5bbb3a2daa9a189d92fb5c8fced9c92783823c3ba784db904a1706da21c3c482

Sharing

Copy URL Twitter E-mail

General

Target

5bbb3a2daa9a189d92fb5c8fced9c92783823c3ba784db904a1706da21c3c482
Size

287KB
MD5

a4ee0726101aa8219665fcf97a80eea6
SHA1

0783e9f3223300d4f245da6988d789c26055a353
SHA256

5bbb3a2daa9a189d92fb5c8fced9c92783823c3ba784db904a1706da21c3c482
SHA512

b33c39bfffc59d23739d36d63a1deb8d58665180ef86263b4107be81617492b73fb47bee9013025a83d481c3a70f2b43928a38773b8e8813a76ebb95c8dba843
SSDEEP

3072:IX+MEg9tcaBcA+hyiiG00xE4/zCd8Kp05HuB/WTIDylH8V2eHbPAHDQrzrnkGJsF:IXVxvd0NGpw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bbb3a2daa9a189d92fb5c8fced9c92783823c3ba784db904a1706da21c3c482

Files

5bbb3a2daa9a189d92fb5c8fced9c92783823c3ba784db904a1706da21c3c482
.exe windows:5 windows x64

8b288786866a5a536b0a40f44a797241

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

DrawTextW
UpdateWindow
GetDlgItemTextW
InflateRect
SetDlgItemTextW
SetRect
GetDC
CreateWindowExW
ReleaseDC
EnableWindow
TranslateMessage
TranslateAcceleratorW
SetProcessDefaultLayout
RegisterWindowMessageW
RegisterClassExW
PostQuitMessage
MoveWindow
MonitorFromRect
LoadImageW
LoadAcceleratorsW
IsDialogMessageW
IsClipboardFormatAvailable
InvalidateRect
IntersectRect
GetMonitorInfoW
GetWindowRect
GetSystemMetrics
GetMessageW
GetMenu
DispatchMessageW
DestroyAcceleratorTable
DefWindowProcW
CheckMenuItem
CallWindowProcW
WinHelpW
ShowWindow
SetWindowTextW
SetWindowLongPtrW
SetFocus
SetDlgItemInt
SetCursor
SendMessageW
SendDlgItemMessageW
PostMessageW
MessageBoxW
LoadStringW
LoadIconW
LoadCursorW
GetWindowTextLengthW
GetWindowTextW
GetDlgItemInt
GetDlgItem
GetClientRect
EndDialog
EnableMenuItem
DialogBoxParamW
DestroyWindow

gdi32

StartPage
StartDocW
SetMapMode
SelectObject
Rectangle
GetTextMetricsW
GetTextExtentPoint32W
GetStockObject
GetDeviceCaps
EndPage
EndDoc
DeleteDC
AbortDoc
DeleteObject
CreateFontIndirectW
TextOutW

comctl32

CreateStatusWindowW

comdlg32

PrintDlgW
ChooseFontW
FindTextW
GetOpenFileNameW
GetSaveFileNameW
ReplaceTextW
PageSetupDlgW
GetFileTitleW

advapi32

RegSetValueExW
RegQueryValueExW
RegOpenKeyW
RegCreateKeyExW
RegCloseKey
IsTextUnicode

shell32

DragQueryFileW
DragFinish
DragAcceptFiles
ShellExecuteW
ShellAboutW
SHAddToRecentDocs

msvcrt

__lconv_init
signal
_wcmdln
__winitenv
_initterm
_fpreset
_cexit
exit
__set_app_type
memset
wcscat
wcscmp
wcscpy
wcsrchr
_vsnwprintf
_assert
iswctype
wcslen
wcsncmp
wcsncpy
_wcsnicmp
towupper
memcpy
malloc
__setusermatherr
_amsg_exit
__wgetmainargs

kernel32

LocalUnlock
LocalLock
LocalFree
HeapFree
HeapAlloc
GetProcessHeap
GetProcAddress
GetLocalTime
GetLastError
GetFileAttributesW
GetDateFormatW
CreateFileW
CloseHandle
TlsGetValue
GetStartupInfoW
SetUnhandledExceptionFilter
Sleep
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTimeFormatW
GetTickCount
QueryPerformanceCounter
GetFullPathNameW
GlobalFree
lstrlenW
GetUserDefaultUILanguage
CreateThread
LocalAlloc
MulDiv
GetUserDefaultLangID
CreateFileMappingW
GetFileSize
LocalReAlloc
MapViewOfFile
UnmapViewOfFile
WriteFile
MultiByteToWideChar
FormatMessageW
WideCharToMultiByte
GetModuleHandleA
LoadLibraryW
DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
GetModuleFileNameW

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 238KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b288786866a5a536b0a40f44a797241

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

comctl32

comdlg32

advapi32

shell32

msvcrt

kernel32

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 5KB

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 238KB - Virtual size: 237KB

.reloc Size: 512B - Virtual size: 40B

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 5KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 238KB - Virtual size: 237KB

.reloc
Size: 512B - Virtual size: 40B