970a2d76e82df800b0d21797d7791110

Sharing

Copy URL Twitter E-mail

General

Target

970a2d76e82df800b0d21797d7791110
Size

385KB
MD5

970a2d76e82df800b0d21797d7791110
SHA1

c4c9cd29ecd11e62e4c9f4aff7c39f912321981c
SHA256

0834d719233b7befce935ad8bef4bda94b4b14ff35194e83ed55c722799d4b02
SHA512

b7601ce1fe3e1f333c44b7b0084b8aad466509d6dc3154f7b30d982d6ad5b442a87b9b4f0df19c9f36d429a9a31d983d18bfb3403341876d2d60591d67f49cec
SSDEEP

6144:UrmFz3hfzK1m0zu3q4M0fvPgJGEQqTiSvAn6d7Y/DLw4cVOP7+sKjgYod:UyFdomKgPgJLQ4hYnGaD0/ViJMfo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
970a2d76e82df800b0d21797d7791110

Files

970a2d76e82df800b0d21797d7791110
.exe windows:4 windows x86 arch:x86

a687609ca4e2c5f6522c833ccb4a64f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForDebugEvent
GetStartupInfoW
VirtualFree
LoadLibraryW
GetEnvironmentStrings
CreateFileMappingA
HeapAlloc
LoadLibraryA
GetProcessShutdownParameters
TlsSetValue
GlobalSize
EnumResourceLanguagesA
OpenSemaphoreA
GetCurrencyFormatW
InterlockedExchange
TlsAlloc
LocalUnlock
GetLastError
GetModuleFileNameW
WriteConsoleOutputCharacterW
EnterCriticalSection
GetConsoleCP
GetStartupInfoA
DeleteCriticalSection
GetConsoleCursorInfo
HeapCreate
GetCommandLineW
GetFileType
GetProcAddress
LoadLibraryExA
GetEnvironmentStringsW
HeapFree
FormatMessageW
LocalFileTimeToFileTime
GetShortPathNameA
HeapDestroy
VirtualQuery
TlsGetValue
InitializeCriticalSection
WriteFile
DeleteFiber
IsBadWritePtr
GetNamedPipeHandleStateA
GetCurrentThread
HeapReAlloc
TlsFree
ExitProcess
SetSystemTime
EnumTimeFormatsW
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
SetHandleCount
GetModuleHandleA
FreeEnvironmentStringsW
LeaveCriticalSection
MultiByteToWideChar
GetCurrentThreadId
RtlUnwind
GetStdHandle
WritePrivateProfileStructW
GetCommandLineA
GetCurrentProcessId
GetModuleFileNameA
SetLastError
GetLogicalDriveStringsA
GetCompressedFileSizeA
GetTickCount
GetVersion
GetConsoleTitleW
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
UnhandledExceptionFilter

gdi32

GetCurrentPositionEx
EndDoc
GetGraphicsMode
GetTextExtentExPointA
CloseFigure
PolylineTo
CreateFontW
StrokeAndFillPath
StrokePath
GetSystemPaletteUse
EnumICMProfilesW
DescribePixelFormat
RoundRect
FillRgn

wininet

InternetSetOptionExA
RetrieveUrlCacheEntryFileW
GetUrlCacheEntryInfoExA
InternetQueryOptionA
GetUrlCacheConfigInfoA
DeleteUrlCacheEntryA
FindFirstUrlCacheEntryW
SetUrlCacheEntryInfoA
HttpOpenRequestA
DeleteIE3Cache
GopherCreateLocatorA

advapi32

LookupPrivilegeValueW
RegDeleteKeyW
InitiateSystemShutdownW
DuplicateToken

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a687609ca4e2c5f6522c833ccb4a64f7

Headers

File Characteristics

Imports

kernel32

gdi32

wininet

advapi32

Sections

.text Size: 114KB - Virtual size: 114KB

.data Size: 268KB - Virtual size: 274KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 114KB - Virtual size: 114KB

.data
Size: 268KB - Virtual size: 274KB

.rsrc
Size: 2KB - Virtual size: 1KB