b60aab7a28d51f2e07c6ee7b033842ea

Sharing

Copy URL Twitter E-mail

General

Target

b60aab7a28d51f2e07c6ee7b033842ea
Size

104KB
MD5

b60aab7a28d51f2e07c6ee7b033842ea
SHA1

217a2d09ebcd968fe6e44a45cabf229bac262d1c
SHA256

6a915303ae3d9e03323b8c50faaa447858fbcc323003823c0f7e941c4db326af
SHA512

48dd185018f262533220f3717d77dc910154eaeb09d83840c6af84ad65d1409a77c217aceb63397a7797a7d7ff7e62d4227a02f67a03c166f2de7babea5b05af
SSDEEP

1536:0dsSfktK/KyxgEKQQNQ+4yNP8nrFSzwBTn7gaWKsI99I+KOAI:0d3stlpOQa+4y9/0WKl9++KOAI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b60aab7a28d51f2e07c6ee7b033842ea

Files

b60aab7a28d51f2e07c6ee7b033842ea
.exe windows:4 windows x86 arch:x86

14fe5d824494b7697a2c88de2186405b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
EnterCriticalSection
GetLastError
GlobalGetAtomNameA
MultiByteToWideChar
GlobalDeleteAtom
HeapDestroy
DeleteCriticalSection
FlushInstructionCache
GetCurrentProcess
GetWindowsDirectoryA
GetCurrentThreadId
GetCurrentProcessId
GetProcAddress
lstrlenA
LoadLibraryA
CreateMutexA
InitializeCriticalSection
SetEndOfFile
HeapAlloc
GetLocalTime
GetCPInfo
FlushFileBuffers
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
WideCharToMultiByte
WriteFile
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
InterlockedExchange
GetVersion
SetLastError
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
ReadFile
CreateFileA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
FreeLibrary
TlsGetValue
TerminateProcess
Sleep
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
RtlUnwind
TlsAlloc
HeapFree
ExitProcess
ExitThread
CloseHandle
ResumeThread
CreateThread
TlsSetValue
GetStartupInfoA
RaiseException
GetModuleHandleA
GetCommandLineA

user32

LoadImageA
RegisterWindowMessageA
DispatchMessageA
SetWindowPos
TranslateMessage
GetMessageA
PeekMessageA
IsDialogMessageA
PostQuitMessage
DestroyWindow
SendMessageA
KillTimer
SetTimer
MessageBoxA
SetWindowLongA
CreateDialogParamA
EndDialog
GetActiveWindow
DialogBoxParamA
PostMessageA
GetWindowLongA
GetParent
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
GetSystemMetrics

advapi32

RegCloseKey
RegQueryValueExA
RegSetValueExA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysAllocStringLen
SysFreeString

comctl32

InitCommonControlsEx

wininet

InternetOpenUrlA
HttpAddRequestHeadersA
InternetReadFile
HttpSendRequestA
InternetConnectA
InternetOpenA
InternetCloseHandle
HttpOpenRequestA

ws2_32

setsockopt
connect
inet_addr
socket
WSAStartup
closesocket
WSAGetLastError
htons

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14fe5d824494b7697a2c88de2186405b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

comctl32

wininet

ws2_32

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 3KB