ac352585f01dcd5ad8e5eba4812c3661

Sharing

Copy URL

Twitter E-mail

General

Target

ac352585f01dcd5ad8e5eba4812c3661
Size

194KB
MD5

ac352585f01dcd5ad8e5eba4812c3661
SHA1

2a5deb90cd3ceedb92424497d5946dc028af67e5
SHA256

c6ed6b33cbd0079b962198b3d839976dd7b3f9b5a06b87e9a1f90ed696bc4b2e
SHA512

e918a9f8cbfe89700bd08125934d6df04866b1ce82a7525b7222d15166e08b72a7ecf84eb084c7c2fc6578af91826de62fa4f66334d113343a907f15f7cb570b
SSDEEP

6144:Rv6uZU4DLz0x6mDeYr+gttByactB8zKw6QYJFK:RPC1DctBO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac352585f01dcd5ad8e5eba4812c3661

Files

ac352585f01dcd5ad8e5eba4812c3661
.exe windows:4 windows x86 arch:x86

f7a6f041127a4a93e4275d05d49562a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetAbortProc
AddFontResourceA
GetViewportOrgEx
StartDocW
GetICMProfileW
CreateDiscardableBitmap
CreateHalftonePalette
GetObjectW
GetCharABCWidthsW
GetPixelFormat
GetCharWidthFloatA
GetAspectRatioFilterEx
CreateDIBitmap
CreateICA
GetPaletteEntries
SetWindowExtEx
OffsetRgn
InvertRgn
GetTextFaceW
DescribePixelFormat
SetPaletteEntries
CreateRectRgn
DrawEscape
FloodFill
GetCharWidthA
CreatePenIndirect
GetWinMetaFileBits
GetKerningPairs
GetLayout
SetMapMode
GetTextCharacterExtra
GetTextColor
CreateRectRgnIndirect
PolyDraw
CreateMetaFileW
EnumFontFamiliesW
SwapBuffers
CreateColorSpaceA
EnableEUDC
UnrealizeObject
GetCharWidth32W
ResizePalette
SetPixel
GetEnhMetaFilePaletteEntries
CreateCompatibleDC
GetMapMode
SetPixelV
DeleteEnhMetaFile
GetLogColorSpaceW
GdiSetBatchLimit
GetDeviceCaps
GetGlyphOutlineA
GetCharWidthFloatW
SetMetaRgn
CreateScalableFontResourceW
EnumICMProfilesA
GdiGetBatchLimit
PtInRegion
CombineRgn
EnumFontFamiliesA
EqualRgn
CreateFontA
GetDCOrgEx
GetViewportExtEx
AnimatePalette
CreateBitmap
UpdateICMRegKeyW
SetArcDirection
SetBrushOrgEx
GetOutlineTextMetricsA
GetBoundsRect
ExtSelectClipRgn
EnumFontFamiliesExW
GetBitmapDimensionEx
GetCharacterPlacementA
AngleArc
Rectangle
GetTextFaceA
SetColorSpace
SetPixelFormat
GetTextExtentExPointA
CopyMetaFileA
DeleteMetaFile
SetBkMode
CreateSolidBrush
GetTextExtentExPointW
AbortDoc
CloseEnhMetaFile
SetMetaFileBitsEx
PolyTextOutA
SetMiterLimit
GetBitmapBits
StartDocA
GetFontLanguageInfo
Escape
EnumEnhMetaFile
GetCharWidth32A
GetBrushOrgEx
CreateScalableFontResourceA
SelectClipRgn
SetSystemPaletteUse
TranslateCharsetInfo
TextOutA
GetCharABCWidthsFloatW
CombineTransform
GetKerningPairsW
FrameRgn
DeviceCapabilitiesExA
GetOutlineTextMetricsW
PaintRgn
PlayEnhMetaFileRecord
GetBkMode
ResetDCW
GetEnhMetaFileW
GetMiterLimit
EnumFontFamiliesExA
GetLogColorSpaceA
ScaleViewportExtEx
ArcTo
SetStretchBltMode
PolyPolygon
SetBitmapDimensionEx
GetRandomRgn
RectVisible
SelectPalette
GetCharABCWidthsA
LineTo
GetDeviceGammaRamp
MaskBlt
CreatePalette
ExtTextOutW
SetWorldTransform
SetDeviceGammaRamp
UpdateICMRegKeyA
RoundRect
GetGlyphOutline
GdiPlayScript
OffsetClipRgn
Pie
GetPath
DeleteObject
GetDIBColorTable
CreatePolygonRgn
ExtTextOutA
SetICMProfileW
StrokeAndFillPath
SetMapperFlags
StartPage
DeleteDC
PolyPolyline
ChoosePixelFormat
GetCurrentObject
SetViewportOrgEx
RealizePalette
GetMetaFileBitsEx
CreatePen
CreateColorSpaceW
SetTextColor
SetViewportExtEx
EnumFontsA
PatBlt
BeginPath
GetEnhMetaFileA
SetICMProfileA
GetCharABCWidthsFloatA
ExtFloodFill
SelectObject
EndPage
CreatePolyPolygonRgn
SetColorAdjustment
GdiFlush
EnumMetaFile
GetRgnBox
GetTextExtentPoint32A
CreateEllipticRgn
DPtoLP

