8a948d19d1607cee7c3c558e5fa75314

Sharing

Copy URL

Twitter E-mail

General

Target

8a948d19d1607cee7c3c558e5fa75314
Size

612KB
MD5

8a948d19d1607cee7c3c558e5fa75314
SHA1

aa71863d6359f4cc0b437c250c22c8f520499056
SHA256

45b61c47602467399f7e182503b871d3bd6b9e2fc9a60df3e49a07c8f8e5f2c1
SHA512

89ee9c59e95be4fc5c175367e138fa26f8d5a179c1d656776062624d0cea79f5bef273994add4ba283c35b0e980e4e2634aee5917711ae442638835c97434db2
SSDEEP

12288:ZG6UeqAaJ6SqlhV4DgN5h+o8+XoLTAKyxvdle/+wd2xLw:Z+eqAaJ6X+V4XBLxv3g+5w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a948d19d1607cee7c3c558e5fa75314

Files

8a948d19d1607cee7c3c558e5fa75314
.exe windows:4 windows x86 arch:x86

e2dfcec4e578c6d8d4604d017aa0c405

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpOpenRequestA

shell32

ExtractIconEx
InternalExtractIconListW
SHQueryRecycleBinA
ShellHookProc
DoEnvironmentSubstA

comctl32

ImageList_Create
DrawStatusText
CreatePropertySheetPageW
ImageList_SetFlags
ImageList_Destroy
ImageList_GetImageInfo
ImageList_GetImageCount
InitCommonControlsEx
_TrackMouseEvent
ImageList_Write

kernel32

FindResourceA
VirtualQuery
LocalSize
TlsFree
SetStdHandle
WideCharToMultiByte
CreateDirectoryW
CommConfigDialogW
CreateEventA
FindNextFileA
LeaveCriticalSection
HeapCreate
GetWindowsDirectoryW
WaitCommEvent
EnumSystemLocalesA
GetProcAddress
HeapFree
SetComputerNameA
CompareStringW
QueryPerformanceCounter
GetFileType
IsValidCodePage
GetLastError
SetHandleCount
SetCurrentDirectoryA
GetTickCount
OpenSemaphoreA
GetACP
ExitProcess
SetUnhandledExceptionFilter
GetConsoleCP
GetProcessHeaps
GetShortPathNameA
HeapAlloc
GetConsoleCursorInfo
GetModuleHandleA
IsValidLocale
LoadLibraryA
GetCurrentDirectoryW
GetConsoleMode
CompareStringA
CreateThread
GetConsoleOutputCP
OpenWaitableTimerA
ReadFile
GetStartupInfoW
GetStringTypeA
HeapSize
Sleep
SetVolumeLabelW
InitializeCriticalSection
GlobalLock
MapViewOfFile
GetDiskFreeSpaceExW
CloseHandle
WriteConsoleW
GetCurrentThread
EnumResourceNamesA
EnumCalendarInfoW
GetStartupInfoA
WriteConsoleA
GetDiskFreeSpaceW
GetSystemDirectoryA
FreeEnvironmentStringsA
LoadLibraryW
GetTimeFormatA
CreateMailslotW
RtlUnwind
CreateMutexA
GetLocaleInfoW
DeleteCriticalSection
HeapReAlloc
CreateDirectoryExA
GetProfileSectionW
EnumDateFormatsW
GetEnvironmentStrings
GetPrivateProfileStringA
GetShortPathNameW
TransmitCommChar
GetCommandLineA
GetLogicalDrives
GetEnvironmentStringsW
GetCPInfo
GetUserDefaultLCID
TlsAlloc
GetVersionExA
GetStdHandle
GetProfileIntA
VirtualFree
EnterCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcess
GlobalGetAtomNameW
OpenWaitableTimerW
TlsGetValue
LCMapStringW
EnumSystemCodePagesW
InterlockedDecrement
CopyFileExA
DeleteFileW
VirtualAlloc
lstrcpy
GetCurrentProcessId
lstrcpyn
OpenSemaphoreW
HeapDestroy
lstrcmpA
GetLocaleInfoA
SetFilePointer
FreeEnvironmentStringsW
GetCommandLineW
SetConsoleCursorInfo
TlsSetValue
TerminateProcess
SetComputerNameW
WriteConsoleOutputW
GetTimeZoneInformation
FindNextChangeNotification
InterlockedExchangeAdd
FillConsoleOutputCharacterA
GetOEMCP
CreateWaitableTimerW
VirtualFreeEx
ReleaseSemaphore
CreateFileMappingA
SetEnvironmentVariableA
FreeLibrary
IsDebuggerPresent
GetDateFormatA
SetConsoleCtrlHandler
LCMapStringA
SetCriticalSectionSpinCount
MultiByteToWideChar
InterlockedIncrement
GetVersionExW
GetStringTypeW
RtlMoveMemory
GetModuleFileNameW
GetCurrentThreadId
WriteFile
UnhandledExceptionFilter
CreateFileA
WriteProfileStringA
OpenMutexA
GetProfileSectionA
GetPrivateProfileSectionA
InterlockedExchange
SetFileAttributesA
GetModuleFileNameA
SetWaitableTimer
FlushFileBuffers
GetProcessHeap
SetLastError
GetExitCodeProcess

user32

ExcludeUpdateRgn
IsZoomed
RegisterClassExA
GetMenuItemCount
GetMenuCheckMarkDimensions
SetDebugErrorLevel
DrawTextA
SetMessageQueue
SetUserObjectInformationW
RedrawWindow
DrawEdge
IsCharAlphaNumericW
GetKeyState
wsprintfA
SetClipboardData
VkKeyScanExW
OpenClipboard
DdeAddData
SetClipboardViewer
EditWndProc
GetScrollPos
SwitchToThisWindow
TrackPopupMenu
SetMessageExtraInfo
IsCharUpperW
GetWindowTextW
SetProcessWindowStation
GetKeyboardLayoutList
PeekMessageA
RegisterClassA
HideCaret
GetDlgCtrlID
DefDlgProcA
DdeUninitialize
IsCharLowerA
LoadIconW
DrawFrame
PostQuitMessage
DeleteMenu
SetUserObjectSecurity
CopyIcon
LoadBitmapW
MessageBoxIndirectW
DdeCreateStringHandleA
TranslateMessage
GetKeyNameTextW
SetMenuItemBitmaps
GetScrollBarInfo
DdeReconnect

comdlg32

LoadAlterBitmap
ChooseColorA
ReplaceTextA
PageSetupDlgW

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2dfcec4e578c6d8d4604d017aa0c405

Headers

File Characteristics

Imports

wininet

shell32

comctl32

kernel32

user32

comdlg32

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 268KB - Virtual size: 265KB

.data Size: 112KB - Virtual size: 118KB

.rsrc Size: 64KB - Virtual size: 61KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 268KB - Virtual size: 265KB

.data
Size: 112KB - Virtual size: 118KB

.rsrc
Size: 64KB - Virtual size: 61KB