d7c2b2345520837f7b0733f8d832b0beb28dbb96216b60766a671d3d922c4707N

Sharing

Copy URL Twitter E-mail

General

Target

d7c2b2345520837f7b0733f8d832b0beb28dbb96216b60766a671d3d922c4707N
Size

2.0MB
MD5

046262656cacf822d9b3ca925caebba0
SHA1

b12afa5741c3dc8008704741c0fe01de51106135
SHA256

d7c2b2345520837f7b0733f8d832b0beb28dbb96216b60766a671d3d922c4707
SHA512

50d35da521e00182a9f8d964748de92c7cca793dd154f37be0af2b985ae9571e8269c6b63dc3f6bb09e2758dc785e274b796513506ba6f9cdd68cc1c3590ad55
SSDEEP

49152:mEQ0j0YKUJduux8q9842kOeXT2g36YrnB4QiTaxArbzzzzzkzzzzz:mavKUOu6q981eNrnB0vrbzzzzzkzzzzz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7c2b2345520837f7b0733f8d832b0beb28dbb96216b60766a671d3d922c4707N

Files

d7c2b2345520837f7b0733f8d832b0beb28dbb96216b60766a671d3d922c4707N
.exe windows:4 windows x86 arch:x86

f79fdd2b42a1052a2ddbd3b1cf24bc90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

user32

FindWindowA
CharNextA
LoadStringA
SetWindowTextA
GetDlgItem
MessageBoxA
IsChild
GetDesktopWindow
GetLastActivePopup
GetWindowThreadProcessId
GetForegroundWindow
IsWindow
GetWindowInfo
CharUpperW
CharUpperA
PostMessageA
ShowWindow
EnableWindow
EnableMenuItem
GetMenuItemID
GetMenuItemCount
GetSystemMenu
SetTimer
EndDialog
KillTimer
IsWindowVisible
DialogBoxParamA
wsprintfA
SendMessageA

gdi32

CreateFontA
DeleteObject

oleaut32

VarBstrCat
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayDestroy
SysFreeString
VariantClear
SysAllocString
SysAllocStringLen
VariantInit

advapi32

RegCloseKey
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA

shlwapi

PathAppendA
PathFindFileNameA
StrStrIA
PathAppendW
PathFindFileNameW
StrStrIW
PathRemoveExtensionA

kernel32

FlushFileBuffers
SetStdHandle
QueryPerformanceCounter
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
IsBadCodePtr
IsBadReadPtr
GetStringTypeA
InterlockedIncrement
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
LCMapStringW
LCMapStringA
TerminateProcess
GetLocaleInfoW
GetStringTypeW
ExitProcess
IsBadWritePtr
HeapCreate
HeapDestroy
TlsGetValue
InterlockedDecrement
GetProcessHeap
DeviceIoControl
LocalFree
GetFileType
TlsSetValue
TlsFree
TlsAlloc
GetCPInfo
GetOEMCP
ExitThread
HeapReAlloc
lstrlenA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
GetPrivateProfileIntA
GetModuleFileNameA
SetUnhandledExceptionFilter
CloseHandle
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
SuspendThread
GetProcAddress
GetModuleHandleA
RaiseException
CreateFileA
FreeLibrary
LoadLibraryA
GetLocalTime
MultiByteToWideChar
WideCharToMultiByte
GetLastError
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
lstrlenW
GetTempPathA
CreateFileW
GetTempPathW
VirtualProtect
CreateDirectoryA
lstrcpynA
GetSystemTime
GetTickCount
GetFileAttributesA
WriteFile
ReadFile
SetFilePointer
GetFileSize
WaitForSingleObject
lstrcatA
GetStartupInfoA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
FindFirstFileA
GetPrivateProfileStringA
MoveFileA
GetFileSizeEx
OutputDebugStringA
Sleep
GetPrivateProfileSectionA
GetDiskFreeSpaceA
lstrcpyA
ReleaseMutex
TerminateThread
ResumeThread
CreateThread
GetCommandLineA
CreateMutexA
GetStdHandle
EnterCriticalSection
LeaveCriticalSection
WaitForMultipleObjects
VirtualAlloc
VirtualFree
CreateEventA
SetEvent
ResetEvent
SetFileTime
SetLastError
SetFileAttributesW
CreateDirectoryW
DeleteFileW
FindFirstFileW
SetEndOfFile
GetSystemInfo
RtlUnwind
HeapAlloc
HeapFree
VirtualQuery
GetSystemTimeAsFileTime

wininet

HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetCrackUrlA
InternetSetOptionA
InternetOpenA
InternetConnectA
InternetAttemptConnect
InternetCloseHandle

rpcrt4

UuidCreate

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

ole32

CoUninitialize
CoInitializeSecurity
CoInitialize
CoCreateInstance

Sections

.text
Size: 179KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 792KB - Virtual size: 792KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f79fdd2b42a1052a2ddbd3b1cf24bc90

Headers

File Characteristics

Imports

comctl32

user32

gdi32

oleaut32

advapi32

shlwapi

kernel32

wininet

rpcrt4

version

ole32

Sections

.text Size: 179KB - Virtual size: 180KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 1.0MB - Virtual size: 1.0MB

.rsrc Size: 792KB - Virtual size: 792KB

.text
Size: 179KB - Virtual size: 180KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 1.0MB - Virtual size: 1.0MB

.rsrc
Size: 792KB - Virtual size: 792KB