544e97ef06af08d703b7f740f4391491772587668ace34489eb879d08a1fd854

Sharing

Copy URL Twitter E-mail

General

Target

544e97ef06af08d703b7f740f4391491772587668ace34489eb879d08a1fd854
Size

113KB
MD5

54a33e784da9b461d3d43484b2cfa0a6
SHA1

e6c3ed0648ab45922c7396c4feb41d0ef4bc2c74
SHA256

544e97ef06af08d703b7f740f4391491772587668ace34489eb879d08a1fd854
SHA512

2787651d8ad5d3210951040e4b2b3afe68c9fab06d91fae0f399ba69a3f7a72f53bedc2a008928caf08e4f1164e35e0583260480b56b108ef47d9ee9effd0b9b
SSDEEP

1536:FqzJ3FKZhV89lF5XLJXbPWRmQ/va0is2Epj1gm4HVbykFnnryPOjYh75A:ovWgXFrPJiavQpjuRpjY75A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
544e97ef06af08d703b7f740f4391491772587668ace34489eb879d08a1fd854

Files

544e97ef06af08d703b7f740f4391491772587668ace34489eb879d08a1fd854
.exe windows:5 windows x86

2406d59d4a29399234dc74ceca522ae5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntA
GetLastError
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WritePrivateProfileSectionA
GetPrivateProfileSectionA
WritePrivateProfileStringA
WideCharToMultiByte
GetCurrentProcess
FindClose
FindFirstFileA
CloseHandle
CreateFileA
GetCurrentThreadId
GetProcAddress
LoadLibraryA
GetModuleFileNameA
SetLastError
GetModuleHandleA
TerminateProcess
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
FlushFileBuffers
SetStdHandle
InitializeCriticalSectionAndSpinCount
Sleep
lstrlenA
HeapSize
GetTickCount
LocalFree
InterlockedDecrement
SetEndOfFile
QueryPerformanceCounter
GetCurrentProcessId
lstrcpyA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
FreeEnvironmentStringsA
ReadFile
IsValidCodePage
GetOEMCP
GetACP
GetFileType
SetHandleCount
GetStdHandle
ExitProcess
GetConsoleMode
GetConsoleCP
WriteFile
HeapFree
GetProcessHeap
InterlockedIncrement
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
HeapReAlloc
GetCommandLineA
GetStartupInfoA
LCMapStringA
LCMapStringW
GetCPInfo
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetTimeZoneInformation
HeapCreate
VirtualFree
VirtualAlloc

user32

TranslateMessage
DestroyWindow
DefWindowProcA
RegisterClassExA
DispatchMessageA
PostMessageA
CreateWindowExA
wsprintfA
GetMessageA
PostQuitMessage

advapi32

RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

SysAllocString
VariantClear
SysFreeString

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2406d59d4a29399234dc74ceca522ae5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 90KB - Virtual size: 89KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 5KB - Virtual size: 12KB

.text
Size: 90KB - Virtual size: 89KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 5KB - Virtual size: 12KB