d7a0065b1bae1c0c21fd05d7dd7a9d5c

Sharing

Copy URL

Twitter E-mail

General

Target

d7a0065b1bae1c0c21fd05d7dd7a9d5c
Size

342KB
MD5

d7a0065b1bae1c0c21fd05d7dd7a9d5c
SHA1

a1f84fd0ad3b24e7fbf1f94b5d2dab997e14c33a
SHA256

57b4d3063834d7e2a518fd1b1c9dfd216d8405c9d1e71eab5e50a7e5ced3612c
SHA512

de61dd4150da8cbc5c2358b0a7af0b1a830e67bef082c71b8812fa3b8fa029b3aa9b47b369495d9cce580e46bf17d3c03e3c7e3a99fe383f2028d80ca5d046b7
SSDEEP

6144:oi/G3PZlnOXOpQhi24nUWV4K0YSoJZ/LjJcRkwjISj:oi+3PfO+CF4nZ4H1oaiwj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7a0065b1bae1c0c21fd05d7dd7a9d5c

Files

d7a0065b1bae1c0c21fd05d7dd7a9d5c
.exe windows:4 windows x86 arch:x86

52060a08d910295ba442f2a55b3a5bba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
InterlockedDecrement
GetCurrentThreadId
GetCurrentThread
InterlockedExchange
HeapAlloc
GetModuleFileNameA
EnterCriticalSection
FlushFileBuffers
EnumResourceLanguagesA
UnhandledExceptionFilter
GetConsoleOutputCP
GetSystemTimeAsFileTime
SetSystemTime
VirtualAlloc
TlsSetValue
ExitProcess
CreateFileA
WriteFile
MultiByteToWideChar
Sleep
IsDebuggerPresent
OpenMutexA
SetStdHandle
GetEnvironmentStrings
WriteConsoleW
SetConsoleCtrlHandler
SetFilePointer
HeapFree
GetConsoleMode
TlsAlloc
GetTickCount
WideCharToMultiByte
HeapReAlloc
GetEnvironmentStringsW
SetCriticalSectionSpinCount
GetCurrentProcessId
GetModuleHandleW
EnumSystemLocalesA
CreateMutexA
GetModuleHandleA
FlushConsoleInputBuffer
VirtualFree
QueryPerformanceCounter
GetUserDefaultLCID
GetDateFormatA
GetLocaleInfoA
FreeLibrary
FindNextChangeNotification
GetTimeFormatA
SetFileAttributesW
GetConsoleCP
LocalSize
lstrcpy
HeapCreate
IsValidCodePage
GetCurrentProcess
LCMapStringW
CloseHandle
GetStartupInfoA
RtlUnwind
SetEnvironmentVariableA
ReadFile
GetCommandLineA
GetStringTypeW
SetHandleCount
SystemTimeToFileTime
GetOEMCP
GetFileType
InitializeCriticalSectionAndSpinCount
GetLastError
GlobalHandle
FreeEnvironmentStringsW
IsValidLocale
HeapSize
HeapDestroy
InterlockedIncrement
LCMapStringA
LoadLibraryA
CompareStringA
VirtualQuery
GetTimeZoneInformation
GetACP
LeaveCriticalSection
GetCPInfo
GetStdHandle
ReadConsoleOutputCharacterW
SetLastError
WriteConsoleA
SetUnhandledExceptionFilter
TerminateProcess
CompareStringW
DeleteCriticalSection
TlsFree
TlsGetValue
GetLocaleInfoW
GetStringTypeA
GetSystemTime
GlobalAddAtomA
GetProcAddress
EnumSystemCodePagesA

comctl32

ImageList_Draw
DrawStatusTextW
ImageList_SetImageCount
CreateToolbar
ImageList_Create
CreatePropertySheetPage
CreateStatusWindowA
CreatePropertySheetPageA
ImageList_GetIcon
InitCommonControlsEx
ImageList_Merge
ImageList_GetImageRect
ImageList_GetIconSize

user32

DrawIcon
DdeCreateStringHandleA
IsRectEmpty
SetTimer
SetPropA
RegisterClassA
MessageBoxW
GetMessageA
RegisterClassExA
CreateMDIWindowA
CopyRect
GetUpdateRect
CallWindowProcW
ShowWindow
CreateWindowExW
DispatchMessageA
GetUpdateRgn
IsCharUpperW
CharPrevW
SystemParametersInfoW
ReplyMessage
RegisterClipboardFormatA
GetClipboardData

advapi32

CryptDuplicateHash
CryptVerifySignatureW
CreateServiceW
RegCreateKeyW
CryptEncrypt
DuplicateToken
InitiateSystemShutdownA
RegRestoreKeyW
RegSetValueExW
CryptEnumProvidersW
CryptSetKeyParam
CryptSetProviderExA
RegQueryInfoKeyW
RegQueryMultipleValuesW
CryptEnumProviderTypesA
RegEnumValueA
CryptAcquireContextA
InitializeSecurityDescriptor
CryptSetProvParam
InitiateSystemShutdownW
RegEnumKeyA
RegQueryMultipleValuesA

comdlg32

PageSetupDlgA
ChooseFontW
LoadAlterBitmap

wininet

FtpGetFileSize
ResumeSuspendedDownload
InternetTimeToSystemTimeW
InternetGetConnectedStateExA
InternetConnectW
InternetCheckConnectionA
InternetTimeFromSystemTimeW

Sections

.text
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52060a08d910295ba442f2a55b3a5bba

Headers

File Characteristics

Imports

kernel32

comctl32

user32

advapi32

comdlg32

wininet

Sections

.text Size: 213KB - Virtual size: 212KB

.rdata Size: 20KB - Virtual size: 33KB

.data Size: 89KB - Virtual size: 89KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 213KB - Virtual size: 212KB

.rdata
Size: 20KB - Virtual size: 33KB

.data
Size: 89KB - Virtual size: 89KB

.rsrc
Size: 18KB - Virtual size: 17KB