45683ebf238580f114c582c18b536683137aa1c5b09badaf3e1d5d5dcdb3ba41

Sharing

Copy URL

Twitter E-mail

General

Target

45683ebf238580f114c582c18b536683137aa1c5b09badaf3e1d5d5dcdb3ba41
Size

226KB
MD5

963fbcdaec66a5fcd5664e932fa06f4d
SHA1

49d92954aef64de6b0908c92ac1e01c17950a32f
SHA256

45683ebf238580f114c582c18b536683137aa1c5b09badaf3e1d5d5dcdb3ba41
SHA512

821ead468f2753fe0b011f8bbced1503b80679fbc3f4e512adb793d6febd558d7c33428f910263b66fbe0919f4264b07cba8672cc5fc6311c0bd79b95ac3180b
SSDEEP

6144:wZC4mnuv+VZt3U2D8xnppQEatKun8loCf3R:wZC4mnuv+VDUs8ymoCf3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45683ebf238580f114c582c18b536683137aa1c5b09badaf3e1d5d5dcdb3ba41

Files

45683ebf238580f114c582c18b536683137aa1c5b09badaf3e1d5d5dcdb3ba41
.exe windows:5 windows x86 arch:x86

b9d3b19db4fdb2b1cc54579fd0da0de5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoW
InternetOpenUrlW
InternetOpenW
InternetAttemptConnect
InternetQueryDataAvailable
HttpSendRequestW
HttpOpenRequestW
InternetConnectW

kernel32

InitializeCriticalSectionAndSpinCount
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetLocaleInfoW
CreateFileW
CreateFileA
SetEndOfFile
GetProcessHeap
LoadLibraryA
lstrlenW
SizeofResource
LockResource
LoadResource
FindResourceW
LocalFree
FormatMessageW
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
LocalAlloc
GlobalReAlloc
GlobalHandle
LocalReAlloc
lstrcmpA
lstrlenA
lstrcmpW
GlobalFlags
GlobalAddAtomW
LoadLibraryW
GetVersionExA
GlobalDeleteAtom
GlobalFindAtomW
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
CloseHandle
FlushFileBuffers
SetFilePointer
ReadFile
GetFileType
GetStdHandle
SetHandleCount
GetConsoleMode
GetConsoleCP
WriteFile
IsValidCodePage
GetOEMCP
GetACP
GetCurrentThreadId
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetCPInfo
LCMapStringW
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
GetStartupInfoA
GetCommandLineA
HeapAlloc
ExitProcess
GetProcAddress
HeapFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RaiseException
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
GetVersionExW
GetWindowsDirectoryW
GetComputerNameW
GetModuleHandleW
DeleteFileW
Sleep
GetModuleFileNameW
SetLastError
CreateEventW
GetLastError
lstrcatW

user32

WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
PostMessageW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
DefWindowProcW
CallWindowProcW
GetMenu
SystemParametersInfoA
IsIconic
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SetWindowPos
SetWindowLongW
IsWindow
GetFocus
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
SetWindowTextW
SetWindowsHookExW
CallNextHookEx
GetKeyState
PeekMessageW
ValidateRect
GetWindowTextW
LoadCursorW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnhookWindowsHookEx
GetWindowThreadProcessId
SendMessageW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
DestroyMenu
EnableWindow
MessageBoxW
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GrayStringW
LoadStringW
SetTimer
GetMessageW
DispatchMessageW
KillTimer
DrawTextExW
DrawTextW
TabbedTextOutW
PostQuitMessage
RegisterWindowMessageW
LoadIconW
GetWindowPlacement
GetDlgItem

advapi32

GetUserNameW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl

shell32

ShellExecuteW
SHGetSpecialFolderPathW

ole32

CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantChangeType
VariantClear

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

DeleteDC
GetStockObject
ScaleWindowExtEx
SetWindowExtEx
RestoreDC
SetMapMode
SaveDC
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
DeleteObject
GetDeviceCaps
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

Sections

.text
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9d3b19db4fdb2b1cc54579fd0da0de5

Headers

DLL Characteristics

File Characteristics

Imports

wininet

kernel32

user32

advapi32

shell32

ole32

oleaut32

oleacc

gdi32

winspool.drv

Sections

.text Size: 177KB - Virtual size: 176KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 9KB - Virtual size: 25KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 177KB - Virtual size: 176KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 9KB - Virtual size: 25KB

.rsrc
Size: 1KB - Virtual size: 1KB