aca9cc54766276aff9246bedbd98e4b2

Sharing

Copy URL Twitter E-mail

General

Target

aca9cc54766276aff9246bedbd98e4b2
Size

674KB
MD5

aca9cc54766276aff9246bedbd98e4b2
SHA1

b4f53742d66d700cd86323757c1378c63e19a1f9
SHA256

da91ad5b614b08720572f31db3663992c0fa30fcf2ca31cf7706b5c88b7b67ac
SHA512

79803db495a967f3a30ea1d4a91b8f13d34a12aef688d561ecca444f262f86cd51b5965bf1d0e30101076a30f160348076482fc10cb212d83601b96ff0515170
SSDEEP

12288:z2fDJGIm72+eWzm98qWyr8JadRnpuyvR+e/BIyU+BnDFfKTJB4a09AHJ8JVD:MJw6+nSpH/pNBDlKTv4a09Aw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aca9cc54766276aff9246bedbd98e4b2

Files

aca9cc54766276aff9246bedbd98e4b2
.exe windows:4 windows x86 arch:x86

3df023669170b55cf2784eb694e2d0f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

SetUrlCacheEntryInfoA
HttpOpenRequestW
CreateUrlCacheContainerW
GetUrlCacheEntryInfoW
InternetQueryOptionA
HttpSendRequestExW

shell32

ExtractIconA
ShellAboutW
ShellExecuteExA
ShellExecuteW
SHGetDesktopFolder

comdlg32

ChooseFontW

user32

SetThreadDesktop
PostMessageW
SetWindowLongA
TabbedTextOutA
DdeClientTransaction
RegisterClassA
DdeAddData
RegisterClassExA

gdi32

GetTextCharset
CreateColorSpaceA
GetCharABCWidthsW

comctl32

InitCommonControlsEx

kernel32

VirtualQuery
ExitProcess
GetConsoleMode
OutputDebugStringA
GetStringTypeW
SetEnvironmentVariableA
MultiByteToWideChar
IsDebuggerPresent
lstrlenA
OutputDebugStringW
GetLastError
GetFileType
GetCurrentThread
HeapReAlloc
GetConsoleCP
WideCharToMultiByte
RaiseException
TerminateProcess
SetStdHandle
DeleteCriticalSection
GetTimeFormatA
IsBadReadPtr
GetTickCount
GetConsoleOutputCP
OpenMutexA
CloseHandle
GetModuleFileNameW
GetProcessHeap
GetLocaleInfoA
IsValidCodePage
GetStartupInfoA
InterlockedExchange
GetUserDefaultLCID
AddAtomW
LoadLibraryW
DebugBreak
GetACP
GetSystemTimeAsFileTime
GetCPInfo
GetCurrentThreadId
SetHandleCount
InterlockedIncrement
HeapDestroy
GetStringTypeA
GetCurrentProcessId
HeapFree
FreeLibrary
HeapCreate
TlsSetValue
GetCurrentProcess
CreateFileA
HeapAlloc
TlsAlloc
SetLastError
SetFilePointer
VirtualFree
FlushFileBuffers
GetModuleHandleW
GetStartupInfoW
IsValidLocale
LCMapStringA
LCMapStringW
HeapSize
Sleep
GetDateFormatA
CompareStringA
CreateMutexA
GetStdHandle
GetCommandLineA
TlsGetValue
UnhandledExceptionFilter
GetEnvironmentStringsW
CompareStringW
GetModuleHandleA
InterlockedDecrement
GetModuleFileNameA
HeapValidate
VirtualAlloc
GetTimeZoneInformation
ReadFile
ContinueDebugEvent
GetLocaleInfoW
LoadLibraryA
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
TlsFree
WriteConsoleA
WriteConsoleW
GetCommandLineW
GetOEMCP
FreeEnvironmentStringsW
SetConsoleCtrlHandler
GetProcAddress
WriteFile
EnumSystemLocalesA
RtlUnwind
QueryPerformanceCounter
SetUnhandledExceptionFilter
LeaveCriticalSection

Sections

.text
Size: 301KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3df023669170b55cf2784eb694e2d0f2

Headers

File Characteristics

Imports

wininet

shell32

comdlg32

user32

gdi32

comctl32

kernel32

Sections

.text Size: 301KB - Virtual size: 300KB

.rdata Size: 48KB - Virtual size: 64KB

.data Size: 314KB - Virtual size: 314KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 301KB - Virtual size: 300KB

.rdata
Size: 48KB - Virtual size: 64KB

.data
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 9KB - Virtual size: 9KB