wininet

CreateUrlCacheEntryW
FtpDeleteFileA
FindNextUrlCacheEntryExA
SetUrlCacheHeaderData
FreeUrlCacheSpaceA
GopherFindFirstFileW
InternetGetConnectedStateExA
InternetGetLastResponseInfoA
InternetSetCookieW
UpdateUrlCacheContentPath
FindFirstUrlCacheGroup
GopherCreateLocatorA
InternetDialA
FtpSetCurrentDirectoryW
InternetCombineUrlA
FindNextUrlCacheEntryExW
InternetWriteFileExW
InternetGetCertByURLA
InternetGoOnline
InternetSecurityProtocolToStringA
InternetCanonicalizeUrlW
InternetTimeToSystemTime
InternetUnlockRequestFile
RunOnceUrlCache
InternetCanonicalizeUrlA
SetUrlCacheConfigInfoA
GopherFindFirstFileA
InternetSetCookieA
SetUrlCacheConfigInfoW
ShowClientAuthCerts
FtpDeleteFileW
UnlockUrlCacheEntryFileA
InternetShowSecurityInfoByURLA
FtpCreateDirectoryA
RetrieveUrlCacheEntryStreamW
InternetOpenUrlW
InternetDialW
IsUrlCacheEntryExpiredW
GetUrlCacheConfigInfoW
InternetSetDialState
GetUrlCacheEntryInfoA
InternetReadFileExW
HttpSendRequestA
FtpPutFileA
InternetConfirmZoneCrossing
InternetConnectA
FindFirstUrlCacheEntryExW
GopherGetAttributeW
InternetAutodialHangup
InternetSetOptionA
InternetGetConnectedState
GopherGetAttributeA
FindFirstUrlCacheContainerA
HttpEndRequestA
HttpCheckDavCompliance
DeleteUrlCacheEntryA
DeleteUrlCacheEntryW
GopherCreateLocatorW
GopherOpenFileA
UrlZonesDetach
FtpOpenFileA
InternetReadFileExA
InternetTimeFromSystemTimeA
RegisterUrlCacheNotification
CreateUrlCacheGroup
SetUrlCacheEntryGroupW
RetrieveUrlCacheEntryFileA
UnlockUrlCacheEntryStream
FtpGetFileA
SetUrlCacheGroupAttributeA
HttpSendRequestW
FindFirstUrlCacheEntryA
FindFirstUrlCacheEntryW
RetrieveUrlCacheEntryFileW
DeleteUrlCacheContainerW
InternetSetDialStateW
InternetTimeToSystemTimeW
FtpRenameFileA
InternetTimeFromSystemTimeW
FtpGetFileEx
InternetSetOptionExW
InternetCreateUrlA
InternetGetConnectedStateExW
GopherOpenFileW
InternetGoOnlineW
InternetAutodial
FindFirstUrlCacheEntryExA
FindNextUrlCacheEntryW
InternetConfirmZoneCrossingA
FtpCommandA
InternetCrackUrlW
HttpQueryInfoW
InternetConnectW
SetUrlCacheEntryGroup
FtpFindFirstFileW
GetUrlCacheHeaderData
InternetCreateUrlW
GetUrlCacheGroupAttributeW
HttpOpenRequestA
InternetCheckConnectionW
CreateUrlCacheContainerA
InternetTimeFromSystemTime
FtpRemoveDirectoryA
HttpSendRequestExW
InternetHangUp
DeleteUrlCacheGroup
