ReadConsoleInputW
LCMapStringW
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
WideCharToMultiByte
UnlockFile
GetTimeFormatW
lstrcmp
LeaveCriticalSection
SetEnvironmentVariableA
GetCommandLineA
FileTimeToDosDateTime
SetHandleCount
IsBadReadPtr
InterlockedIncrement
FlushFileBuffers
GetProfileStringA
CreateWaitableTimerW
DeleteCriticalSection
GetModuleHandleA
SetFileAttributesW
EnumSystemLocalesA
FreeEnvironmentStringsW
GetStringTypeA
GetPrivateProfileIntA
SetConsoleActiveScreenBuffer
ReadConsoleOutputW
HeapCreate
DeleteFileW
InterlockedDecrement
SetLocaleInfoW
CompareStringA
ExpandEnvironmentStringsA
FindResourceExW
TlsAlloc
GetStartupInfoA
OutputDebugStringA
GetSystemDirectoryW
GetFileType
GetEnvironmentStringsW
HeapReAlloc
InitializeCriticalSection
HeapAlloc
DosDateTimeToFileTime
SetFilePointer
ExitProcess
EnumSystemCodePagesA
CreateMutexA
VirtualQuery
CloseHandle
RtlUnwind
ReadFile
ReadConsoleA
SetStdHandle
SetConsoleTitleW
CreateFileMappingW
TlsFree
lstrcpynA
GetStartupInfoW
GetModuleFileNameA
EnterCriticalSection
SystemTimeToTzSpecificLocalTime
SetConsoleTextAttribute
LoadLibraryA
TlsGetValue
GetSystemTime
OpenMutexA
VirtualProtectEx
SetConsoleOutputCP
InterlockedExchange
UnhandledExceptionFilter
GetStdHandle
CreateDirectoryA
SetThreadContext
GetLocalTime
GetCurrentThread
GetProfileIntA
HeapFree
GetCPInfo
GetCurrentThreadId
WriteProfileStringA
GetTickCount
GetModuleFileNameW
FillConsoleOutputAttribute
FindFirstFileExW
GetSystemDirectoryA
GetStringTypeW
GetDiskFreeSpaceExW
lstrcpyn
TransactNamedPipe
VirtualAlloc
WaitForDebugEvent
GetPrivateProfileSectionW
GlobalSize
GlobalCompact
MoveFileW
GetCurrentProcess
GetCommandLineW
GetEnvironmentStrings
GetProcAddress
HeapDestroy
GetLocaleInfoW
GlobalLock
OpenSemaphoreW
MultiByteToWideChar
ReadConsoleOutputCharacterA
TlsSetValue
CompareStringW
GetTimeZoneInformation

Sections

.text
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a075af83f8f87180f5082ccb6ec138d1

Headers

File Characteristics

Imports

comctl32

shell32

user32

wininet

advapi32

kernel32

Sections

.text Size: 132KB - Virtual size: 130KB

.rdata Size: 252KB - Virtual size: 251KB

.data Size: 108KB - Virtual size: 136KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 132KB - Virtual size: 130KB

.rdata
Size: 252KB - Virtual size: 251KB

.data
Size: 108KB - Virtual size: 136KB

.rsrc
Size: 16KB - Virtual size: 13KB