b621d3d575dfae6b7d45a50052731442

Sharing

Copy URL

Twitter E-mail

General

Target

b621d3d575dfae6b7d45a50052731442
Size

704KB
MD5

b621d3d575dfae6b7d45a50052731442
SHA1

877c22094a1c78dcd1af2bdcd6e0d38096b58f54
SHA256

6ebaaa879612e950cda1feb386e8e8c5a26e28c01204a93d0d28759ad1233d80
SHA512

db421236c723a713d330ca6e652f498d261ce9d8bfb870cf999228fbd1c1c8050aca2019c23b4c712c884d6cfad95db22085048c8d5916ba381dc9cd0aba421b
SSDEEP

12288:zkHjbfuNpl2qfnEntsSFzFWTN0hybNgGxmoBzFIoFTsafDSxuJ7tGgFANh0:zkDi+zLxGxvrTxSxUHSh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b621d3d575dfae6b7d45a50052731442

Files

b621d3d575dfae6b7d45a50052731442
.exe windows:4 windows x86 arch:x86

1ac69425dbe0477aa845d3401c0bf64f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
ReadFile
ReleaseMutex
GetFileSize
WaitForSingleObject
SetEndOfFile
CloseHandle
DeleteFileA
GetProcessHeap
GetTickCount
ReadProcessMemory
WriteProcessMemory
GlobalFree
GlobalAlloc
LoadLibraryA
GetProcAddress
GetModuleHandleA
lstrcatA
OpenProcess
GetCurrentProcessId
UnmapViewOfFile
GlobalUnlock
GlobalLock
MapViewOfFile
DuplicateHandle
GlobalGetAtomNameA
LockResource
LoadResource
FindResourceA
SetLastError
CreateThread
CreateProcessA
GetTempPathA
GetUserDefaultLCID
Sleep
CreateEventA
GetCurrentThreadId
LoadLibraryExA
SetEvent
HeapFree
HeapAlloc
MulDiv
FlushInstructionCache
GetCurrentProcess
GetWindowsDirectoryA
SizeofResource
FindResourceExA
GetLocalTime
TerminateThread
GetShortPathNameA
CopyFileA
GetCommandLineA
ResetEvent
OpenEventA
CreateDirectoryA
CreateFileA
GetVersionExA
SetEnvironmentVariableA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
GetCPInfo
GetOEMCP
IsBadCodePtr
IsBadReadPtr
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetTimeZoneInformation
LCMapStringW
LCMapStringA
IsBadWritePtr
HeapCreate
SetUnhandledExceptionFilter
TerminateProcess
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
QueryPerformanceCounter
GetStartupInfoA
GetSystemTimeAsFileTime
VirtualQuery
GetSystemInfo
VirtualProtect
RtlUnwind
ExitProcess
CreateRemoteThread
VirtualFree
VirtualAlloc
GetPriorityClass
ResumeThread
LocalFree
HeapSize
HeapReAlloc
HeapDestroy
SetFilePointer
WriteFile
lstrcpynA
GetSystemDirectoryA
GetVolumeInformationA
GetComputerNameA
RaiseException
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameA
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
DeleteCriticalSection
GetLastError
lstrcmpA
lstrcpyA
lstrlenA
lstrcmpiA
WideCharToMultiByte
lstrlenW
CompareStringA
CompareStringW
MultiByteToWideChar
GetVersion
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

user32

UnregisterClassA
ReleaseDC
CharUpperA
GetSysColor
wsprintfA
CallWindowProcA
CharLowerA
GetDC
CreateAcceleratorTableA
SendMessageA
GetParent
DefWindowProcA
SetFocus
MessageBoxA
SetWindowTextA
TrackPopupMenu
InsertMenuItemA
PostMessageA
PostQuitMessage
UpdateWindow
SetActiveWindow
InvalidateRgn
SetCapture
ReleaseCapture
GetDesktopWindow
CharNextA
GetClassNameA
RedrawWindow
FillRect
IsChild
GetFocus
DestroyAcceleratorTable
MapDialogRect
GetWindowTextLengthA
GetClassInfoExA
CreateDialogIndirectParamA
CreatePopupMenu
EndPaint
DrawTextA
SetWindowPos
GetClientRect
BeginPaint
MoveWindow
InvalidateRect
GetWindowRect
KillTimer
SetTimer
SetWindowLongA
GetWindowLongA
SystemParametersInfoA
GetWindowTextA
SetWindowContextHelpId
SetForegroundWindow
GetWindow
MapWindowPoints
LoadImageA
GetSystemMetrics
IsWindow
EndDialog
GetMessageA
TranslateMessage
DispatchMessageA
PostThreadMessageA
GetDlgItem
SendDlgItemMessageA
RegisterWindowMessageA
SendMessageTimeoutA
DestroyWindow
LoadCursorA
RegisterClassExA
CreateWindowExA
FindWindowExA
GetWindowThreadProcessId
ShowWindow

advapi32

RegQueryValueA
GetUserNameA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegOpenKeyA

ole32

CoMarshalInterface
CreateStreamOnHGlobal
CoCreateInstance
CLSIDFromProgID
CoUnmarshalInterface
CoUninitialize
CoInitializeEx
OleUninitialize
CoInitialize
OleLockRunning
CoTaskMemAlloc
OleInitialize
CoGetClassObject
CLSIDFromString
StringFromGUID2

oleaut32

OleCreateFontIndirect
SysStringByteLen
SafeArrayCreate
DispCallFunc
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SysFreeString
LoadRegTypeLi
LoadTypeLi
SysStringLen
SysAllocString
VariantInit
VariantClear
SysAllocStringLen
VariantChangeType
SafeArrayDestroy

urlmon

UrlMkSetSessionOption
URLDownloadToFileA

shell32

SHGetSpecialFolderPathA

shlwapi

StrToIntExW
StrToIntExA

gdi32

GetPixel
SetPixel
GetDIBits
DeleteDC
CreateBitmap
GetObjectA
SetDIBits
CreateCompatibleDC
CreateFontIndirectA
DeleteObject
SetTextColor
SelectPalette
SetBkMode
SetBkColor
GetStockObject
StretchBlt
SetStretchBltMode
CreateSolidBrush
BitBlt
CreateCompatibleBitmap
GetDeviceCaps
SelectObject
CreateDIBitmap
RealizePalette
CreatePalette

comctl32

_TrackMouseEvent

wsock32

WSAStartup
gethostname
WSACleanup
ioctlsocket
htonl
gethostbyname

wininet

InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 360KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1ac69425dbe0477aa845d3401c0bf64f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

urlmon

shell32

shlwapi

gdi32

comctl32

wsock32

wininet

Sections

.text Size: 272KB - Virtual size: 272KB

.rdata Size: 40KB - Virtual size: 40KB

.data Size: 360KB - Virtual size: 360KB

.reloc Size: 28KB - Virtual size: 28KB

.text
Size: 272KB - Virtual size: 272KB

.rdata
Size: 40KB - Virtual size: 40KB

.data
Size: 360KB - Virtual size: 360KB

.reloc
Size: 28KB - Virtual size: 28KB