51d8ff23d15764ae9f6e700d4ea50cc86bfbfde6f39152a20dad149d3ef326e8

Sharing

Copy URL Twitter E-mail

General

Target

51d8ff23d15764ae9f6e700d4ea50cc86bfbfde6f39152a20dad149d3ef326e8
Size

515KB
MD5

55c70d42cff42832903a240363073d3a
SHA1

83f5c4a5b6519324dde9d3206cc37247d1cd03a1
SHA256

51d8ff23d15764ae9f6e700d4ea50cc86bfbfde6f39152a20dad149d3ef326e8
SHA512

319a86a12baefed2b399bc34935076b20d44d00b0f5e1b7cadfa7301e5c6b7f6a69d505d989329bcc5e75c898868b803aec9902751730f59f002cc01cc1561be
SSDEEP

6144:w8UMgUAh0s/pIEobC0MWtqCc5ktpX4XxtR2+eddIZQRDkqiouG3L6owg+wyr:wtMgLNWYCcC74XxtIxd6TouG3hGr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51d8ff23d15764ae9f6e700d4ea50cc86bfbfde6f39152a20dad149d3ef326e8

Files

51d8ff23d15764ae9f6e700d4ea50cc86bfbfde6f39152a20dad149d3ef326e8
.exe windows x86

59259cb68378f740d332af016a16adc6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmInstallIMEW

kernel32

HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
HeapDestroy
InitializeCriticalSectionEx
DecodePointer
DeleteCriticalSection
FreeLibrary
GetProcAddress
lstrcmpiW
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetCurrentThreadId
SetLastError
CreateFileW
ReadConsoleW
ReadFile
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetFilePointerEx
GetFileSizeEx
GetFileAttributesW
SetStdHandle
SetConsoleCtrlHandler
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetTempPathW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
CloseHandle
WaitForSingleObject
Wow64RevertWow64FsRedirection
Wow64DisableWow64FsRedirection
GetSystemDirectoryW
GetModuleHandleW
GetModuleFileNameW
ExitProcess
GetLastError
GetSystemWow64DirectoryW
DeleteFileW
MoveFileExW
CopyFileW
GetACP
IsValidCodePage
WriteConsoleW
FindNextFileW
FindFirstFileExW
FindClose
GetFileType
GetCurrentThread
WriteFile
GetStdHandle
GetModuleHandleExW
TlsFree
RaiseException
GetStringTypeW
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
GetCurrentProcess
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
LoadLibraryExA
IsDebuggerPresent
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
InterlockedFlushSList
TlsAlloc
TlsGetValue
TlsSetValue

user32

CheckRadioButton
SetWindowTextW
GetDlgItem
UnloadKeyboardLayout
MessageBoxW
EnableWindow
DialogBoxParamW
GetActiveWindow
DestroyWindow
CharNextW
UnregisterClassW
SetWindowLongW
EndDialog
SetFocus
GetWindowTextLengthW
GetWindowTextW
IsDlgButtonChecked
GetWindow
GetWindowLongW
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
GetParent
GetClientRect
MapWindowPoints
SetWindowPos

advapi32

RegDeleteValueW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCreateKeyExW
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyW
RegSetValueExW
RegCreateKeyW

shell32

ShellExecuteExW

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree

oleaut32

SysFreeString
VarUI4FromStr

comctl32

InitCommonControlsEx

Sections

.text
Size: 412KB - Virtual size: 412KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59259cb68378f740d332af016a16adc6

Headers

DLL Characteristics

File Characteristics

Imports

imm32

kernel32

user32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 412KB - Virtual size: 412KB

.rdata Size: 55KB - Virtual size: 54KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 30KB - Virtual size: 29KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 412KB - Virtual size: 412KB

.rdata
Size: 55KB - Virtual size: 54KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 30KB - Virtual size: 29KB

.reloc
Size: 13KB - Virtual size: 12KB