a3179a844935496505b6a929b7d29c51

Sharing

Copy URL Twitter E-mail

General

Target

a3179a844935496505b6a929b7d29c51
Size

528KB
MD5

a3179a844935496505b6a929b7d29c51
SHA1

40d225ab1fa7fc829f72b6c14c1129ccfb2f4461
SHA256

e481df725104987c2f1a7779eed5e6602fdf3b2b5fbfa87419c53e4f1db8f689
SHA512

1e9d8ff8b2ae2be3e0baa6623dab820f2b2b788e6d6348bef2ebf6da5f7a09f1da5db4881da56b8786a5919faed196f1c840c1de82f8e0631e648c13d3f0dbe9
SSDEEP

12288:0VUbHJmScz9tsMvFhYRN1r5ICQZtmDRwU/4IaSvnK6BqO6gzDApDUW0Y0iJq195W:nmScvpv7YRN1r5IgDiU/Vvvn5BqkDaUk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3179a844935496505b6a929b7d29c51

Files

a3179a844935496505b6a929b7d29c51
.exe windows:4 windows x86 arch:x86

04a85e98ad7635bf843ca6379f119d17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\ecgwsdyy\kheirmyxb\nxfsesejd\aje\c

Imports

user32

CharLowerW
AdjustWindowRectEx
GetDlgItemTextW
GetClipboardOwner
GetUpdateRgn
RegisterClassA
CreateWindowExA
DdeDisconnect
MessageBoxA
GetDlgCtrlID
GetClipboardData
ShowWindow
IsDialogMessageW
ChangeClipboardChain
RegisterClassExA

kernel32

GetFileType
GetCurrentProcess
GetProcAddress
CreateFileMappingA
IsDebuggerPresent
GetModuleFileNameW
GetModuleFileNameA
OpenMutexA
SetStdHandle
HeapDestroy
VirtualAlloc
CreateMutexA
GetLocaleInfoW
GetCurrentProcessId
MultiByteToWideChar
IsValidCodePage
GetDateFormatA
HeapSize
DeleteCriticalSection
WriteFile
Sleep
GetLocaleInfoA
HeapReAlloc
EnterCriticalSection
GetStringTypeA
SetLastError
GetSystemTimeAsFileTime
VirtualFree
HeapAlloc
CompareStringW
VirtualQuery
LCMapStringW
SetEnvironmentVariableA
GetModuleHandleW
UnhandledExceptionFilter
EnumCalendarInfoExW
GetCPInfo
GlobalFlags
GetProfileSectionW
GetTickCount
GetStartupInfoA
TlsGetValue
SetConsoleCtrlHandler
GetConsoleOutputCP
SetUnhandledExceptionFilter
HeapCreate
FindFirstFileExW
FlushFileBuffers
GetTimeZoneInformation
GetOEMCP
SetHandleCount
RtlUnwind
TlsAlloc
GetTimeFormatA
SetFilePointer
InterlockedIncrement
CompareStringA
GetModuleHandleA
WriteConsoleOutputW
WriteConsoleA
TerminateProcess
ReadFile
GetStdHandle
GetUserDefaultLCID
IsValidLocale
FreeLibrary
GetStringTypeW
GetCommandLineW
InterlockedDecrement
GetStartupInfoW
EnumSystemLocalesA
ExitProcess
LoadLibraryA
GetCurrentThread
InitializeCriticalSectionAndSpinCount
GetLastError
HeapFree
LCMapStringA
CreateFileA
MoveFileExW
TlsFree
GetConsoleMode
WriteProfileStringA
GetShortPathNameW
WideCharToMultiByte
EnumResourceTypesA
GetCurrentThreadId
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetConsoleCP
WriteConsoleW
QueryPerformanceCounter
GetACP
GetCommandLineA
CloseHandle
InterlockedExchange
LeaveCriticalSection
FindFirstFileW
TlsSetValue

gdi32

SetMetaRgn
CreateDIBSection
CreateDCA
GetDeviceCaps
DeleteDC
CreatePolygonRgn
GetWorldTransform
GetEnhMetaFileBits
GetKerningPairsW

advapi32

RegEnumKeyW
RegSaveKeyA
DuplicateToken
CryptExportKey
RegDeleteKeyA
CryptGetKeyParam
StartServiceA
RegQueryValueA
RegCreateKeyExA
CryptReleaseContext
RegRestoreKeyA
DuplicateTokenEx
RegLoadKeyW

comctl32

CreatePropertySheetPageA
ImageList_Destroy
ImageList_Read
ImageList_Create
ImageList_AddIcon
ImageList_GetIconSize
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_SetOverlayImage

wininet

FtpPutFileA
InternetCrackUrlA
InternetSetDialStateA
InternetGetConnectedStateEx

Sections

.text
Size: 321KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04a85e98ad7635bf843ca6379f119d17

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

gdi32

advapi32

comctl32

wininet

Sections

.text Size: 321KB - Virtual size: 320KB

.rdata Size: 47KB - Virtual size: 61KB

.data Size: 103KB - Virtual size: 103KB

.rsrc Size: 55KB - Virtual size: 54KB

.text
Size: 321KB - Virtual size: 320KB

.rdata
Size: 47KB - Virtual size: 61KB

.data
Size: 103KB - Virtual size: 103KB

.rsrc
Size: 55KB - Virtual size: 54KB