b7542bfd53e7a5531d0b89c7797c5ede8e01d9103a03d14024532a9661f669ebN

Sharing

Copy URL Twitter E-mail

General

Target

b7542bfd53e7a5531d0b89c7797c5ede8e01d9103a03d14024532a9661f669ebN
Size

208KB
MD5

75332c6f82b8d517f0f403bdea225480
SHA1

55b5165fb1ed1f2b6fb5fe59386bb342d25dfc2f
SHA256

b7542bfd53e7a5531d0b89c7797c5ede8e01d9103a03d14024532a9661f669eb
SHA512

25b56af727149f0e1d6d180a0df67f3139ae8a6c387c26ccf220d54bb3ec3f46115b2c0b6e5df8906b08541385fecac58d4a0152ca072b0e6d2929a528612a6f
SSDEEP

6144:Xa1oB/yvpK0JCmRcRRR8N0e2kXfCqNidkfk:XbapK0JCmRcU9vVokf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7542bfd53e7a5531d0b89c7797c5ede8e01d9103a03d14024532a9661f669ebN

Files

b7542bfd53e7a5531d0b89c7797c5ede8e01d9103a03d14024532a9661f669ebN
.exe windows:2 windows x86 arch:x86

e391eee2fda3671a828f8ce7165ca399

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SearchPathA
GetModuleHandleW
ConnectNamedPipe
GetModuleFileNameA
EnumTimeFormatsW
SuspendThread
GetWindowsDirectoryW
GetPriorityClass
lstrlen
CreateThread
GetSystemDefaultLangID
FlushFileBuffers
ReadDirectoryChangesW
GetDateFormatA
BeginUpdateResourceW
FreeResource
GetSystemDirectoryA
CreateMutexW
GetModuleFileNameW
GetModuleHandleA
LoadLibraryW
FatalAppExitA
SetLocaleInfoW
GetProcessHeap
GetDiskFreeSpaceA
GetProcAddress
FindResourceA
GetOEMCP
lstrcpyW
GetThreadPriority
GlobalGetAtomNameW
MoveFileW
CompareStringA
LocalFree
MultiByteToWideChar
GetVersionExW
GetACP

user32

LoadMenuIndirectA
UnregisterClassW
GetClassInfoExW
RegisterClassA
GetClassNameA
LoadMenuW
DefDlgProcW
SetWindowRgn
GetParent
DialogBoxIndirectParamA
LoadMenuA
GetClassInfoW
DrawTextW
CreateDialogIndirectParamW
wvsprintfA
LoadCursorW
EnumWindows
DialogBoxIndirectParamW
CharNextW
FindWindowW
GetDCEx
GetSysColor
GetMenuStringW
GetTopWindow
LoadBitmapA
TrackPopupMenuEx
AppendMenuW
InsertMenuItemA
GetWindowRect
MessageBoxW
SetActiveWindow
EnumDesktopsA
CreatePopupMenu
FindWindowA
MessageBoxIndirectW
CreateAcceleratorTableW
CharLowerA
DeleteMenu
GetForegroundWindow
EnumDesktopWindows
EnumDesktopsW
CopyRect
OpenClipboard
GetDlgItemTextW
GetWindowLongW
GetMenuItemCount
CheckDlgButton
CreateAcceleratorTableA
WaitForInputIdle
DialogBoxParamW
PostQuitMessage
GetActiveWindow
CreateCaret
RegisterWindowMessageW
GetClassNameW
GetMenuItemInfoA
EndMenu
WinHelpA
SetCapture
SetTimer
CreateMenu
CreateDialogParamA
SendDlgItemMessageA
LoadCursorA
DefWindowProcW
EnumDesktopsA
SetMenu

gdi32

GetBrushOrgEx
StrokeAndFillPath
CreateFontW
GetEnhMetaFilePixelFormat
GetPixel
GetViewportOrgEx
CreateDCA
CopyMetaFileW
AbortPath
RemoveFontResourceA
GetKerningPairsA
EnumFontFamiliesExW
AddFontResourceW
Rectangle
GetDeviceGammaRamp
PolyPolygon
RectInRegion
GetGlyphIndicesA
CreatePolygonRgn
SetColorSpace
SetMetaFileBitsEx
CreateBitmap
OffsetRgn
EndDoc
CreateDIBPatternBrush
PlayEnhMetaFile
RestoreDC
GetCharWidth32W
PaintRgn
StartFormPage

