959bd4e8f267c58f90e333fdaed2e215bded9bb1465c62d84f2606e7f3cd2641N

Sharing

Copy URL Twitter E-mail

General

Target

959bd4e8f267c58f90e333fdaed2e215bded9bb1465c62d84f2606e7f3cd2641N
Size

996KB
MD5

0ab6f65e2d51483e3f5eba0ce05f8ea0
SHA1

12152706bcda637830381cc5bf109fa0b3644c25
SHA256

959bd4e8f267c58f90e333fdaed2e215bded9bb1465c62d84f2606e7f3cd2641
SHA512

f25071fb251a6ce4fef3438645eae737db874c81361f7d3a5355f8861bd5242b8ddb7667adbd3f290b3b7d421a038cc9c12597f1f725b17f860a4cb0e2f0f693
SSDEEP

24576:18O7fee9I122u6y1kpQQPjneTwq2/ypLfoTXPVvv1:LD36eL8jnASo2fF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
959bd4e8f267c58f90e333fdaed2e215bded9bb1465c62d84f2606e7f3cd2641N

Files

959bd4e8f267c58f90e333fdaed2e215bded9bb1465c62d84f2606e7f3cd2641N
.exe windows:4 windows x86 arch:x86

5542a5c8db36b05c51303bc35369f863

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetShowSecurityInfoByURLA
ShowX509EncodedCertificate
InternetSetDialStateW
ShowSecurityInfo
InternetCombineUrlA
InternetQueryOptionW
InternetCrackUrlA

kernel32

ReadFile
HeapFree
GetTimeFormatA
CreateFileA
ExitProcess
GetConsoleCP
GetLastError
InterlockedDecrement
SetStdHandle
GetACP
GetStartupInfoA
GetCurrentProcess
WritePrivateProfileStructA
QueryPerformanceCounter
GetCurrentThreadId
TlsAlloc
IsValidLocale
CreateToolhelp32Snapshot
GetModuleHandleA
IsDebuggerPresent
InitializeCriticalSection
InterlockedExchange
TlsSetValue
GetLocaleInfoW
GetCurrentThread
SetConsoleCtrlHandler
VirtualFree
GetSystemTimeAsFileTime
WriteFile
GetUserDefaultLCID
UnhandledExceptionFilter
GetStringTypeA
HeapSize
FlushFileBuffers
GetProcAddress
GetThreadTimes
HeapReAlloc
GetTimeZoneInformation
FreeEnvironmentStringsW
DeleteCriticalSection
LCMapStringA
MultiByteToWideChar
FreeLibrary
WriteConsoleW
LCMapStringW
GetOEMCP
LeaveCriticalSection
GetModuleFileNameW
IsValidCodePage
GetCommandLineA
HeapDestroy
VirtualQuery
WideCharToMultiByte
FreeEnvironmentStringsA
ReadConsoleInputA
GetModuleFileNameA
TlsFree
GetFileType
GetConsoleOutputCP
GetCPInfo
GetConsoleMode
Sleep
WriteConsoleA
TerminateProcess
EnterCriticalSection
SetHandleCount
RtlUnwind
GetTickCount
CreateMutexA
SetFilePointer
SetUnhandledExceptionFilter
TlsGetValue
HeapAlloc
SetLastError
SetEnvironmentVariableA
GetEnvironmentStrings
CompareStringA
VirtualAlloc
GetLocaleInfoA
EnumSystemLocalesA
GetCommandLineW
GetStartupInfoW
GetDateFormatA
WriteConsoleOutputAttribute
GetEnvironmentStringsW
GetCurrentProcessId
OpenMutexA
GetStringTypeW
GetVersionExA
CloseHandle
ReleaseSemaphore
GetFileTime
HeapCreate
GetProcessHeap
LoadLibraryA
CompareStringW
GetProcessAffinityMask
GetPrivateProfileSectionNamesA
FlushViewOfFile
InterlockedIncrement
GetStdHandle

comctl32

ImageList_LoadImage
ImageList_GetImageInfo
CreateToolbar
ImageList_SetImageCount
ImageList_DrawEx
ImageList_Duplicate
ImageList_Destroy
ImageList_GetDragImage
ImageList_Draw
ImageList_AddMasked
ImageList_GetFlags
InitCommonControlsEx

gdi32

GetStockObject
CreateEnhMetaFileA
SelectObject
GetViewportExtEx
SetWindowExtEx
CopyEnhMetaFileA
StretchDIBits
CreateRectRgnIndirect
SaveDC
ScaleViewportExtEx
PlayEnhMetaFileRecord
GdiPlayDCScript
GetKerningPairsW

shell32

RealShellExecuteA
RealShellExecuteExA

user32

IsZoomed
RemovePropA
CreateWindowExA
MessageBoxW
ShowWindow
DestroyWindow
RegisterClassA
DefWindowProcA
RegisterClassExA
wsprintfW
CreateAcceleratorTableA
SendDlgItemMessageW
SetCaretPos
TranslateAcceleratorW
GetTitleBarInfo
ChangeMenuA
GetDoubleClickTime
ChangeClipboardChain

Sections

.text
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 243KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 548KB - Virtual size: 535KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5542a5c8db36b05c51303bc35369f863

Headers

File Characteristics

Imports

wininet

kernel32

comctl32

gdi32

shell32

user32

Sections

.text Size: 193KB - Virtual size: 192KB

.rdata Size: 243KB - Virtual size: 266KB

.data Size: 548KB - Virtual size: 535KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 193KB - Virtual size: 192KB

.rdata
Size: 243KB - Virtual size: 266KB

.data
Size: 548KB - Virtual size: 535KB

.rsrc
Size: 10KB - Virtual size: 10KB