5bd62d7a75b5429da4fa8fb29c01c7dcee13a159af6a3347c4042b75dad9f53d

Sharing

Copy URL Twitter E-mail

General

Target

5bd62d7a75b5429da4fa8fb29c01c7dcee13a159af6a3347c4042b75dad9f53d
Size

202KB
MD5

2d1e22efbba34741c1a8c320351ded8d
SHA1

d1c21ffea3dd64bbb3b40b4c1d167d7121eb48de
SHA256

5bd62d7a75b5429da4fa8fb29c01c7dcee13a159af6a3347c4042b75dad9f53d
SHA512

541a7ebf9d686a86cdab7424d4c73f968ecab12d3036fcecef54a4b876b037a49537a3a33f4035b028481435a30a47019f942802f9fc61fae2f57548f94123fe
SSDEEP

3072:bdauC/Gmwrcg4aPFaFNGwfCR7ysRFX8beMK9oDta6:5lC/xg4+wFq4SFsbeMS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bd62d7a75b5429da4fa8fb29c01c7dcee13a159af6a3347c4042b75dad9f53d

Files

5bd62d7a75b5429da4fa8fb29c01c7dcee13a159af6a3347c4042b75dad9f53d
.exe windows x86

3f041e2b1c0094c368251f6f3b5a9539

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_mbsrchr
__lconv_init
_mbschr
_mbsinc
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
setlocale
strtoul
_ftol
wcsncpy
wcslen
wcscpy
wcscat
wcschr
wcsrchr
??2@YAPAXI@Z
_controlfp
exit
_cexit
_XcptFilter
_exit
_c_exit
??3@YAXPAX@Z
memmove
towlower
_wtoi
iswspace
free
_wcsnicmp
_wcsicmp
wcsncmp

advapi32

RegOpenKeyW
LookupPrivilegeValueW
OpenProcessToken
LookupAccountSidW
GetTokenInformation
FreeSid
EqualSid
AllocateAndInitializeSid
RegCloseKey
RegQueryValueExW
RegEnumKeyW
RegQueryValueW
RegEnumKeyExW
RegSetValueExW
AdjustTokenPrivileges
RegOpenKeyExW

kernel32

DeleteFileA
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindFirstFileA
SetErrorMode
GetFileAttributesA
SetCurrentDirectoryW
GetModuleFileNameW
CloseHandle
GetCurrentProcess
CreateThread
LocalFree
FormatMessageW
LocalAlloc
GetLastError
CreateMutexW
GetVersionExW
DeleteCriticalSection
WaitForSingleObject
lstrlenW
LeaveCriticalSection
EnterCriticalSection
GetVersion
GetCurrentDirectoryW
InitializeCriticalSection
lstrcpyW
GetEnvironmentStringsW
HeapFree
HeapAlloc
GetProcessHeap
GetProcAddress
GetModuleHandleW
CopyFileW
CreateDirectoryW
GetSystemDirectoryW
GetWindowsDirectoryW
GetEnvironmentVariableW
GetFileAttributesW
DeleteFileW
SetFileAttributesW
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
GetDriveTypeW
ExpandEnvironmentStringsW
LoadLibraryW
FreeLibrary
LoadLibraryExW
DeviceIoControl
CreateFileA
TerminateProcess
OpenProcess
FindClose
FindNextFileW
FindFirstFileW
lstrcatW
SetEvent
CreateEventW
ResetEvent
WriteFile
SetCommState
GetCommState
SetCommTimeouts
ReadFile
ExitThread
WaitForMultipleObjects
GetModuleHandleA
GetStartupInfoA
DebugBreak
ExitProcess
HeapReAlloc
GetDiskFreeSpaceW
SetFilePointer
FormatMessageA
SetLastError
IsDBCSLeadByte
GetVersionExA
CreateEventA
CreateDirectoryA
GetTempFileNameA
GetTempPathA
CreateFileW
CreateProcessW

