054a3261d0cfeb710f0399c7951e4f37

Sharing

Copy URL Twitter E-mail

General

Target

054a3261d0cfeb710f0399c7951e4f37
Size

152KB
MD5

054a3261d0cfeb710f0399c7951e4f37
SHA1

56021203e56573211d85bba5559ce975b2da7b9f
SHA256

25cb22d4b9b4bf06e800b22eb138991cb4dd72529bb685c7737955fd04637298
SHA512

4776e4ed9edd5a7c0b17873003a722cafafebcb7e690e30fc0440a0a3264b2cfa811f0fd5ef583db8cbb2124f2df32dfb73b8467514f05f5c5c855fbc89b4b5d
SSDEEP

3072:GuXDy6VxDOK71bQ3zrXBFckbnjBosrclEFKez4xTtkMZuijSDG:GuXWedeckzj6KKnnZuXDG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
054a3261d0cfeb710f0399c7951e4f37

Files

054a3261d0cfeb710f0399c7951e4f37
.exe windows:5 windows x86 arch:x86

995a10c8d652796953cd0bbb2ed2113b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
isupper
clock
__set_app_type
__p__fmode
__p__commode
getc
wcstoul
_amsg_exit
exit
swprintf
_initterm
printf
wcspbrk
toupper
setlocale
malloc
wcstol
iswdigit
_ismbblead
perror
wcsstr
strpbrk
_XcptFilter
_exit
isalnum
ftell
rand
wcstod
_cexit
wcscoll
isspace
__setusermatherr
__getmainargs
floor
vsprintf

user32

BeginDeferWindowPos
GetKeyboardLayoutList
FindWindowA
CreateDialogParamA
IsCharAlphaA
IsChild
SystemParametersInfoA
GetWindowTextA
TranslateMessage
GetAsyncKeyState
CopyRect
UnloadKeyboardLayout
GetMenuItemID
GetCaretPos
GetMessagePos
GetKeyboardLayout
SetDlgItemTextW
OffsetRect
GetMenuState
GetWindowPlacement
CharNextExA
SetDlgItemTextA
GetClassInfoExW
GetSystemMenu
PeekMessageA
AttachThreadInput
FindWindowW
DestroyMenu
EnableScrollBar
GetWindowLongW
GetCursorPos
SetScrollPos
GetShellWindow
InflateRect
OpenInputDesktop
InsertMenuItemW
CheckDlgButton
DrawTextA
DrawStateW
GetDCEx
BeginPaint
IsDialogMessageW
SystemParametersInfoW
RemoveMenu
EnableWindow
IsCharUpperA
CascadeWindows
CreateCursor
RedrawWindow
ModifyMenuW
CharUpperA
LookupIconIdFromDirectory
CheckMenuItem
EndPaint
UpdateWindow
RemovePropW
DialogBoxIndirectParamW
ValidateRect
TabbedTextOutW
RegisterWindowMessageA
AppendMenuW
LoadMenuW
GetPropW
CharPrevW
ChildWindowFromPoint
wsprintfA
CharNextA
GetMessageW
IsWindowUnicode
SetParent
IsCharLowerA
GetScrollPos
wsprintfW
VkKeyScanW
EqualRect
MessageBoxExW
SendDlgItemMessageA
PostQuitMessage
GetDlgItem
IsDlgButtonChecked
FindWindowExW
LoadIconW
GetSystemMetrics
GetSubMenu
CreateWindowExW

shlwapi

UrlGetLocationA

comdlg32

GetOpenFileNameA
FindTextW
ReplaceTextW
PrintDlgW
CommDlgExtendedError

kernel32

SetCommBreak
lstrcatA
LoadLibraryExW
GlobalMemoryStatus
SetEndOfFile
SetThreadAffinityMask
Sleep
GetSystemTimeAdjustment
CreateWaitableTimerA
AreFileApisANSI
SearchPathW
MoveFileExW
IsBadStringPtrW
VerifyVersionInfoW
CopyFileA
GlobalCompact
CreateDirectoryA
DeleteCriticalSection
RemoveDirectoryA
MulDiv
SetFileAttributesA
HeapReAlloc
CompareStringW
GetLocalTime
GetModuleFileNameA
GetProcAddress
GetPriorityClass
VirtualQuery
UnmapViewOfFile
DuplicateHandle
GetSystemDirectoryA
GetModuleHandleA
GetCommConfig
FindResourceExW
FileTimeToLocalFileTime
EnumResourceLanguagesA
HeapValidate
GetCompressedFileSizeW
CreateEventW
EscapeCommFunction

Exports

Exports

?HistoryLoggingOn@@YGKDKPAX:O

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdbg
Size: 512B - Virtual size: 99B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iplan
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eplan
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.run
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0dat
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ram
Size: - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

995a10c8d652796953cd0bbb2ed2113b

Headers

File Characteristics

Imports

msvcrt

user32

shlwapi

comdlg32

kernel32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.rdbg Size: 512B - Virtual size: 99B

.data Size: 3KB - Virtual size: 2KB

.iplan Size: 4KB - Virtual size: 4KB

.eplan Size: 512B - Virtual size: 91B

.run Size: 1024B - Virtual size: 596B

.0dat Size: 115KB - Virtual size: 114KB

.ram Size: - Virtual size: 114KB

.tls Size: 512B - Virtual size: 512B

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 23KB

.rdbg
Size: 512B - Virtual size: 99B

.data
Size: 3KB - Virtual size: 2KB

.iplan
Size: 4KB - Virtual size: 4KB

.eplan
Size: 512B - Virtual size: 91B

.run
Size: 1024B - Virtual size: 596B

.0dat
Size: 115KB - Virtual size: 114KB

.ram
Size: - Virtual size: 114KB

.tls
Size: 512B - Virtual size: 512B

.rsrc
Size: 2KB - Virtual size: 1KB