61fcbd1e671a3c4c1163c8d293da6ddf056fab6451125f6de103c10855612b1f

Sharing

Copy URL Twitter E-mail

General

Target

61fcbd1e671a3c4c1163c8d293da6ddf056fab6451125f6de103c10855612b1f
Size

308KB
MD5

b4e5b808628f696680badcec2b25ddfe
SHA1

3d4ff509fd2773e046b86f2ca6f354cf610cfc4d
SHA256

61fcbd1e671a3c4c1163c8d293da6ddf056fab6451125f6de103c10855612b1f
SHA512

029d9b1326975a2516d0c534f84013b9e6f7e6c9c7c475f487d4a19c04013625ec4c92eb545aa3128a44fdddf2d6ec8f926c72fac9fe348a58100cc14b14d718
SSDEEP

6144:mP0bU0TEUr6mRcbTx4N8BV+UdvrEFp7hKC:9trfcXamBjvrEH7h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61fcbd1e671a3c4c1163c8d293da6ddf056fab6451125f6de103c10855612b1f

Files

61fcbd1e671a3c4c1163c8d293da6ddf056fab6451125f6de103c10855612b1f
.dll windows:4 windows x86 arch:x86

99fb9398882ff77646b91bfc0a333150

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\mydev\inno-download-plugin\unicode\idp.pdb

Imports

wininet

FtpGetFileSize
InternetErrorDlg
HttpOpenRequestW
HttpQueryInfoW
HttpSendRequestW
InternetConnectW
FtpOpenFileW
InternetCrackUrlW
InternetQueryOptionW
InternetReadFile
FtpFindFirstFileW
InternetCloseHandle
FtpSetCurrentDirectoryW
InternetSetOptionW
InternetFindNextFileW
InternetOpenW

user32

GetWindowRect
PostMessageW
GetParent
GetDC
GetWindowLongW
ReleaseDC
SetWindowLongW
RedrawWindow
GetDesktopWindow
MessageBoxW
MapWindowPoints
EnableWindow
MoveWindow
DialogBoxParamW
MessageBeep
LoadIconW
GetDlgItem
EndDialog
ShowWindow
SendMessageW
SetWindowTextW
TranslateMessage
PeekMessageW
DispatchMessageW

gdi32

SelectObject
GetTextExtentPoint32W

kernel32

CreateFileA
ReadFile
SetEndOfFile
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
CreateFileW
LoadLibraryA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
HeapReAlloc
VirtualAlloc
VirtualFree
GetUserDefaultLCID
SetUnhandledExceptionFilter
WaitForSingleObject
GetLastError
GetTickCount
GetModuleHandleW
FormatMessageW
WideCharToMultiByte
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateDirectoryW
ExitThread
CloseHandle
ResumeThread
CreateThread
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapAlloc
GetProcessHeap
RaiseException
RtlUnwind
GetCPInfo
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
ExitProcess
WriteFile
GetConsoleCP
GetConsoleMode
HeapSize
HeapDestroy
HeapCreate

Exports

Exports

idpAddFile
idpAddFileComp
idpAddFileSize
idpAddFileSize32
idpAddFileSizeComp
idpAddFileSizeComp32
idpAddFtpDir
idpAddFtpDirComp
idpAddMessage
idpAddMirror
idpClearFiles
idpConnectControl
idpDownloadFile
idpDownloadFiles
idpDownloadFilesComp
idpDownloadFilesCompUi
idpFileDownloaded
idpFilesCount
idpFilesDownloaded
idpFtpDirsCount
idpGetFileSize
idpGetFileSize32
idpGetFilesSize
idpGetFilesSize32
idpReportError
idpSetComponents
idpSetDetailedMode
idpSetInternalOption
idpSetLogin
idpSetProxyLogin
idpSetProxyMode
idpSetProxyName
idpStartDownload
idpStopDownload
idpTrace

Sections

.text
Size: 176KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99fb9398882ff77646b91bfc0a333150

Headers

File Characteristics

PDB Paths

Imports

wininet

user32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 172KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 176KB - Virtual size: 172KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 11KB