f816cdc6aa5cceb32fe6c8a77cdf46e121ef2a5659873e5a0584a352f2d6fd13

Sharing

Copy URL Twitter E-mail

General

Target

f816cdc6aa5cceb32fe6c8a77cdf46e121ef2a5659873e5a0584a352f2d6fd13
Size

439KB
MD5

19f20217478faacfb7855fbba22b838c
SHA1

6e80277c697c6460bec6d57791b76f07bc6d3379
SHA256

f816cdc6aa5cceb32fe6c8a77cdf46e121ef2a5659873e5a0584a352f2d6fd13
SHA512

2a073816da6c168a2888c7920852324e769d5784f2c7dbc9d1da047e9ab1ea4be24ba4d389c301b56b460ed58fbc57813563a989858715278921a9b0ea02dbc1
SSDEEP

3072:BQAw0mrhPHFz0Rcvj2CZK4cRPwpNZQr1:nmFl0qLZKvYvi1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f816cdc6aa5cceb32fe6c8a77cdf46e121ef2a5659873e5a0584a352f2d6fd13

Files

f816cdc6aa5cceb32fe6c8a77cdf46e121ef2a5659873e5a0584a352f2d6fd13
.exe windows:5 windows x86 arch:x86

139a04e311484d910098f5943255b605

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetFileSize
CloseHandle
ReadFile
WriteFile
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetCurrentProcess
GetLastError
SetFilePointer
FindFirstFileA
DeleteFileA
GetEnvironmentVariableA
WaitForSingleObject
CreateToolhelp32Snapshot
Process32First
OpenProcess
Process32Next
TerminateProcess
GetVersionExA
GetModuleFileNameA
MoveFileExA
CopyFileA
LoadLibraryW
CreateEventA
CreateMutexA
ReleaseMutex
ExitProcess
GetTickCount
GetThreadContext
ReadProcessMemory
ResumeThread
GetWindowsDirectoryA
GetProcessHeap
SetEndOfFile
HeapReAlloc
GetStringTypeW
MultiByteToWideChar
IsBadReadPtr
WideCharToMultiByte
IsBadWritePtr
IsBadStringPtrA
LocalFree
LocalAlloc
lstrlenA
GetLocalTime
Sleep
CreateDirectoryA
GetProcAddress
WinExec
LoadLibraryA
LCMapStringW
IsProcessorFeaturePresent
FlushFileBuffers
WriteConsoleW
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapSize
SetStdHandle
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
GetFileAttributesA
EncodePointer
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
RaiseException
GetModuleHandleW
GetModuleFileNameW
HeapCreate
GetCPInfo
InterlockedIncrement
CreateFileW

user32

EnumChildWindows
GetWindow
PostMessageA
GetWindowTextA
GetWindowThreadProcessId
ToAscii

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA

shell32

SHGetFolderPathA
ShellExecuteExA

shlwapi

PathIsDirectoryA
StrStrIA

wininet

InternetConnectA
HttpOpenRequestA
HttpQueryInfoA
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle
HttpSendRequestA

dbghelp

ImageDirectoryEntryToData

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.shell
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

139a04e311484d910098f5943255b605

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

wininet

dbghelp

Sections

.text Size: 73KB - Virtual size: 72KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 10KB - Virtual size: 36KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 8KB - Virtual size: 7KB

.shell Size: 320KB - Virtual size: 320KB

.text
Size: 73KB - Virtual size: 72KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 10KB - Virtual size: 36KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 8KB - Virtual size: 7KB

.shell
Size: 320KB - Virtual size: 320KB