c24a07f5b692b56145555f84f2a883dd

Sharing

Copy URL

Twitter E-mail

General

Target

c24a07f5b692b56145555f84f2a883dd
Size

864KB
MD5

c24a07f5b692b56145555f84f2a883dd
SHA1

2398679916138931a18b405c623784e00f5392a7
SHA256

09f47991335c1a8c80c9e58e7bdd16f5de70d1418392317c8bb3caa76edce5cb
SHA512

9e9d3b812d9dbe5a0c9101f2d01b63b56dda9ce2ecd323c8b48af884acf6bcf0efb9c4352ac2a86647ca18e5ff9e9508d156395e6bc4d15a32519d2259e4f7f9
SSDEEP

24576:aBDGQJOzYRq/lpF8c7wEeDbLnpMLxJJ+0C:23uYRc9QD/pixn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c24a07f5b692b56145555f84f2a883dd

Files

c24a07f5b692b56145555f84f2a883dd
.exe windows:4 windows x86 arch:x86

93e6b3fbf8cb6609c5fff5b00c2b4ebb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
GlobalUnlock
SetLocalTime

shlwapi

SHRegOpenUSKeyA

user32

CheckMenuItem
ToUnicodeEx
FindWindowExA
FreeDDElParam
DrawCaption
InvalidateRgn
GetClassWord
SetWindowContextHelpId
EnumPropsExA
IsWindowUnicode
SetMenuDefaultItem
GetShellWindow
DdeCreateDataHandle
ScrollDC
GetNextDlgTabItem
ExcludeUpdateRgn
DrawTextExA
RedrawWindow
GetWindowInfo
CascadeWindows
SetCaretBlinkTime
MapVirtualKeyExA
CreateWindowExA
DdeNameService
SetClipboardData
DefMDIChildProcA
GetLastActivePopup
LoadMenuIndirectA
DrawFrame
IsCharLowerA
RegisterDeviceNotificationA
MsgWaitForMultipleObjects
DdeUnaccessData
PackDDElParam
UpdateWindow
GetMessagePos
DdeClientTransaction
OemToCharA
OpenDesktopA
GetKBCodePage
CharNextExA
wvsprintfA
GetProcessDefaultLayout
EnumDisplayMonitors
RegisterWindowMessageA
DdeEnableCallback
InSendMessage
SetDoubleClickTime
ShowCursor
LoadIconA
DestroyMenu
TranslateAccelerator
GetComboBoxInfo
ChangeMenuA

advapi32

RegUnLoadKeyA
QueryServiceObjectSecurity
GetNumberOfEventLogRecords
GetSecurityDescriptorControl
GetExplicitEntriesFromAclA
GetMultipleTrusteeA
SetEntriesInAuditListA
CopySid
AccessCheck
ChangeServiceConfigA
CryptEncrypt
BackupEventLogA
CryptGetKeyParam
CryptDestroyHash
AllocateAndInitializeSid
OpenEventLogA
PrivilegeCheck
RevertToSelf
GetTrusteeTypeA
RegConnectRegistryA
CryptSignHashA
CryptContextAddRef
FindFirstFreeAce
IsTextUnicode
GetSidSubAuthority
GetSecurityDescriptorOwner
CryptHashSessionKey
CryptSetKeyParam
InitializeAcl
AddAce
ControlService
GetAclInformation
BuildSecurityDescriptorA

Sections

.qpij
Size: 638KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xsx
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vyd
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.szczy
Size: 512B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hkvkd
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ado
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hmzqn
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.elyjq
Size: 49KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.spgtc
Size: 125KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93e6b3fbf8cb6609c5fff5b00c2b4ebb

Headers

File Characteristics

Imports

kernel32

shlwapi

user32

advapi32

Sections

.qpij Size: 638KB - Virtual size: 1.3MB

.xsx Size: 6KB - Virtual size: 8KB

.vyd Size: 19KB - Virtual size: 27KB

.szczy Size: 512B - Virtual size: 21KB

.hkvkd Size: 6KB - Virtual size: 15KB

.ado Size: 512B - Virtual size: 56B

.hmzqn Size: 512B - Virtual size: 24B

.elyjq Size: 49KB - Virtual size: 77KB

.spgtc Size: 125KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.qpij
Size: 638KB - Virtual size: 1.3MB

.xsx
Size: 6KB - Virtual size: 8KB

.vyd
Size: 19KB - Virtual size: 27KB

.szczy
Size: 512B - Virtual size: 21KB

.hkvkd
Size: 6KB - Virtual size: 15KB

.ado
Size: 512B - Virtual size: 56B

.hmzqn
Size: 512B - Virtual size: 24B

.elyjq
Size: 49KB - Virtual size: 77KB

.spgtc
Size: 125KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB