05b018e5a1e7e9a400c40c4539b2c1a7

General

Target

05b018e5a1e7e9a400c40c4539b2c1a7
Size

180KB
MD5

05b018e5a1e7e9a400c40c4539b2c1a7
SHA1

d437f498f2572b09a25f1d3a3644b903d84b461d
SHA256

e6844a31779c06bd7954685fee5233b08ea48f97fb388150e2de2fa82933099f
SHA512

800f91a383183e34b45b8eddc01a19d2663cd416c739448d4e79c82bc5393dde5c9a9fedf8e7553204042eea0db8790a005e738505780ac37e550b48db0c111c
SSDEEP

3072:rKnvrT3qTYkXzO9Mv69P9iU6dLJA9NYX0ZWLlCKKBrJbarlTDg:+nvSTjC1FiU6dLJA70OW5nW1arlfg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05b018e5a1e7e9a400c40c4539b2c1a7

Files

05b018e5a1e7e9a400c40c4539b2c1a7
.exe windows:4 windows x86 arch:x86

33ff1702be89a93ce844a5e798e8ec92

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

ord10
StrChrW

shell32

ord80
ord524
SHCreateDirectoryExW

gdi32

CopyMetaFileW
CreateRoundRectRgn
EndPath
RectVisible
DeleteMetaFile

comctl32

ord5
CreateToolbarEx
InitMUILanguage

kernel32

VirtualAllocEx
WaitForMultipleObjectsEx
GetProcAddress
GetModuleHandleA
Sleep
LoadLibraryA
CreateDirectoryW
CreateSemaphoreA
GetQueuedCompletionStatus
CreateEventA
GetTickCount
GetStringTypeExW
CreateFileW
GetPrivateProfileSectionA
GetFullPathNameW
GetStdHandle
SetCalendarInfoW
GetDateFormatW
GetNamedPipeInfo
GetDllDirectoryW
VirtualAlloc
ReadConsoleInputW
DeleteVolumeMountPointW
GetProfileSectionW
GetStartupInfoA

user32

IsRectEmpty
KillTimer
GetClassInfoW
GetAncestor
CreatePopupMenu
CallWindowProcW
PeekMessageW
DispatchMessageW
GetTabbedTextExtentW
CharNextExA
GetMonitorInfoW
ReleaseCapture
WindowFromPoint
SetLastErrorEx

msvcrt

ferror
atof
wcscoll
strstr
mblen
strcmp
swscanf
wcsncat
wcsncpy
feof
swprintf
mbstowcs
strtoul
_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
malloc
memcpy
memmove
memset
strerror

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

33ff1702be89a93ce844a5e798e8ec92

Headers

File Characteristics

Imports

shlwapi

shell32

gdi32

comctl32

kernel32

user32

msvcrt

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 146KB - Virtual size: 196KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 146KB - Virtual size: 196KB