c5cc56e2d4528ce700f6d2bf103498eb7c9f8b650e01355f9063f52f74354ab4

Sharing

Copy URL

Twitter E-mail

General

Target

c5cc56e2d4528ce700f6d2bf103498eb7c9f8b650e01355f9063f52f74354ab4
Size

272KB
MD5

a8f71638d511d60c7bf8c3de1f7951d7
SHA1

5f7b23f778e8cc8edaf700e4a0fcb01338f4a0c6
SHA256

c5cc56e2d4528ce700f6d2bf103498eb7c9f8b650e01355f9063f52f74354ab4
SHA512

7fe16b82a2b7ff5510626a21f006c19ee15435a2871ae7536127401b58873d6da9f803b1c1952407ef68df789f8329b837fa60c72aa61cb29d7a0636b6d02678
SSDEEP

6144:CZBeiRXMXn4NHeqktlKYGZdt6ixbi7UDb1WSdV6/XXjo5Gi944:mlRXMQHctWRx27IclXzo5j94

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5cc56e2d4528ce700f6d2bf103498eb7c9f8b650e01355f9063f52f74354ab4

Files

c5cc56e2d4528ce700f6d2bf103498eb7c9f8b650e01355f9063f52f74354ab4
.exe windows:4 windows x86

3fd9d80788029c8eb6f67db1bda34c24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushViewOfFile
FindResourceExA
FindNextFileA
MapViewOfFile

advapi32

FreeSid
RegRestoreKeyW
LookupAccountNameA
GetLengthSid
MakeSelfRelativeSD
CreateProcessAsUserW
MakeAbsoluteSD
RegEnumKeyW
SetSecurityDescriptorOwner
SetNamedSecurityInfoW
SetSecurityDescriptorGroup
RegNotifyChangeKeyValue
RegEnumValueA
CreateRestrictedToken
RegDeleteValueW
SetEntriesInAclA
GetSidSubAuthority
IsValidSecurityDescriptor
AbortSystemShutdownA
IsTokenRestricted
LsaRetrievePrivateData
LookupPrivilegeValueA
RegOpenKeyExW
SetThreadToken
RegSetKeySecurity
ReportEventW
RegQueryValueA
GetUserNameA
GetSecurityDescriptorControl
DecryptFileW
ObjectCloseAuditAlarmW
ReadEventLogW
RegCreateKeyW
LsaOpenPolicy
RegOverridePredefKey
SetEntriesInAclW
DeleteAce
RegQueryValueExW
RegQueryValueW
RegQueryInfoKeyW
GetFileSecurityW
OpenEventLogW
LogonUserA
RevertToSelf
ImpersonateSelf
RegisterEventSourceA
RegQueryInfoKeyA
RegCreateKeyExA
RegCreateKeyExW
LookupAccountNameW
RegOpenKeyExA
LsaNtStatusToWinError
GetKernelObjectSecurity
RegSetValueExW
RegUnLoadKeyW
RegDeleteKeyA
CopySid
RegLoadKeyA
GetTokenInformation
SetNamedSecurityInfoA
LsaFreeMemory
LsaClose
LookupPrivilegeValueW
AddAce
RegSetValueA
AdjustTokenPrivileges
RegQueryMultipleValuesW
RegEnumKeyExA
RegSetValueW
GetUserNameW
InitializeSid
LsaQueryInformationPolicy
CreateProcessAsUserA
LookupAccountSidA
OpenThreadToken
LookupPrivilegeNameW
GetSidSubAuthorityCount
RegReplaceKeyA
GetAce
RegOpenKeyW
BuildTrusteeWithSidW
RegCloseKey

user32

SendNotifyMessageW
ShowCaret
DrawFrameControl
BeginDeferWindowPos
GetForegroundWindow
RemovePropA
GetClassInfoA
SetRect
ShowScrollBar
ChangeDisplaySettingsW
GetWindowLongW
SetRectEmpty
SetActiveWindow
GetGUIThreadInfo
KillTimer
CloseClipboard
ShowOwnedPopups
SetDlgItemTextA
FindWindowW
GetUpdateRgn
GetClipCursor
SetForegroundWindow
GetWindowLongA
GetDlgItem
GetScrollInfo
DialogBoxParamA
GetClassLongA
FindWindowA
GetMessagePos
IsCharAlphaNumericA
GetMenuState
GetClassNameA
LoadMenuW
LoadBitmapA
ChangeClipboardChain
GetUserObjectInformationW
IsChild
GetMenuItemCount
GetCapture
SetMenuDefaultItem
EmptyClipboard
RemoveMenu
MessageBoxExW
EndPaint
GetCursorPos
GetFocus
CharUpperA
DrawTextA
GetWindowWord
IsWindow
GetClassInfoW
ReplyMessage
IsCharAlphaW
ScrollWindow
IsDialogMessageA
MoveWindow
PostQuitMessage
SendMessageA
CharLowerBuffW
CreateDialogParamA

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3fd9d80788029c8eb6f67db1bda34c24

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 3.3MB

.rsrc Size: 200KB - Virtual size: 197KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 3.3MB

.rsrc
Size: 200KB - Virtual size: 197KB