b94b631c6dd1816db0bd9a7184966436

Sharing

Copy URL Twitter E-mail

General

Target

b94b631c6dd1816db0bd9a7184966436
Size

700KB
MD5

b94b631c6dd1816db0bd9a7184966436
SHA1

6a0fc77db5eddc785a8096c903244f94f17b8c48
SHA256

3358d0347ee04b06f3a74ea4170af9ef1ef57e87df25f613e5faa7631e16b82b
SHA512

7a9f9307a88a751a2007364897e5b967a211f5eea3e9685fd553cd36401e1feb527e4e07c8c14552129d92733a112159ffb7565d9cdbe886708a7222cbf8b4b1
SSDEEP

12288:+m3z0jUJTqaKm7xyqOhsroINHXbO0I9ww8iMkRkmj+0wn03SA7I8L4t1PyPrswyD:+m3RGexyLhYoCHwvMWkmj+0X5JLq1wsd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b94b631c6dd1816db0bd9a7184966436

Files

b94b631c6dd1816db0bd9a7184966436
.exe windows:4 windows x86 arch:x86

2b36419529dd69de7520c18839be99a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DuplicateIcon
RealShellExecuteExA
SHBrowseForFolderW

kernel32

GetStdHandle
GetStringTypeW
GetUserDefaultLCID
HeapValidate
HeapFree
RtlUnwind
GetCurrentThreadId
TlsFree
UnhandledExceptionFilter
CreateFileA
GetProcessHeap
HeapDestroy
GetACP
WideCharToMultiByte
GetModuleFileNameW
HeapReAlloc
EnterCriticalSection
SetUnhandledExceptionFilter
SetEnvironmentVariableA
GetThreadContext
LeaveCriticalSection
GetCurrentProcessId
GetOEMCP
InterlockedExchange
SetFilePointer
GetCurrentProcess
GetLastError
GetDateFormatA
GetStringTypeA
MultiByteToWideChar
GetVersionExA
VirtualFree
SetHandleCount
VirtualQuery
CompareStringA
CompareStringW
FlushFileBuffers
GetPrivateProfileIntW
WriteConsoleW
GetLocaleInfoW
GetEnvironmentStrings
TlsGetValue
EnumSystemCodePagesW
IsBadReadPtr
SetStdHandle
lstrlenA
RaiseException
EnumSystemLocalesA
GlobalAddAtomA
GetSystemTimeAsFileTime
DebugBreak
LoadLibraryA
GetLocaleInfoA
GetCurrentThread
QueryPerformanceCounter
GetStartupInfoA
FreeEnvironmentStringsW
ReadFile
InitializeCriticalSection
HeapAlloc
LCMapStringA
DeleteCriticalSection
TerminateProcess
GetTimeFormatA
LCMapStringW
TlsSetValue
OutputDebugStringA
GetFileType
GetConsoleOutputCP
OpenMutexA
GetModuleFileNameA
VirtualAlloc
FreeLibrary
GetCommandLineW
GetTickCount
CloseHandle
GlobalFindAtomW
GetProcAddress
CreateMutexA
IsValidLocale
InterlockedDecrement
GetEnvironmentStringsW
GetCPInfo
GetConsoleCP
ExitProcess
LoadLibraryW
TlsAlloc
InterlockedIncrement
SetLastError
GetConsoleMode
HeapCreate
WriteConsoleA
WriteFile
IsDebuggerPresent
OutputDebugStringW
SetConsoleCtrlHandler
FreeEnvironmentStringsA
GetStartupInfoW
GetCommandLineA
IsValidCodePage
GlobalFix
GetModuleHandleA
GetTimeZoneInformation

advapi32

LookupPrivilegeValueW
RegDeleteValueW

gdi32

SelectClipPath
GetTextExtentPoint32W
SetWindowOrgEx
GdiFlush
EnumFontsA

comctl32

InitCommonControlsEx

wininet

FindFirstUrlCacheContainerA
InternetSetOptionW
InternetTimeToSystemTimeW
FindFirstUrlCacheEntryExW
SetUrlCacheEntryInfoW

user32

DdeCreateStringHandleA
SendIMEMessageExA
CreatePopupMenu
BeginPaint
RegisterClassExA
CreateAcceleratorTableA
ActivateKeyboardLayout
SendMessageTimeoutA
OpenClipboard
GetMenuState
EndDeferWindowPos
VkKeyScanW
DdeQueryConvInfo
SendNotifyMessageA
RegisterClassW
GetClipboardFormatNameA
GetKeyNameTextW
RegisterClassA

Sections

.text
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b36419529dd69de7520c18839be99a6

Headers

File Characteristics

Imports

shell32

kernel32

advapi32

gdi32

comctl32

wininet

user32

Sections

.text Size: 323KB - Virtual size: 323KB

.rdata Size: 47KB - Virtual size: 73KB

.data Size: 317KB - Virtual size: 316KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 323KB - Virtual size: 323KB

.rdata
Size: 47KB - Virtual size: 73KB

.data
Size: 317KB - Virtual size: 316KB

.rsrc
Size: 12KB - Virtual size: 11KB