b915817e9c33a47b5f3ce4f339a2a16f

Sharing

Copy URL Twitter E-mail

General

Target

b915817e9c33a47b5f3ce4f339a2a16f
Size

714KB
MD5

b915817e9c33a47b5f3ce4f339a2a16f
SHA1

5445f2fe5f23a47a505725020722817e353c4b5f
SHA256

b1a7da50830fecde5007e1a606a825c69355a67fc5bc9df38530cd3d283316a6
SHA512

c001effb66afc42e48ba20808ae577a4fed58d730eb3d3172db04e9b9a13de133c1bd05036bcdcd1df846e72b2d20fbc86a5d3cccae1be2ae8d12837f4090376
SSDEEP

12288:OVCEMZszSMY8g/RDkY3pBqZuUpJ0AuhUQ4kFZdlzkgZ+iJU/Y8piUdU/56+bElWY:OjBS/RDbpyL0TuLkZvIW+Fw2rl+3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b915817e9c33a47b5f3ce4f339a2a16f

Files

b915817e9c33a47b5f3ce4f339a2a16f
.exe windows:4 windows x86 arch:x86

6f0c0a43af254df84a952ff5bde15bb7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetDesktopFolder
SHGetInstanceExplorer
SHFileOperationA

gdi32

StartDocA
PolyPolygon
StretchBlt
SetMetaRgn
GetBitmapDimensionEx
EnumFontFamiliesA
MaskBlt
SetPaletteEntries
GetTextMetricsW
GetCurrentPositionEx
CreateColorSpaceW
IntersectClipRect
CreateRoundRectRgn
GetCharABCWidthsA
WidenPath
SetColorAdjustment
GetEnhMetaFileW
GetEnhMetaFileA
GetViewportOrgEx
GetTextExtentPointA

comctl32

InitCommonControlsEx

user32

LoadKeyboardLayoutW
DlgDirListComboBoxA
GetClassInfoW
SendDlgItemMessageW
CharToOemBuffW
IsClipboardFormatAvailable
GetClassWord
RegisterClassA
DeferWindowPos
DrawStateW
TranslateMessage
InsertMenuItemW
ClientToScreen
GetPriorityClipboardFormat
RegisterClassExA
GetMonitorInfoA
ChildWindowFromPointEx
CharLowerBuffW
CharLowerBuffA
CharNextExA
DeleteMenu
EnumPropsW
RegisterClipboardFormatW
GetCaretBlinkTime
DdeFreeStringHandle
SetForegroundWindow
DrawFrameControl

kernel32

HeapCreate
GetDiskFreeSpaceA
DebugBreak
GetCommandLineA
GetConsoleMode
IsBadReadPtr
QueryPerformanceCounter
EnumSystemLocalesA
InitializeCriticalSection
GetACP
IsValidLocale
TlsAlloc
OutputDebugStringA
WideCharToMultiByte
LoadLibraryA
lstrlenA
TlsSetValue
TlsGetValue
SetFilePointer
InterlockedDecrement
LoadLibraryW
HeapFree
IsDebuggerPresent
SetUnhandledExceptionFilter
GetUserDefaultLCID
GetModuleHandleA
SetConsoleCtrlHandler
GetCurrentThread
FreeEnvironmentStringsA
WriteFile
GetSystemTimeAsFileTime
InterlockedIncrement
ReadFile
DeleteFileA
VirtualQuery
VirtualAlloc
CreateMutexA
EnumDateFormatsA
HeapValidate
GetEnvironmentStringsW
FreeEnvironmentStringsW
OpenEventW
EnterCriticalSection
HeapAlloc
GetStringTypeW
GetLastError
GetOEMCP
GetProcessHeap
OutputDebugStringW
SetEnvironmentVariableA
GetTimeZoneInformation
FlushFileBuffers
SetHandleCount
IsValidCodePage
LeaveCriticalSection
FreeLibrary
InterlockedExchange
GetStringTypeA
GetStartupInfoA
GetProcAddress
GetDateFormatA
VirtualFree
RaiseException
LCMapStringW
CompareStringA
OpenMutexA
LCMapStringA
GetModuleFileNameW
GetTimeFormatA
GetCurrentThreadId
TerminateProcess
SetStdHandle
CompareStringW
GetModuleFileNameA
CreateFileA
MultiByteToWideChar
GetTickCount
GetFileAttributesA
GetLocaleInfoA
GetConsoleCP
ExitProcess
UnhandledExceptionFilter
ExpandEnvironmentStringsA
RtlUnwind
SetLastError
CloseHandle
FillConsoleOutputCharacterA
TlsFree
GetConsoleOutputCP
DeleteCriticalSection
HeapReAlloc
WriteConsoleA
GetStdHandle
GetCurrentProcessId
GetTempFileNameW
GetFileType
HeapDestroy
GetEnvironmentVariableW
GetEnvironmentStrings
GetCurrentProcess
WriteConsoleW
GetVersionExA
GetLocaleInfoW
GetCPInfo

wininet

FindFirstUrlCacheContainerW
InternetCloseHandle
FindNextUrlCacheEntryA
LoadUrlCacheContent
DeleteUrlCacheContainerA
GetUrlCacheEntryInfoA
InternetSecurityProtocolToStringA
InternetConnectW

Sections

.text
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 357KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f0c0a43af254df84a952ff5bde15bb7

Headers

File Characteristics

Imports

shell32

gdi32

comctl32

user32

kernel32

wininet

Sections

.text Size: 296KB - Virtual size: 295KB

.rdata Size: 47KB - Virtual size: 54KB

.data Size: 357KB - Virtual size: 356KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 296KB - Virtual size: 295KB

.rdata
Size: 47KB - Virtual size: 54KB

.data
Size: 357KB - Virtual size: 356KB

.rsrc
Size: 13KB - Virtual size: 12KB