d6cfe3d710adc239c1213200d3cf03909b69887218cd764457f58e17796b7c76

Sharing

Copy URL Twitter E-mail

General

Target

d6cfe3d710adc239c1213200d3cf03909b69887218cd764457f58e17796b7c76
Size

446KB
MD5

001b3ca19a28086d1aa7a53f18c075c1
SHA1

5323dd55790ac7d5438c214d066ac497fbc02c14
SHA256

d6cfe3d710adc239c1213200d3cf03909b69887218cd764457f58e17796b7c76
SHA512

28eea71b94b8c92e5ab2519119fdfed5e93dc95d64ac4be4c80754959dde4970c2b938e32e41b2f6b6f79326ccab17c08886415bc802e0521c85040bf8dee335
SSDEEP

6144:0UmnV+KysFTx0vNTFbMOUlRyViNi2S5ox1kz57uyyxqfdAygahoZLgXFKMLM8uwW:j8xQMuF10M6JgXnYvwfqjpaAJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6cfe3d710adc239c1213200d3cf03909b69887218cd764457f58e17796b7c76

Files

d6cfe3d710adc239c1213200d3cf03909b69887218cd764457f58e17796b7c76
.exe windows:4 windows x86 arch:x86

0382777ea777a87ae0519c98d43ab6c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

GopherGetAttributeW
InternetOpenUrlW
IsHostInProxyBypassList
InternetWriteFileExW
InternetCombineUrlW
InternetConfirmZoneCrossingA
GetUrlCacheEntryInfoExW
InternetReadFileExA
UnlockUrlCacheEntryFile

gdi32

BitBlt
GetCurrentObject
EnumObjects
ExtTextOutW
GetDIBColorTable
GdiPlayDCScript
gdiPlaySpoolStream
SetROP2
EnumFontsW
ExcludeClipRect
SelectClipPath
PlayEnhMetaFileRecord
CreateScalableFontResourceA
GetCharABCWidthsFloatA
StrokeAndFillPath
ScaleViewportExtEx
EnumFontsA
ExtSelectClipRgn
GetTextExtentExPointA

advapi32

CryptDestroyHash
RegDeleteKeyA
RegCloseKey
LookupPrivilegeDisplayNameA
CryptGetHashParam
RegConnectRegistryW
CryptSetHashParam
RegFlushKey
CreateServiceA
LogonUserA
LookupPrivilegeNameA
RegDeleteKeyW
LookupSecurityDescriptorPartsW
CryptSetProviderExA
LookupAccountSidW
RegSetValueExA
CryptSignHashW
RegCreateKeyA
CryptCreateHash
LookupPrivilegeDisplayNameW
RegEnumKeyExA
CryptVerifySignatureW
CryptDeriveKey
DuplicateTokenEx
CryptGenRandom

comdlg32

GetOpenFileNameW
ReplaceTextA
ReplaceTextW

kernel32

IsValidCodePage
GetCurrentProcessId
GetOEMCP
GetSystemDefaultLCID
GetUserDefaultLCID
QueryPerformanceCounter
GetEnvironmentStringsW
GetVersionExA
WriteConsoleW
GetFileType
FindFirstFileW
TlsSetValue
GetLastError
CompareStringA
UnhandledExceptionFilter
LeaveCriticalSection
GetTickCount
HeapSize
HeapValidate
EnterCriticalSection
GetModuleFileNameW
HeapReAlloc
OpenEventA
InterlockedExchange
VirtualFree
GetModuleHandleA
TlsFree
WriteFile
WideCharToMultiByte
GetCPInfo
GetDriveTypeA
LoadLibraryExA
GetAtomNameW
GetLocaleInfoA
GetCommandLineW
GetStartupInfoA
GetSystemTimeAsFileTime
GetProcAddress
MultiByteToWideChar
HeapAlloc
HeapDestroy
GetSystemInfo
GetModuleFileNameA
HeapCreate
WritePrivateProfileStructW
CompareStringW
FreeEnvironmentStringsW
HeapFree
GetVolumeInformationA
GetTimeZoneInformation
EnumSystemLocalesA
DeleteCriticalSection
LCMapStringA
TerminateProcess
lstrcpyA
GetCurrentProcess
VirtualQuery
IsBadWritePtr
SuspendThread
TlsAlloc
GlobalFlags
LCMapStringW
GetCommandLineA
LoadLibraryA
GetCurrentThreadId
SetEnvironmentVariableA
SetHandleCount
GetExitCodeProcess
VirtualAlloc
InitializeCriticalSection
GetEnvironmentStrings
IsValidLocale
GetDateFormatA
GetStringTypeA
GetLocaleInfoW
GetStartupInfoW
GetACP
FreeEnvironmentStringsA
ExitProcess
GetStdHandle
GetCurrentThread
TlsGetValue
SetLastError
RtlUnwind
VirtualProtect
MoveFileExA
LockFile
GetTimeFormatA
GetStringTypeW

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0382777ea777a87ae0519c98d43ab6c7

Headers

File Characteristics

Imports

wininet

gdi32

advapi32

comdlg32

kernel32

Sections

.text Size: 125KB - Virtual size: 125KB

.data Size: 308KB - Virtual size: 307KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 125KB - Virtual size: 125KB

.data
Size: 308KB - Virtual size: 307KB

.rsrc
Size: 11KB - Virtual size: 11KB