61e0420aa5d8fcf1a53e92dcbaa96e2b78782ff1c8fee47c5ce253cb13838105

Sharing

Copy URL Twitter E-mail

General

Target

61e0420aa5d8fcf1a53e92dcbaa96e2b78782ff1c8fee47c5ce253cb13838105
Size

120KB
MD5

34b3ac64d5eda6acc0e6fc81e8a88dd0
SHA1

e6b1e5e6982e92ec128d7d9c0c323872919cdc0b
SHA256

61e0420aa5d8fcf1a53e92dcbaa96e2b78782ff1c8fee47c5ce253cb13838105
SHA512

a791151b92d5d2185cc7ec9eeb49c01550470770543c53017098c9fce04e47f7d8c9cbb16165238a429c13bd03225419d9711d67fcc9bf56de66bfb5a0261d8c
SSDEEP

1536:EOPbtpf5lbKJR0hi93ond6kWGQoS64Kvb/mxTxVc+79z5thoVyP7HXu:EOPbnxBKJRf94nd6ks92rKckz57ou73

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61e0420aa5d8fcf1a53e92dcbaa96e2b78782ff1c8fee47c5ce253cb13838105

Files

61e0420aa5d8fcf1a53e92dcbaa96e2b78782ff1c8fee47c5ce253cb13838105
.exe windows:4 windows x86 arch:x86

e6c41c5ef2b9bd61ed5a2909008d4c43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSACleanup
WSAStartup
WSAAsyncGetHostByName
WSAIsBlocking
WSACancelBlockingCall
connect
recv
send
ntohs
WSAAsyncSelect
WSAGetLastError
WSASetLastError
select
closesocket
recvfrom
sendto
socket
getservbyname
setsockopt
bind
htons
htonl
ntohl
gethostname
gethostbyname
inet_addr
ioctlsocket

kernel32

SetEnvironmentVariableA
GetOEMCP
GetACP
CompareStringW
CompareStringA
GetCPInfo
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
WideCharToMultiByte
GetCurrentThreadId
CloseHandle
lstrcatA
lstrcpynA
lstrlenA
GetFileSize
CreateFileA
GetLastError
lstrcmpA
lstrcpyA
Sleep
GetCurrentDirectoryA
SetEvent
WaitForSingleObject
GetVersionExA
LocalFree
FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
GetTickCount
GetPrivateProfileStringA
WritePrivateProfileStringA
GetSystemTime
SetFilePointer
lstrcmpiA
ReadFile
WriteFile
SetThreadPriority
ReleaseSemaphore
CreateSemaphoreA
TerminateThread
DeleteFileA
GetFileAttributesA
FindClose
FindNextFileA
GetDateFormatA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileA
GetLocalTime
SetProcessWorkingSetSize
GetCurrentProcess
SetCurrentDirectoryA
ReleaseMutex
GetModuleFileNameA
GetModuleHandleA
CreateMutexA
SetLastError
TerminateProcess
TlsGetValue
TlsAlloc
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
RtlUnwind
HeapCreate
HeapDestroy
GetEnvironmentVariableA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
UnhandledExceptionFilter
InitializeCriticalSection
VirtualAlloc
VirtualFree
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
InterlockedIncrement
InterlockedDecrement
ExitThread
TlsSetValue
CreateThread
ResumeThread
HeapFree
GetTimeZoneInformation
HeapAlloc
HeapReAlloc
LoadLibraryA
GetProcAddress
SetStdHandle
FlushFileBuffers
GetDriveTypeA
CreateEventA
GetFullPathNameA

user32

InvalidateRect
MapDialogRect
GetTopWindow
GetClientRect
DialogBoxParamA
CreateWindowExA
RegisterClassA
GetClassInfoA
MoveWindow
GetDC
SetClassLongA
GetSystemMenu
AppendMenuA
CheckMenuItem
GetSystemMetrics
GetCursorPos
FindWindowA
UnregisterClassA
GetWindow
DestroyIcon
WinHelpA
ReleaseDC
LoadIconA
TrackPopupMenu
SetForegroundWindow
CreateDialogParamA
SetWindowLongA
CallWindowProcA
EnableWindow
SendDlgItemMessageA
EndDialog
DestroyWindow
GetWindowTextA
ShowWindow
SetWindowTextA
GetDialogBaseUnits
MessageBeep
GetDlgItem
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
wvsprintfA
GetWindowLongA
SetWindowsHookExA
UnhookWindowsHookEx
IsWindowVisible
GetWindowRect
SystemParametersInfoA
SetWindowPos
SendMessageA
KillTimer
SetTimer
DefWindowProcA
SetDlgItemTextA
SetDlgItemInt
GetParent
GetDlgItemInt
PostMessageA
GetDlgItemTextA
wsprintfA
MessageBoxA

advapi32

RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA

shell32

DragAcceptFiles
DragQueryFileA
DragFinish
SHBrowseForFolderA
SHGetPathFromIDListA
Shell_NotifyIconA

gdi32

LPtoDP
GetTextExtentPoint32A

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e6c41c5ef2b9bd61ed5a2909008d4c43

Headers

File Characteristics

Imports

wsock32

kernel32

user32

advapi32

shell32

gdi32

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 24KB - Virtual size: 67KB

.rsrc Size: 12KB - Virtual size: 260KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 24KB - Virtual size: 67KB

.rsrc
Size: 12KB - Virtual size: 260KB