b6eb4c5a1738d7cc76ea825e3578df16

Sharing

Copy URL

Twitter E-mail

General

Target

b6eb4c5a1738d7cc76ea825e3578df16
Size

412KB
MD5

b6eb4c5a1738d7cc76ea825e3578df16
SHA1

2940b69373e87280d9894bf0479133876be77b8a
SHA256

41702b0dde324605f0d0a26c0682046e6cdace3c83898c89753a7c375bdf4295
SHA512

9d3fb1fe7d7e4cd60f6f0b3fd7693c86d3ceff7fda9d8d02dc7abf4f5bffeb146e295975579f2405d4bad88bc25f1a2e38513529c47f5291fb8240934c828b8c
SSDEEP

12288:4Av+jAL8YIdEjLbZwGiGINTmULtLwHBk3l:r+o8cZxIrFIO1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6eb4c5a1738d7cc76ea825e3578df16

Files

b6eb4c5a1738d7cc76ea825e3578df16
.exe windows:4 windows x86 arch:x86

99acea21e452050a058b841d468a9a3b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

SetUrlCacheEntryGroupA
DeleteUrlCacheContainerA
InternetWriteFileExW
GetUrlCacheEntryInfoW
UpdateUrlCacheContentPath
InternetGetConnectedStateExW
InternetLockRequestFile
HttpSendRequestExA

kernel32

GetSystemInfo
GetUserDefaultLCID
GetDateFormatA
LeaveCriticalSection
InterlockedExchange
TlsFree
TlsAlloc
GetExitCodeThread
GetCurrentProcess
FreeEnvironmentStringsW
GetCPInfo
HeapReAlloc
HeapSize
VirtualProtect
SetEnvironmentVariableA
WideCharToMultiByte
GetCommandLineA
WriteFile
GetLastError
SetTimeZoneInformation
VirtualQuery
TerminateProcess
GetVolumeInformationW
GetACP
GetEnvironmentStringsW
OutputDebugStringA
LCMapStringA
DeleteCriticalSection
TlsGetValue
EnumSystemLocalesA
WritePrivateProfileStringA
WaitForSingleObjectEx
CreateFileMappingW
HeapFree
GetCurrentThread
IsValidLocale
LCMapStringW
IsBadWritePtr
GetFullPathNameW
GetStartupInfoA
OpenProcess
GetLogicalDriveStringsA
GetModuleFileNameW
CompareStringW
SetHandleCount
FreeEnvironmentStringsA
GetFileTime
GetCurrentThreadId
GetProcAddress
ExitProcess
FindFirstFileW
GetModuleHandleA
GetTickCount
GetVersionExA
EnterCriticalSection
InitializeCriticalSection
GetLongPathNameW
HeapDestroy
IsValidCodePage
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
UnhandledExceptionFilter
CompareStringA
RtlUnwind
MultiByteToWideChar
GetSystemTimeAsFileTime
HeapAlloc
GetOEMCP
GetStartupInfoW
GetLocaleInfoW
GetModuleFileNameA
GetFileType
HeapCreate
GetTimeFormatA
GetCommandLineW
GetStdHandle
GetCurrentProcessId
LoadLibraryA
VirtualAlloc
SetLastError
VirtualFree
GetLocaleInfoA
GetSystemTime
TlsSetValue
GetEnvironmentStrings
QueryPerformanceCounter

advapi32

RegRestoreKeyW
RegCloseKey
ReportEventW
RegLoadKeyA
CryptSignHashA
CryptVerifySignatureA

gdi32

GetGlyphOutlineA

comdlg32

GetFileTitleW
ReplaceTextW

user32

CreateMDIWindowA
CharToOemBuffA
DdeAccessData
SetCaretPos
GetClipboardFormatNameW
TabbedTextOutA
CountClipboardFormats
GetAncestor
EnumThreadWindows
EnableScrollBar
SystemParametersInfoA
BringWindowToTop
AdjustWindowRect
CreateIconFromResourceEx
EnumDisplaySettingsW
DialogBoxParamA
GetUpdateRgn
GetClassInfoExA
LoadBitmapW
DlgDirSelectExA
PostThreadMessageW
GetMonitorInfoA

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99acea21e452050a058b841d468a9a3b

Headers

File Characteristics

Imports

wininet

kernel32

advapi32

gdi32

comdlg32

user32

Sections

.text Size: 115KB - Virtual size: 115KB

.rdata Size: 8KB - Virtual size: 24KB

.data Size: 277KB - Virtual size: 276KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 115KB - Virtual size: 115KB

.rdata
Size: 8KB - Virtual size: 24KB

.data
Size: 277KB - Virtual size: 276KB

.rsrc
Size: 11KB - Virtual size: 10KB