5a58e5378bc914b4c68daf91c8f6e4ee665c71329020df46b6b777de39b69553

Sharing

Copy URL

Twitter E-mail

General

Target

5a58e5378bc914b4c68daf91c8f6e4ee665c71329020df46b6b777de39b69553
Size

15.5MB
MD5

5e68e523c2494f6ceec7eb670b7e52b2
SHA1

67da412143c1f60d74086a0c50fd9f56ff905a17
SHA256

5a58e5378bc914b4c68daf91c8f6e4ee665c71329020df46b6b777de39b69553
SHA512

d9567af7220521646b0272bd8f27812b307b2d288b49a0813f4f88eada9bf1d83e88740a063b62a8bc8299991ee5c9e04665b56dfe49a7b8f405898df5a1f212
SSDEEP

393216:7i3hBtstoOXxV5SKbXqL0ULQLgVinP9abJ4i6mQnm/:GRMtoMxV5SK+L0ULQCiP9bpm/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a58e5378bc914b4c68daf91c8f6e4ee665c71329020df46b6b777de39b69553

Files

5a58e5378bc914b4c68daf91c8f6e4ee665c71329020df46b6b777de39b69553
.exe windows:5 windows x86

588defcbada3d094f0d7c9fee49d78bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

GetShortPathNameW
VirtualAlloc
TerminateProcess
SetEndOfFile
GetTempPathW
FindClose
GetFileAttributesW
GetVersionExW
UnmapViewOfFile
SetFileAttributesW
MultiByteToWideChar
DeleteFileW
HeapAlloc
GetWindowsDirectoryW
SetFilePointerEx
MoveFileExW
GetFileSize
GetProcessHeap
WideCharToMultiByte
GetFileType
CreateFileMappingW
MapViewOfFile
GetTickCount
FlushFileBuffers
SetFilePointer
LockFile
UnlockFile
GetCurrentProcessId
GetCurrentThreadId
LoadLibraryExW
FormatMessageW
LocalAlloc
lstrlenW
LocalSize
LocalFree
Sleep
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeSListHead
GetStringTypeW
TryEnterCriticalSection
EncodePointer
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
FindResourceExW
DeleteCriticalSection
DecodePointer
ResetEvent
RaiseException
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
DeviceIoControl
GetExitCodeProcess
FreeLibrary
GetModuleHandleW
CreateProcessW
GetProcAddress
LoadLibraryW
CloseHandle
SetEvent
GetLastError
CreateEventW
CreateFileW
WaitForSingleObject
WaitForMultipleObjects
GetModuleFileNameW
GetUserDefaultLangID
RemoveDirectoryW
GetHandleInformation
WriteFile
GetCurrentProcess
FindNextFileW
CreateTimerQueue
VirtualFree
HeapFree
FindFirstFileW
LoadResource
ReadFile
CreateDirectoryW
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
ReleaseSemaphore
DuplicateHandle
VirtualProtect
GetModuleHandleA
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
WriteConsoleW
HeapSize
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetCurrentThread
HeapReAlloc
GetACP
GetStdHandle
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
OutputDebugStringW
CreateFileMappingA

gdi32

CreateCompatibleDC
GetObjectW
DeleteObject
SelectObject
DeleteDC
StretchBlt
CreateCompatibleBitmap

comctl32

ord17

shlwapi

PathRemoveFileSpecW
PathRemoveBackslashW

user32

GetWindowRect
MonitorFromWindow
CreateWindowExW
UnregisterClassW
RegisterClassExW
ShowWindow
DispatchMessageW
GetMonitorInfoW
MapWindowPoints
LoadCursorW
GetClientRect
UpdateLayeredWindow
PostQuitMessage
GetDC
UpdateWindow
LoadImageW
ReleaseDC
BeginPaint
EndPaint
GetWindow
PostMessageW
DefWindowProcW
GetMessageW
GetWindowLongW
GetParent
DestroyWindow
SetWindowPos

shell32

SHGetSpecialFolderPathW

Sections

.text
Size: 373KB - Virtual size: 373KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

588defcbada3d094f0d7c9fee49d78bc

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

gdi32

comctl32

shlwapi

user32

shell32

Sections

.text Size: 373KB - Virtual size: 373KB

.rdata Size: 111KB - Virtual size: 110KB

.data Size: 12KB - Virtual size: 16KB

.tls Size: 512B - Virtual size: 9B

.gfids Size: 3KB - Virtual size: 2KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.reloc Size: 21KB - Virtual size: 21KB

.text
Size: 373KB - Virtual size: 373KB

.rdata
Size: 111KB - Virtual size: 110KB

.data
Size: 12KB - Virtual size: 16KB

.tls
Size: 512B - Virtual size: 9B

.gfids
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

.reloc
Size: 21KB - Virtual size: 21KB