370713b1ddcb8e514a9a27a14a8272d791483faeb8d1923f66b1a22d68344c0b

Sharing

Copy URL

Twitter E-mail

General

Target

370713b1ddcb8e514a9a27a14a8272d791483faeb8d1923f66b1a22d68344c0b
Size

217KB
MD5

a0856e80d531ea72928903a6334bdadb
SHA1

a50b378d9bbc8db6af06ed524f4dd0628c996fe3
SHA256

370713b1ddcb8e514a9a27a14a8272d791483faeb8d1923f66b1a22d68344c0b
SHA512

6f334c9aa912abd8ad52887e380c67f9ae602cf3f1396c06fcec1588f0cdcae7486309d496d3743fd85d9dd39e9ef6ba43e287322ef6916207d06043b273358d
SSDEEP

6144:4nyiqVQBf0EaIp8fkTJJsK1eEzEB1XjrkXb:BEdp8csKpE7XX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
370713b1ddcb8e514a9a27a14a8272d791483faeb8d1923f66b1a22d68344c0b

Files

370713b1ddcb8e514a9a27a14a8272d791483faeb8d1923f66b1a22d68344c0b
.exe windows:4 windows x86 arch:x86

752e1ad839fdd9d87e202c92c2bee710

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
EnumDateFormatsW
GetLogicalDrives
lstrlen
lstrcpynW
GetDateFormatW
GetEnvironmentStringsW
GetVersionExA
SetThreadPriority
LocalAlloc
GetAtomNameA
GetShortPathNameW
LoadLibraryA
GetWindowsDirectoryW
GetEnvironmentVariableA
AddAtomA
GetDiskFreeSpaceA
GlobalFindAtomA
GetModuleFileNameA
GetHandleInformation
GetModuleHandleA
CompareFileTime
MoveFileA
SearchPathW
GetLogicalDriveStringsA
SetPriorityClass
OpenProcess
FatalAppExitA
GetLongPathNameW
IsValidCodePage
IsDebuggerPresent
lstrcmpW
GetProcAddress
SetCurrentDirectoryA
GetShortPathNameA
LoadLibraryW
SetErrorMode
RaiseException
EndUpdateResourceA

user32

GetWindowRgn
GetMenuItemInfoA
GetClassInfoA
GetMenu
LoadMenuIndirectW
UpdateWindow
ClientToScreen
WaitMessage
FrameRect
ArrangeIconicWindows
CreatePopupMenu
GetMenuStringA
MessageBoxIndirectW
RegisterClassExA
WaitForInputIdle
CreateDialogIndirectParamW
FlashWindow
GetMenuItemInfoW
EnumDesktopsW
IsChild
EmptyClipboard
CreateDialogParamW
EnumDesktopsA
DialogBoxIndirectParamA
EndDialog
CharNextW
DefDlgProcW
IsWindow
DrawTextW
PeekMessageA
GetWindowRect
ReleaseDC

gdi32

GetPath
CreateSolidBrush
GetRgnBox
SetMiterLimit
SetBrushOrgEx
GetMetaRgn
GetDeviceGammaRamp
GetDeviceCaps
FrameRgn
CreateFontIndirectA
OffsetClipRgn
GetCharWidth32A
AnimatePalette
SetDCBrushColor
UpdateICMRegKeyA
SetLayout
FillRgn
CreateMetaFileA
PtVisible
GetEnhMetaFilePaletteEntries
ExtEscape
EndPath
GetClipBox

advapi32

RegReplaceKeyW
RegCreateKeyExW
RegSaveKeyW
RegEnumValueA
RegDeleteValueW
RegQueryValueExW
RegEnumKeyW
RegReplaceKeyA
RegRestoreKeyW
RegSetValueW

shlwapi

SHSkipJunction
UrlCanonicalizeA
DllGetVersion
PathIsPrefixA
PathParseIconLocationA

wininet

InternetSetPerSiteCookieDecisionW
InternetSetOptionW
InternetSetCookieW
FindNextUrlCacheContainerA
FindFirstUrlCacheEntryW
InternetWriteFileExW
CreateUrlCacheContainerA
FtpCommandA
InternetCanonicalizeUrlW
InternetAutodial
GopherCreateLocatorW
InternetSetOptionExA
DeleteIE3Cache
HttpEndRequestW
InternetCrackUrlW
FtpSetCurrentDirectoryA

winspool.drv

QuerySpoolMode
AddPrinterW
OpenPrinterW
GetDefaultPrinterW
DocumentPropertiesW
AddPortExA
AbortPrinter
SetPrinterDataA
SetPrinterW

inetcomm

MimeEditDocumentFromStream
HrDoAttachmentVerb
MimeOleGetFileInfo
MimeOleCreateHashTable
MimeGetAddressFormatW
MimeOleSMimeCapsToDlg
MimeOleAlgStrengthFromSMimeCap
CreateNNTPTransport

oledlg

OleUIChangeSourceA
OleUIPasteSpecialW
OleUIUpdateLinksW
OleUIPromptUserW
OleUIObjectPropertiesW
OleUIConvertA
OleUIChangeSourceW
OleUIAddVerbMenuW
OleUIInsertObjectW

wsock32

WSAAsyncGetProtoByNumber
recv
htons
AcceptEx
recvfrom
GetAcceptExSockaddrs
WSAStartup
rexec
TransmitFile
gethostbyname

crypt32

CertNameToStrW
CertGetValidUsages
CertGetEnhancedKeyUsage
CertAddCertificateContextToStore
CryptSIPRemoveProvider
CryptGetDefaultOIDFunctionAddress
CryptBinaryToStringW
CryptAcquireCertificatePrivateKey
CryptUnregisterOIDInfo

Sections

.rdata
Size: 1KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 32KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 33KB

IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 23KB

IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

752e1ad839fdd9d87e202c92c2bee710

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

wininet

winspool.drv

inetcomm

oledlg

wsock32

crypt32

Sections

.rdata Size: 1KB - Virtual size: 10KB

.rdata Size: 1024B - Virtual size: 2KB

.edata Size: 1KB - Virtual size: 32KB

.edata Size: 14KB - Virtual size: 13KB

.rdata Size: 5KB - Virtual size: 5KB

.rdata Size: 1024B - Virtual size: 33KB

.edata Size: 1KB - Virtual size: 15KB

.rdata Size: 1KB - Virtual size: 25KB

.data Size: 11KB - Virtual size: 16KB

.rdata Size: 1KB - Virtual size: 19KB

.rdata Size: 1024B - Virtual size: 23KB

.edata Size: 1KB - Virtual size: 12KB

.rsrc Size: 172KB - Virtual size: 172KB

.reloc Size: 1024B - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 10KB

.rdata
Size: 1024B - Virtual size: 2KB

.edata
Size: 1KB - Virtual size: 32KB

.edata
Size: 14KB - Virtual size: 13KB

.rdata
Size: 5KB - Virtual size: 5KB

.rdata
Size: 1024B - Virtual size: 33KB

.edata
Size: 1KB - Virtual size: 15KB

.rdata
Size: 1KB - Virtual size: 25KB

.data
Size: 11KB - Virtual size: 16KB

.rdata
Size: 1KB - Virtual size: 19KB

.rdata
Size: 1024B - Virtual size: 23KB

.edata
Size: 1KB - Virtual size: 12KB

.rsrc
Size: 172KB - Virtual size: 172KB

.reloc
Size: 1024B - Virtual size: 4KB