5cb3854daf002ddb86d6328eda57f786

Sharing

Copy URL Twitter E-mail

General

Target

5cb3854daf002ddb86d6328eda57f786
Size

400KB
MD5

5cb3854daf002ddb86d6328eda57f786
SHA1

bade76e0e00ab86e2b53c1d02ff4614bc4ea2029
SHA256

b093bbb2b98b3fe0c040a14c747f2fed8b11c6df412a721dcaf964f61f969dfc
SHA512

22da2d5edbc2c77f9965b8eb8436e1265cdce905cc6f4ba303e75a0098e707ee64dee579cb91fc46a7f41844f7f6b3b94132d0fb7f41937a6144dc88499e4ef0
SSDEEP

6144:qmzBLRdHy4C01S2CnfuzZr+QmxsZivyXrNG:qGBLrS4C0QtfwZrPDi2N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5cb3854daf002ddb86d6328eda57f786

Files

5cb3854daf002ddb86d6328eda57f786
.exe windows:4 windows x86 arch:x86

c2971e27e558678b614d78284a46f77e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
TerminateProcess
CreateProcessW
GetDriveTypeW
GetLogicalDrives
CreateThread
ResetEvent
OpenEventW
SetEvent
LoadLibraryW
CreateEventW
InitializeCriticalSection
GetFullPathNameW
GetSystemDirectoryW
WaitForMultipleObjects
GetTempPathW
GetCommandLineW
GetVersion
GetModuleFileNameW
FlushFileBuffers
LocalAlloc
SetConsoleCtrlHandler
SetEndOfFile
IsBadCodePtr
SetUnhandledExceptionFilter
SetStdHandle
GetStringTypeW
GetStringTypeA
GetVersionExA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetCPInfo
GetModuleFileNameA
ReadFile
GetFileType
GetStdHandle
SetHandleCount
GetCommandLineA
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SystemTimeToFileTime
GetCurrentThread
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
LCMapStringA
FatalAppExitA
DeleteCriticalSection
ExitProcess
GetStartupInfoW
GetModuleHandleA
WideCharToMultiByte
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
LoadLibraryA
FindFirstFileW
FindNextFileW
FindClose
CompareFileTime
FileTimeToLocalFileTime
SetEnvironmentVariableA
lstrlenW
CreateFileMappingW
MapViewOfFile
GetFileSize
UnmapViewOfFile
GetTickCount
VirtualProtect
IsBadReadPtr
GetCurrentDirectoryW
GetOEMCP
DeviceIoControl
SetFileAttributesW
DeleteFileW
CopyFileW
InterlockedIncrement
InterlockedDecrement
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
WriteFile
MultiByteToWideChar
DosDateTimeToFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
GlobalAlloc
GlobalLock
GlobalUnlock
GetFileAttributesW
LocalFree
FormatMessageW
Sleep
HeapSize
DebugBreak
GetModuleHandleW
GetProcAddress
InterlockedExchange
SetLastError
CreateFileW
FindResourceW
LoadResource
SizeofResource
LockResource
GetCurrentProcess
CloseHandle
GetVersionExW
CreateFileA
SetFilePointer
GetLastError
CompareStringA
CompareStringW
GetACP
GetStartupInfoA
RaiseException

user32

EndPaint
BeginPaint
PtInRect
IsZoomed
CallWindowProcW
DrawFrameControl
CreateDialogParamW
UnionRect
OffsetRect
GetSystemMetrics
EndDeferWindowPos
EnumChildWindows
BeginDeferWindowPos
GetPropW
DeferWindowPos
GetClassNameW
SetWindowPlacement
UpdateWindow
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
ScreenToClient
DrawTextW
GetWindowTextW
wsprintfW
IsDialogMessageW
TranslateMessage
DispatchMessageW
DialogBoxIndirectParamW
GetWindowLongW
SetWindowLongW
SetFocus
GetMenu
CheckMenuItem
GetWindowPlacement
GetDlgItemTextW
SetTimer
EnableWindow
DialogBoxParamW
KillTimer
DefWindowProcW
MsgWaitForMultipleObjects
LoadIconW
SetWindowTextW
DestroyIcon
PostQuitMessage
SetDlgItemTextW
IsWindowEnabled
CheckDlgButton
IsDlgButtonChecked
RegisterClassExW
ShowWindow
MapWindowPoints
CreateWindowExW
SetCapture
ReleaseCapture
EndDialog
GetParent
GetWindowRect
MoveWindow
GetDlgItem
LoadCursorW
GetSysColorBrush
GetSysColor
ChildWindowFromPoint
InvalidateRect
SetCursor
OpenClipboard
EmptyClipboard
SendMessageW
SetClipboardData
CloseClipboard
LoadStringW
PostMessageW
MessageBoxW
InflateRect
SetPropW
GetClientRect

gdi32

EndDoc
GetStockObject
GetObjectW
EndPage
SetBkMode
SetTextColor
SelectObject
StartPage
StartDocW
SetMapMode
CreateFontIndirectW
GetDeviceCaps

comdlg32

GetSaveFileNameW
PrintDlgW

advapi32

RegQueryInfoKeyW
GetSecurityDescriptorLength
MakeAbsoluteSD
MakeSelfRelativeSD
RegOpenKeyExW
RegQueryValueW
RegConnectRegistryW
RegEnumKeyExW
RegCreateKeyExW
RegCreateKeyW
RegSetValueExW
RegCloseKey
RegDeleteKeyW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW
RegGetKeySecurity
IsValidSecurityDescriptor
CloseServiceHandle
DeleteService
QueryServiceStatus
ControlService
OpenServiceW
OpenSCManagerW
StartServiceW
CreateServiceW
SetServiceStatus
RegEnumKeyW
RegDeleteValueW
FreeSid
EqualSid
GetTokenInformation
AllocateAndInitializeSid
RegisterServiceCtrlHandlerW
StartServiceCtrlDispatcherW
RegEnumValueW

shell32

CommandLineToArgvW
ShellExecuteW
ExtractIconExW

ole32

CreateBindCtx

oleaut32

SetErrorInfo
GetErrorInfo
CreateErrorInfo
VariantChangeType
VariantInit
VariantClear
VariantTimeToSystemTime
SysAllocStringByteLen
SysAllocString
SysFreeString
SysStringLen

comctl32

ImageList_Create
ImageList_ReplaceIcon
PropertySheetW
ord17

mpr

WNetEnumResourceW
WNetOpenEnumW
WNetCloseEnum

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 208KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2971e27e558678b614d78284a46f77e

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

mpr

Sections

.text Size: 144KB - Virtual size: 144KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 208KB - Virtual size: 228KB

.rsrc Size: 28KB - Virtual size: 26KB

.text
Size: 144KB - Virtual size: 144KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 208KB - Virtual size: 228KB

.rsrc
Size: 28KB - Virtual size: 26KB