advapi32

RegDeleteKeyW
RegOpenKeyA
RegQueryMultipleValuesW
RegEnumValueW
RegSetValueA
RegEnumKeyExA
RegCreateKeyExA
RegRestoreKeyW
RegCloseKey
RegEnumKeyA
RegEnumKeyW
RegDeleteValueA
RegQueryValueW
RegReplaceKeyW
RegFlushKey
CryptSetProviderA
RegOpenKeyW
RegEnumValueA

shell32

ExtractIconExA

comctl32

ImageList_SetImageCount
ImageList_Duplicate
FlatSB_EnableScrollBar
DllGetVersion
ImageList_SetBkColor
InitCommonControls
ImageList_GetBkColor

comdlg32

FindTextA
LoadAlterBitmap
ReplaceTextW
GetFileTitleW
GetSaveFileNameW
ReplaceTextA

oleaut32

VarR8FromDisp
VarUI1FromStr
VarDateFromUI8
OleLoadPictureFile
VarUI1FromDisp
VarUI8FromCy

wininet

GopherGetLocatorTypeA
ShowCertificate
HttpQueryInfoA
SetUrlCacheHeaderData
FindFirstUrlCacheContainerA
GetUrlCacheEntryInfoA
FindNextUrlCacheContainerA
DeleteUrlCacheEntry
InternetGetConnectedState
GetUrlCacheConfigInfoW
InternetConfirmZoneCrossing
InternetGetConnectedStateEx
InternetCreateUrlA
CreateUrlCacheEntryA
InternetSetPerSiteCookieDecisionW
InternetSetOptionW
RetrieveUrlCacheEntryFileW
FindCloseUrlCache
UrlZonesDetach

urlmon

IsValidURL
CoInternetCreateSecurityManager
URLDownloadToCacheFileW
Extract
MkParseDisplayNameEx
GetMarkOfTheWeb
CopyStgMedium
HlinkNavigateMoniker

wsock32

GetAddressByNameA
GetAddressByNameW
s_perror
WSAAsyncGetProtoByNumber
socket
WSAAsyncGetHostByName
send
AcceptEx
shutdown

crypt32

CertFreeCRLContext
CertGetIntendedKeyUsage
CertGetNameStringW
PFXExportCertStoreEx
CryptVerifyMessageHash
CertGetIssuerCertificateFromStore
I_CryptEnableLruOfEntries
I_CryptGetAsn1Decoder
CertEnumSystemStoreLocation
I_CryptSetTls

Sections

.ehkoKk
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WbOYt
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jVQpnF
Size: 1KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MAgzG
Size: 109KB - Virtual size: 217KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e391eee2fda3671a828f8ce7165ca399

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

comdlg32

oleaut32

wininet

urlmon

wsock32

crypt32

Sections

.ehkoKk Size: 2KB - Virtual size: 20KB

.WbOYt Size: 16KB - Virtual size: 16KB

.rdata Size: 6KB - Virtual size: 6KB

.jVQpnF Size: 1KB - Virtual size: 49KB

.MAgzG Size: 109KB - Virtual size: 217KB

.data Size: 6KB - Virtual size: 9KB

.rsrc Size: 64KB - Virtual size: 64KB

.reloc Size: 512B - Virtual size: 4KB

.ehkoKk
Size: 2KB - Virtual size: 20KB

.WbOYt
Size: 16KB - Virtual size: 16KB

.rdata
Size: 6KB - Virtual size: 6KB

.jVQpnF
Size: 1KB - Virtual size: 49KB

.MAgzG
Size: 109KB - Virtual size: 217KB

.data
Size: 6KB - Virtual size: 9KB

.rsrc
Size: 64KB - Virtual size: 64KB

.reloc
Size: 512B - Virtual size: 4KB