ca658140736d12a16f73faa43f17142f

Sharing

Copy URL Twitter E-mail

General

Target

ca658140736d12a16f73faa43f17142f
Size

382KB
MD5

ca658140736d12a16f73faa43f17142f
SHA1

8754e5f4763b2a237fe5f110c25e5de002ac7702
SHA256

5e0891de5ada7e327f92ee83846ebd773671289c0bf075e8a47e8494af604e05
SHA512

ffb496ddf0c19e61e08be0e88ecf2942f2b5d8a2d7cde8492260838841bc3c2d43c9375c335b02a3e914e00805c5f71744bf305dd2d08b50d2efb65d6708ac31
SSDEEP

6144:4rlYnB4V/0ZOhfPTMy3wchWewes1ZECdbPFt4pE7h8wzAn89p62WqGP6Eb3z2pOP:Ulu4c7djF+pW9AnqPWB6dd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca658140736d12a16f73faa43f17142f

Files

ca658140736d12a16f73faa43f17142f
.exe windows:4 windows x86 arch:x86

ca1f9fbfc39f6b00f7895009b59fc200

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupSecurityDescriptorPartsW
LookupAccountSidW
LookupPrivilegeValueW
DuplicateToken
RegSaveKeyW
LookupAccountNameA

comctl32

InitCommonControlsEx

wininet

FtpCommandW
InternetHangUp
InternetCombineUrlA
InternetWriteFileExW
FtpGetCurrentDirectoryW
RetrieveUrlCacheEntryStreamW
FindFirstUrlCacheEntryExW
ShowClientAuthCerts
InternetOpenA

user32

wsprintfA
SetWindowLongA
InflateRect
CreateIconFromResource
AnyPopup
SetWinEventHook
EnableMenuItem
DestroyAcceleratorTable
CharNextA
DdeAccessData
CreateMDIWindowW
CharUpperBuffW
RegisterClassA
RegisterClassExA
EmptyClipboard
CopyIcon
OpenInputDesktop
FreeDDElParam
GetAncestor

gdi32

GdiPlayScript
CreateEllipticRgn
GetMetaFileBitsEx
GetTextMetricsA
ModifyWorldTransform
ResizePalette
SetViewportExtEx
GetMetaRgn
InvertRgn
GdiPlayDCScript
DescribePixelFormat
GetObjectW
AddFontResourceW
DrawEscape
Pie
PtVisible
CreateICA
AnimatePalette
CancelDC
GetMiterLimit
PlayEnhMetaFile
StrokePath
PlayMetaFileRecord
Polygon

kernel32

SetStdHandle
LeaveCriticalSection
HeapFree
GetVersionExA
WideCharToMultiByte
ResumeThread
GetModuleHandleA
GetStdHandle
GetTimeZoneInformation
VirtualFree
EnumSystemLocalesA
SetFileAttributesA
TlsSetValue
GetUserDefaultLCID
GetModuleFileNameW
CloseHandle
GetLocaleInfoW
GetEnvironmentStringsW
GetLastError
GetLogicalDriveStringsW
HeapDestroy
LoadResource
ExitProcess
SetHandleCount
GetStartupInfoA
UnhandledExceptionFilter
GetCommandLineW
LCMapStringA
GetFileType
LoadLibraryA
VirtualAlloc
ReadFile
GetOEMCP
DeleteCriticalSection
TlsGetValue
EnumDateFormatsExA
InitializeCriticalSection
LCMapStringW
HeapReAlloc
GetThreadContext
SetFilePointer
GetCurrentProcess
GetSystemTimeAsFileTime
InterlockedExchange
TlsFree
GetModuleFileNameA
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStrings
GetTempPathW
GetACP
GetDateFormatA
DebugActiveProcess
GetCurrentThread
GetLocaleInfoA
EnumSystemCodePagesA
GetTimeFormatA
GetStringTypeW
FreeEnvironmentStringsA
GetConsoleCP
MultiByteToWideChar
IsValidCodePage
ExpandEnvironmentStringsW
CompareStringA
SetEnvironmentVariableA
ReadConsoleInputA
GetCPInfo
CompareStringW
GetCommandLineA
GetCurrentProcessId
SetLastError
WriteFile
FlushFileBuffers
TerminateProcess
HeapAlloc
GetSystemDirectoryW
IsValidLocale
IsBadWritePtr
GetTickCount
GetCurrentThreadId
VirtualQuery
SetWaitableTimer
WritePrivateProfileStringA
GetProcAddress
GetSystemInfo
OpenMutexA
RtlUnwind
EnterCriticalSection
GetStartupInfoW
CreateMutexA
TlsAlloc
GetThreadSelectorEntry
GetStringTypeA
CreatePipe
VirtualProtect
QueryPerformanceCounter
HeapSize

comdlg32

GetSaveFileNameA

Sections

.text
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca1f9fbfc39f6b00f7895009b59fc200

Headers

File Characteristics

Imports

advapi32

comctl32

wininet

user32

gdi32

kernel32

comdlg32

Sections

.text Size: 155KB - Virtual size: 155KB

.rdata Size: 9KB - Virtual size: 33KB

.data Size: 207KB - Virtual size: 207KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 155KB - Virtual size: 155KB

.rdata
Size: 9KB - Virtual size: 33KB

.data
Size: 207KB - Virtual size: 207KB

.rsrc
Size: 8KB - Virtual size: 8KB