976b2261b26fba5e57dfa2c9d3a6aeb8

Sharing

Copy URL

Twitter E-mail

General

Target

976b2261b26fba5e57dfa2c9d3a6aeb8
Size

84KB
MD5

976b2261b26fba5e57dfa2c9d3a6aeb8
SHA1

38f553e9fec6c84ced36918a506b458b024e0234
SHA256

ac5ae6ddc2d68524c4f41b0327a9510767a44747582992cb57744d23d895f841
SHA512

90d24765f1640e0ecd3045cb20e4621e942f7227d7083e2a0b6fc45a8ce71400a828aecf218fc5159b3d1860b93423cfd9437173e3f0e98d6243656c2d8a3fef
SSDEEP

1536:T727NGtQkU3HlNuYOD0cWENIlCjNpapX5xBt7Yw0pewn8+8:HUNGtk3FNutD0cWENIyNpa5bzkSt+8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
976b2261b26fba5e57dfa2c9d3a6aeb8

Files

976b2261b26fba5e57dfa2c9d3a6aeb8
.exe windows:4 windows x86 arch:x86

6e9fb16bb8073fb7a808725c81d732e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetLastError
CreateMutexA
GetProcAddress
LoadLibraryA
GetTempPathA
CreateProcessA
CreateProcessW
ExitProcess
TerminateProcess
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
WriteFile
GetModuleFileNameA
WinExec
DeleteFileA
lstrcpyA
SetFilePointer
GetFileSize
CopyFileW
GetModuleFileNameW
MoveFileW
lstrcatW
lstrcpyW
GetSystemDirectoryW
LoadLibraryW
Sleep
GetCommandLineA
GetModuleHandleA
GetStartupInfoA
CreateFileA
ReadFile
CloseHandle
GetSystemDirectoryA
GetShortPathNameA
lstrcatA

user32

SetWindowsHookExA
UnhookWindowsHookEx
wsprintfA

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegCreateKeyA
RegQueryValueExA

shell32

SHChangeNotify
ShellExecuteExA

msvcp60

?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Xlen@std@@YAXXZ
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetGetConnectedState

msvcrt

__setusermatherr
_adjust_fdiv
__p__commode
_controlfp
_initterm
__getmainargs
__p__fmode
_except_handler3
_acmdln
__set_app_type
__CxxFrameHandler
memmove
_snprintf
atoi
??2@YAPAXI@Z
strstr
free
__dllonexit
_onexit
_exit
_XcptFilter
exit

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6e9fb16bb8073fb7a808725c81d732e7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcp60

wininet

msvcrt

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 69KB - Virtual size: 69KB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 69KB - Virtual size: 69KB