bce168b06651a4fbbc5ffbbc234d3a4f

Sharing

Copy URL Twitter E-mail

General

Target

bce168b06651a4fbbc5ffbbc234d3a4f
Size

454KB
MD5

bce168b06651a4fbbc5ffbbc234d3a4f
SHA1

1a0593141be7e6d17f57615841f2e7efb02c3359
SHA256

7dda0d85e146ba01623e98df06d1f655c80d58baf28544edd9bd1720412f9329
SHA512

a0921549556db7e91e1130ee4854b668f7cfa930d6711acd798ab3ac0d01d3cb453dba55110842d041a94da05d6cf3601692dc15589b9917f785e2604becd788
SSDEEP

12288:s8N347MhdHlyZgaDKfds1h7q8mpSAdPshTR:1dQGFsXtmPJKt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bce168b06651a4fbbc5ffbbc234d3a4f

Files

bce168b06651a4fbbc5ffbbc234d3a4f
.exe windows:4 windows x86 arch:x86

a985b0ee9d6f4768dcac6330ad7ea966

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadMenuW
SendIMEMessageExA
SendDlgItemMessageA
GetPropW
GetSubMenu
LoadBitmapA
MapVirtualKeyW

wininet

FtpRenameFileA
FtpRemoveDirectoryA
RunOnceUrlCache
InternetWriteFileExA
FtpFindFirstFileW
SetUrlCacheGroupAttributeA
InternetWriteFileExW
FtpSetCurrentDirectoryW
InternetSetFilePointer
HttpQueryInfoW
InternetFortezzaCommand
GetUrlCacheGroupAttributeA
SetUrlCacheConfigInfoA
InternetTimeFromSystemTimeA

gdi32

CloseFigure
RestoreDC
SetMiterLimit
SelectClipPath
GetOutlineTextMetricsA
GetLayout
SetPixelV
AddFontResourceW
GetEnhMetaFilePaletteEntries

comdlg32

LoadAlterBitmap
PageSetupDlgA
GetOpenFileNameW
PrintDlgA
GetSaveFileNameA
GetFileTitleA

kernel32

LeaveCriticalSection
SetUnhandledExceptionFilter
GetCurrentThreadId
HeapDestroy
IsValidLocale
FindNextFileA
InterlockedDecrement
GetEnvironmentStrings
HeapFree
FreeEnvironmentStringsW
GetFileType
TlsAlloc
GetCurrentProcess
GetTimeFormatA
GetCommandLineW
ReleaseSemaphore
GetCurrentThread
GetStartupInfoW
GetLocaleInfoA
WriteFile
GetModuleFileNameA
GetModuleFileNameW
GetTickCount
GetUserDefaultLCID
EnumResourceLanguagesW
FreeLibrary
GetLastError
FreeEnvironmentStringsA
RtlUnwind
GetACP
GetModuleHandleA
DeleteCriticalSection
SetEnvironmentVariableA
FindAtomW
GetLocaleInfoW
LoadLibraryA
HeapAlloc
GetProcessHeap
LCMapStringA
HeapCreate
SetConsoleCtrlHandler
GetCommandLineA
TlsFree
GetWindowsDirectoryA
GetCPInfo
UnhandledExceptionFilter
GetCurrentProcessId
InterlockedExchange
GetConsoleCursorInfo
EnumDateFormatsExA
GetProcAddress
TerminateProcess
MultiByteToWideChar
CompareStringA
LCMapStringW
CompareStringW
VirtualAlloc
VirtualFree
InterlockedIncrement
ExitProcess
GetStringTypeA
SetLastError
SetHandleCount
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetVersionExA
GetStringTypeW
InitializeCriticalSection
CreateSemaphoreA
WideCharToMultiByte
GetStdHandle
TlsGetValue
VirtualQuery
QueryPerformanceCounter
GetTimeZoneInformation
TlsSetValue
IsDebuggerPresent
GetOEMCP
IsValidCodePage
GetStartupInfoA
GetProfileIntA
EnumSystemLocalesA
GetDateFormatA
GetFullPathNameA
HeapSize
ContinueDebugEvent
HeapReAlloc
Sleep
EnterCriticalSection

advapi32

AbortSystemShutdownA
RegCreateKeyExW
CryptHashData
RegDeleteKeyW
CryptDestroyHash
RegConnectRegistryA
CryptGetKeyParam

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 311KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a985b0ee9d6f4768dcac6330ad7ea966

Headers

File Characteristics

Imports

user32

wininet

gdi32

comdlg32

kernel32

advapi32

Sections

.text Size: 132KB - Virtual size: 132KB

.data Size: 311KB - Virtual size: 319KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 132KB - Virtual size: 132KB

.data
Size: 311KB - Virtual size: 319KB

.rsrc
Size: 9KB - Virtual size: 9KB