gdi32

GetDeviceCaps
CreateFontIndirectW
AddFontResourceW

user32

CopyRect
IsWindow
GetWindowLongA
SetWindowLongA
InvalidateRect
GetSysColor
SendDlgItemMessageW
SetFocus
LoadIconW
SetWindowLongW
RedrawWindow
LoadImageW
EnumChildWindows
GetWindowLongW
GetClientRect
ScreenToClient
SetWindowPos
ShowWindow
SystemParametersInfoW
GetDC
LoadStringA
ReleaseDC
wsprintfW
GetParent
PostMessageW
DialogBoxParamW
EnableWindow
EndDialog
GetDlgItem
SendMessageA
MessageBoxA
GetWindowRect
SetTimer
FindWindowW
RegisterClassExW
LoadStringW
MessageBoxW
CreateWindowExW
GetMessageW
TranslateMessage
DispatchMessageW
SendMessageW
SetForegroundWindow
EnumThreadWindows
PostQuitMessage
DefWindowProcW
ExitWindowsEx

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFileInfoW
SHGetMalloc

ole32

OleUninitialize
OleInitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CoUninitialize

comdlg32

GetOpenFileNameW

comctl32

PropertySheetW
InitCommonControlsEx
CreatePropertySheetPageW

setupapi

SetupGetLineCountW
SetupFindFirstLineW
SetupOpenAppendInfFileW
SetupOpenInfFileW
SetupCloseInfFile
SetupFindNextLine
SetupGetStringFieldW

log

LogReInitW
SuppressAllLogPopups
LogEnd
LogA
LogDeleteOnNextInit
LogBegin

migism

IsmStartTransport
IsmSetRollbackJournalType
IsmDoesRollbackDataExist
IsmPreserveJournal
IsmCanWriteRollbackJournal
IsmTerminate
IsmSetCancel
IsmSave
IsmLoad
IsmRollback
IsmRemoveAllUserSuppliedComponents
IsmSelectMasterGroup
IsmEnumFirstComponent
IsmEnumNextComponent
IsmExecute
IsmRegisterTransport
IsmSelectTransport
IsmSetTransportStorage
IsmSendMessageToApp
IsmAppendEnvironmentMultiSz
IsmSetEnvironmentValue
IsmRegisterProgressBarCallback
IsmIsComponentSelected
IsmSelectComponent
IsmAddComponentAlias
IsmGetTempStorage
TrackedIsmDuplicateString
TrackedIsmGetMemory
IsmSetEnvironmentString
IsmReleaseObject
TrackedIsmExpandEnvironmentString
IsmGetTempFile
IsmDestroyObjectString
IsmInitialize
IsmSetPlatform
IsmGetEnvironmentMultiSz
IsmSetEnvironmentMultiSz
IsmGetObjectTypeName
TrackedIsmGetNativeObjectName
IsmGetObjectTypeId
IsmAcquireObjectEx
TrackedIsmCreateObjectStringsFromHandleEx
TrackedIsmCreateObjectHandle
IsmReplacePhysicalObject
IsmDestroyObjectHandle
IsmReleaseMemory
IsmStartEtmModules
IsmSetEnvironmentFlag

shlwapi

StrCmpW
StrChrIW
SHGetValueW
PathIsDirectoryW
StrDupW
StrCpyW
StrCatW
StrCpyNW
PathIsRootW
PathAppendW
StrCmpIW
ord16

cabinet

ord10
ord13
ord11
ord14

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 126KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f041e2b1c0094c368251f6f3b5a9539

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

shell32

ole32

comdlg32

comctl32

setupapi

log

migism

shlwapi

cabinet

Sections

.text Size: 73KB - Virtual size: 72KB

.data Size: 2KB - Virtual size: 31KB

.rsrc Size: 126KB - Virtual size: 128KB

.text
Size: 73KB - Virtual size: 72KB

.data
Size: 2KB - Virtual size: 31KB

.rsrc
Size: 126KB - Virtual size: 128KB