ae3440d0c0480073a5ff87c0e484f8a7

Sharing

Copy URL

Twitter E-mail

General

Target

ae3440d0c0480073a5ff87c0e484f8a7
Size

645KB
MD5

ae3440d0c0480073a5ff87c0e484f8a7
SHA1

f26040a6fc48f3d3fdb7f236cf62e07b372a3f1f
SHA256

13aafc5c001a6c85ed85a2028d8df74ed29fb3b4b5765a369954afa071e8eaca
SHA512

bb8126109c5d7b45efb9ae300b923fcff9e15b40c90648522caa66e6bc26c3ed55a68c8023112968812b6f7c1017777c6b23a68cfa40c0656aefdd3bc9ca5cfb
SSDEEP

12288:QmipyUMQ6HO7/uKItdZF0CjuYoRK8kmY6IhWwhfDpdGFloteUkS4p8EO:8u5dZFJuHRK8krcSpPt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae3440d0c0480073a5ff87c0e484f8a7

Files

ae3440d0c0480073a5ff87c0e484f8a7
.exe windows:5 windows x86 arch:x86

f1a395ab6a4083ff5e327652ba0a9979

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winhttp

WinHttpCrackUrl
WinHttpGetProxyForUrl
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpSetTimeouts
WinHttpSetStatusCallback
WinHttpConnect
WinHttpOpenRequest
WinHttpAddRequestHeaders
WinHttpOpen
WinHttpSetOption
WinHttpWriteData
WinHttpGetIEProxyConfigForCurrentUser
WinHttpQueryHeaders
WinHttpReadData
WinHttpQueryDataAvailable
WinHttpCloseHandle

msimg32

AlphaBlend

comctl32

ord17

shlwapi

StrToIntExW
StrToIntExA
PathFindFileNameW
StrToIntW
PathAppendW
PathFindExtensionW
StrCmpIW
SHCreateStreamOnFileEx
StrStrIW
StrToInt64ExW
PathIsDirectoryW
PathFileExistsW
PathAddBackslashW
wvnsprintfW
PathRemoveFileSpecW
StrChrIW
StrCatW
PathStripPathW
StrCmpNIW

windowscodecs

WICConvertBitmapSource

psapi

GetModuleFileNameExW

kernel32

GetProcessHeap
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapFree
HeapAlloc
AddVectoredExceptionHandler
RemoveVectoredExceptionHandler
CreateEventW
GetCurrentThread
FlushFileBuffers
LeaveCriticalSection
EnterCriticalSection
GetStdHandle
GetModuleHandleA
lstrcpynW
OpenProcess
lstrcmpiA
lstrlenA
GetProcAddress
LoadLibraryW
GlobalFree
CreateMutexW
CloseHandle
WaitForSingleObject
ReleaseMutex
lstrcmpiW
GetVersionExW
MultiByteToWideChar
ReadFile
GetFileSize
CreateFileW
WaitForMultipleObjects
Sleep
CreateThread
CreateDirectoryW
DeleteFileW
GetTempFileNameW
GetTempPathW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
TryEnterCriticalSection
SetFilePointer
GetModuleFileNameW
RaiseException
lstrcpyW
WriteFile
lstrcatW
GetFileAttributesW
lstrlenW
GetPrivateProfileStringW
SetEnvironmentVariableW
GetLastError
FreeLibrary
LoadLibraryExW
GetProcessId
ExpandEnvironmentStringsW
SetEvent
OpenEventW
Process32NextW
GetCurrentProcessId
Process32FirstW
CreateToolhelp32Snapshot
GetStartupInfoW
lstrcmpW
GetEnvironmentStringsW
UnmapViewOfFile
VirtualQuery
MapViewOfFile
OpenFileMappingW
GetCurrentThreadId
GetCommandLineW
GetModuleHandleW
TerminateProcess

user32

UpdateWindow
SetWindowTextW
DrawTextW
IsWindow
MoveWindow
GetWindowRect
CreateWindowExW
SetForegroundWindow
GetWindowThreadProcessId
EnumWindows
EnumChildWindows
wsprintfW
FindWindowExW
ChildWindowFromPointEx
EnumPropsW
IsWindowVisible
GetDlgCtrlID
PostMessageW
SetActiveWindow
GetWindow
GetWindowTextW
EnableWindow
InvalidateRect
FillRect
GetDC
PostQuitMessage
DestroyWindow
EndDialog
DestroyMenu
TrackPopupMenuEx
GetCursorPos
AppendMenuW
CreatePopupMenu
MessageBoxW
DispatchMessageW
TranslateMessage
IsDialogMessageW
GetMessageW
LoadImageW
CreateDialogParamW
GetSysColor
GetWindowTextLengthW
CheckDlgButton
IsDlgButtonChecked
SendDlgItemMessageW
LoadIconW
GetAncestor
SetTimer
KillTimer
SetDlgItemTextW
wvsprintfA
wvsprintfW
GetClientRect
DrawFrameControl
ReleaseDC
GetParent
GetWindowLongW
SetPropW
LoadCursorW
SetCursor
GetDlgItem
GetPropW
ShowWindow
SetFocus
CallWindowProcW
SetWindowLongW
RemovePropW
SendMessageW
MapWindowPoints
ScreenToClient
GetSysColorBrush
SetWindowPos

gdi32

GetObjectW
GetStockObject
CreateFontW
CreatePatternBrush
CreateFontIndirectW
CreateCompatibleBitmap
SelectObject
SetTextColor
SetBkMode
GetTextExtentPoint32W
CreateDIBSection
BitBlt
SetBkColor
CreateSolidBrush
CreateCompatibleDC
DeleteDC
DeleteObject

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

SHGetSpecialFolderPathW
ShellExecuteExW
CommandLineToArgvW
Shell_NotifyIconW
SHCreateDirectoryExW

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance

Sections

.text
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1a395ab6a4083ff5e327652ba0a9979

Headers

DLL Characteristics

File Characteristics

Imports

winhttp

msimg32

comctl32

shlwapi

windowscodecs

psapi

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 197KB - Virtual size: 197KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 512B - Virtual size: 1.2MB

.rsrc Size: 58KB - Virtual size: 57KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 197KB - Virtual size: 197KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 512B - Virtual size: 1.2MB

.rsrc
Size: 58KB - Virtual size: 57KB

.reloc
Size: 12KB - Virtual size: 11KB