b247ffda4f3426fb2fbe7d876f277513b66f0dbc2c53a5a6de0a135b0cfaa8a4

General

Target

b247ffda4f3426fb2fbe7d876f277513b66f0dbc2c53a5a6de0a135b0cfaa8a4
Size

196KB
MD5

ccf4c792166f15a7959969b3ece770dd
SHA1

f3b5a0a43de689cd3daf9c1f821c981a6c7b0f2f
SHA256

b247ffda4f3426fb2fbe7d876f277513b66f0dbc2c53a5a6de0a135b0cfaa8a4
SHA512

3778f978ee2260ba2471f5c4fe2306496f90c75881c25b10ac6974573d077adaa6fe87c919c258554d761732a2fb9e1d5aa1f74cd2312e042e1143057e19c6cc
SSDEEP

3072:kd8lllr9jj07g5GWEI74ppnNnVb9Wrkp9OD6BF7jlyIxbiGa3xblUc3rSRP1LP2Y:kaTjjwSzx7sn1GD678IQGa5lRUdLP2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b247ffda4f3426fb2fbe7d876f277513b66f0dbc2c53a5a6de0a135b0cfaa8a4

Files

b247ffda4f3426fb2fbe7d876f277513b66f0dbc2c53a5a6de0a135b0cfaa8a4
.exe windows:4 windows x86 arch:x86

5ff7c69a758bd8a789d31ffcd48c7f70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

advapi32

RegDeleteValueA
RegOpenKeyExA
CryptDestroyKey
RegEnumKeyExA
CryptCreateHash
CryptReleaseContext
RegEnumValueA
RegCreateKeyExA
GetUserNameA
CryptGetHashParam
CryptDestroyHash
RegSetValueExA
CryptHashData
RegQueryValueExA
CryptImportKey
CryptEncrypt
RegCloseKey

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

user32

GetDesktopWindow
DispatchMessageA
RegisterWindowMessageA
PeekMessageA
PostThreadMessageA
wsprintfA
GetQueueStatus
GetDC
ShowWindow
MsgWaitForMultipleObjects
DestroyWindow
CreateDialogParamA
ReleaseDC
RealGetWindowClassA
wvsprintfA

winmm

timeGetTime
timeSetEvent

kernel32

CreateFiber
GetCurrentThread
GetSystemTime
GetACP
CancelIo
IsBadReadPtr
EnumResourceNamesW
SetThreadPriority
GetCurrentThreadId
VirtualFree
GetLastError
lstrcatA
WaitForMultipleObjects
GetTickCount
GetThreadPriority
CreateSemaphoreA

Sections

.text
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ff7c69a758bd8a789d31ffcd48c7f70

Headers

File Characteristics

Imports

wininet

advapi32

setupapi

user32

winmm

kernel32

Sections

.text Size: 167KB - Virtual size: 166KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 26KB - Virtual size: 25KB

.tls Size: 512B - Virtual size: 356KB

.text
Size: 167KB - Virtual size: 166KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 26KB - Virtual size: 25KB

.tls
Size: 512B - Virtual size: 356KB