d657f29bcdd3bca78e499883b4b414fd

Sharing

Copy URL

Twitter E-mail

General

Target

d657f29bcdd3bca78e499883b4b414fd
Size

339KB
MD5

d657f29bcdd3bca78e499883b4b414fd
SHA1

8d0a097dcc31684996217d8f40afa866d2b8dbf7
SHA256

ab8dc8f7a20888129d77e899ec179525faed9d7e3fa4ed7ae1d4e5f01be11cd9
SHA512

09e212dfdd49383d87c39cb3dbdfa813620de2287b5f983b3fd27a60ec07fee2eee7ba44a290f66e82622e147b75fb614808cde07eb7554a73ce9cc13e2da831
SSDEEP

6144:TkEWsvgKjLmznUstdygdR+F+o+y4g9yuKsHdhsXcmoI/Z+kTWgPmT9S/toIr:RLOnUsjygdR+YBTG8XxokTWgPO9S/aIr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d657f29bcdd3bca78e499883b4b414fd

Files

d657f29bcdd3bca78e499883b4b414fd
.exe windows:4 windows x86 arch:x86

c3fb3cc919965a42a2616d64563bf69f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winhttp

WinHttpCheckPlatform

kernel32

HeapFree
FlushFileBuffers
GetComputerNameExW
RaiseException
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetProcessHeap
WideCharToMultiByte
TlsAlloc
HeapReAlloc
InitializeCriticalSection
IsBadCodePtr
WriteFile
LCMapStringA
GetCurrentProcessId
GetCurrentThreadId
InterlockedDecrement
GetCommandLineA
CloseHandle
GetModuleFileNameA
FreeEnvironmentStringsW
TlsGetValue
SetThreadAffinityMask
HeapCreate
DebugBreak
GetModuleHandleA
OutputDebugStringA
VirtualFree
DeleteCriticalSection
GetSystemInfo
GetStartupInfoA
IsBadWritePtr
GetLastError
ExitProcess
FreeEnvironmentStringsA
HeapDestroy
SetStdHandle
InterlockedExchange
GetVersionExA
GetProcAddress
RtlUnwind
GetLocaleInfoA
IsBadReadPtr
HeapAlloc
MultiByteToWideChar
GetStringTypeA
TerminateProcess
SetHandleCount
LeaveCriticalSection
ExitProcess
FreeLibrary
GetEnvironmentStrings
LoadLibraryA
QueryPerformanceCounter
TlsSetValue
HeapValidate
SetLastError
GetStdHandle
GetTickCount
GetStringTypeW
SetFilePointer
VirtualAlloc
GetCurrentProcess
VirtualProtect
InterlockedIncrement
GetFileType
VirtualQuery
GetEnvironmentStringsW
LCMapStringW
EnterCriticalSection
UnhandledExceptionFilter
TlsFree

user32

GetWindowLongW
KillTimer
SetTimer
DestroyWindow
SetDlgItemTextW
GetDlgItem
MoveWindow
SetWindowLongW
SetFocus
CharNextW
ScreenToClient
SendMessageW
LoadImageW
IsWindowVisible
GetClientRect
CreateWindowExW
InvalidateRect
TranslateAcceleratorW
EnumWindowStationsA
CallWindowProcW

Sections

.text
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3fb3cc919965a42a2616d64563bf69f

Headers

File Characteristics

Imports

winhttp

kernel32

user32

Sections

.text Size: 204KB - Virtual size: 203KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 126KB - Virtual size: 126KB

.edata Size: 5KB - Virtual size: 52KB

.text
Size: 204KB - Virtual size: 203KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 126KB - Virtual size: 126KB

.edata
Size: 5KB - Virtual size: 52KB