c684e70639cef5e71be2d2530e1c7cd5

Sharing

Copy URL Twitter E-mail

General

Target

c684e70639cef5e71be2d2530e1c7cd5
Size

516KB
MD5

c684e70639cef5e71be2d2530e1c7cd5
SHA1

aec80a62f25e5be71dcea10ca7a0f437338efb1a
SHA256

fee0a4da64ae8269fcec06aca6e43efbfdd18035b2dff82d3e4f7b1a3aa905c0
SHA512

f90c4635a716fcb71a04550ac963ce195415196e4a51d42a09fc72960fb11cce0143e9984506f80060979f86b146f9c7bd70ac25580030270b684f3daadaa5a3
SSDEEP

12288:VFzH2SFo0FiEL0vrSHigqWO0T+4c0bq+F:VFzPav+gWJ+Yu+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c684e70639cef5e71be2d2530e1c7cd5

Files

c684e70639cef5e71be2d2530e1c7cd5
.exe windows:4 windows x86 arch:x86

1402e46ef8de404c9c91d032036ba140

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsCharLowerA
RegisterClassExA
GetGUIThreadInfo
SendInput
LoadKeyboardLayoutW
GetDialogBaseUnits
GetMenuBarInfo
GetSystemMetrics
RegisterClassA
ShowCursor
CloseWindowStation
DdeGetData
ChangeClipboardChain
LoadStringW
GetKeyboardType
SetProcessWindowStation
DialogBoxIndirectParamW
GetKeyboardLayoutNameW

comdlg32

GetFileTitleW

kernel32

TlsAlloc
VirtualAlloc
HeapReAlloc
IsValidCodePage
GetUserDefaultLCID
GetModuleFileNameA
OutputDebugStringA
GetDateFormatA
OutputDebugStringW
CreateMutexA
RaiseException
CompareStringA
GetStringTypeA
GetModuleHandleA
GetCurrentThread
GetStartupInfoA
SetLastError
GetSystemTimeAsFileTime
GetFileType
SetHandleCount
HeapFree
GetTimeZoneInformation
IsDebuggerPresent
GetLocaleInfoW
GetOEMCP
WriteFile
EnumSystemLocalesA
FlushFileBuffers
LoadLibraryA
LoadLibraryW
DebugBreak
LCMapStringA
SetConsoleCtrlHandler
GetStartupInfoW
SetEnvironmentVariableA
CloseHandle
VirtualQuery
GetTickCount
SetFilePointer
GetCurrentThreadId
Sleep
GetConsoleCP
GetProcessHeap
ExitProcess
SetStdHandle
GetLastError
OpenMutexA
HeapCreate
CompareStringW
lstrlenA
GetProcAddress
FreeLibrary
GetCPInfo
TlsSetValue
InterlockedDecrement
GetEnvironmentStringsW
WideCharToMultiByte
SetUnhandledExceptionFilter
HeapValidate
LeaveCriticalSection
GetCommandLineW
InterlockedExchange
ReadFile
GetStdHandle
GetLocaleInfoA
HeapDestroy
GetTimeFormatA
TlsGetValue
LCMapStringW
GetCurrentProcessId
GetConsoleOutputCP
QueryPerformanceCounter
GetCommandLineA
TerminateProcess
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
GetConsoleMode
InterlockedIncrement
GetModuleHandleW
GetACP
VirtualFree
FreeEnvironmentStringsW
GetCurrentProcess
RtlUnwind
RtlFillMemory
DeleteCriticalSection
CreateFileA
MultiByteToWideChar
TlsFree
HeapAlloc
GetStringTypeW
WriteConsoleA
IsBadReadPtr
WriteConsoleW
UnhandledExceptionFilter
HeapSize
IsValidLocale
GetModuleFileNameW

shell32

ExtractIconExA
ShellExecuteExA
DuplicateIcon
SHGetSpecialFolderLocation

comctl32

InitCommonControlsEx

gdi32

ExcludeClipRect
RemoveFontResourceA
DeviceCapabilitiesExA
GetBkColor
GetCharacterPlacementW
GetCharABCWidthsFloatA
CreateEnhMetaFileW
CreatePolygonRgn
CreatePolyPolygonRgn
GetObjectW
GetFontLanguageInfo
PlayMetaFile
GdiFlush
AddFontResourceA

wininet

RetrieveUrlCacheEntryStreamW
ShowX509EncodedCertificate
InternetFindNextFileA
FindNextUrlCacheContainerA
InternetFindNextFileW
GetUrlCacheEntryInfoExA
SetUrlCacheEntryGroupW

Sections

.text
Size: 282KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1402e46ef8de404c9c91d032036ba140

Headers

File Characteristics

Imports

user32

comdlg32

kernel32

shell32

comctl32

gdi32

wininet

Sections

.text Size: 282KB - Virtual size: 282KB

.rdata Size: 48KB - Virtual size: 52KB

.data Size: 175KB - Virtual size: 175KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 282KB - Virtual size: 282KB

.rdata
Size: 48KB - Virtual size: 52KB

.data
Size: 175KB - Virtual size: 175KB

.rsrc
Size: 9KB - Virtual size: 8KB