FreeUrlCacheSpaceW
InternetInitializeAutoProxyDll
HttpQueryInfoA
FindNextUrlCacheEntryA
InternetWriteFile
InternetQueryOptionA
InternetGetLastResponseInfoW
InternetSetFilePointer
GetUrlCacheEntryInfoW
InternetShowSecurityInfoByURLW
FindNextUrlCacheContainerA
InternetGetConnectedStateEx
InternetShowSecurityInfoByURL
CommitUrlCacheEntryA
HttpAddRequestHeadersA
InternetSecurityProtocolToStringW
FtpRemoveDirectoryW
GetUrlCacheGroupAttributeA
InternetQueryDataAvailable
FtpGetCurrentDirectoryW
IncrementUrlCacheHeaderData
FtpRenameFileW
GetUrlCacheEntryInfoExA
InternetCloseHandle
SetUrlCacheEntryGroupA
FtpCreateDirectoryW
DetectAutoProxyUrl
CommitUrlCacheEntryW
InternetLockRequestFile
HttpSendRequestExA
InternetGetCookieW
UnlockUrlCacheEntryFileW
FtpCommandW
GopherGetLocatorTypeW
IsHostInProxyBypassList
CreateUrlCacheEntryA
FtpGetFileSize
InternetAttemptConnect
InternetGoOnlineA
FtpPutFileEx
InternetDial
InternetCheckConnectionA
InternetAlgIdToStringW
RetrieveUrlCacheEntryStreamA
SetUrlCacheEntryInfoW
ShowCertificate
FindCloseUrlCache
InternetQueryOptionW
GopherGetLocatorTypeA
InternetFindNextFileA
InternetErrorDlg
InternetTimeToSystemTimeA
InternetGetCookieA
InternetAlgIdToStringA
DeleteIE3Cache
InternetCombineUrlW
InternetFortezzaCommand
FindNextUrlCacheGroup
UnlockUrlCacheEntryFile
FindFirstUrlCacheContainerW
ShowX509EncodedCertificate
InternetOpenW
InternetConfirmZoneCrossingW
FtpGetFileW
InternetOpenA
InternetQueryFortezzaStatus
GetUrlCacheEntryInfoExW
InternetSetOptionW
InternetReadFile
ShowSecurityInfo
HttpAddRequestHeadersW
HttpEndRequestW
DeleteUrlCacheEntry
InternetWriteFileExA
HttpOpenRequestW
FtpFindFirstFileA
ReadUrlCacheEntryStream
DeleteUrlCacheContainerA
InternetGetCertByURL
FindNextUrlCacheContainerW
InternetSetOptionExA

shell32

SheChangeDirExA
SHFreeNameMappings
ShellExecuteW
SheChangeDirW
ShellExecuteExW

comdlg32

GetOpenFileNameW
PageSetupDlgA
ChooseColorA
GetSaveFileNameW
ReplaceTextW
ChooseFontW

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f7a6f041127a4a93e4275d05d49562a4

Headers

File Characteristics

Imports

gdi32

wininet

shell32

comdlg32

Sections

.text Size: 78KB - Virtual size: 77KB

.data Size: 116KB - Virtual size: 115KB

.text
Size: 78KB - Virtual size: 77KB

.data
Size: 116KB - Virtual size: 115KB