05ecf0e75ae8264d0f9486a8f9799f1a

Sharing

Copy URL Twitter E-mail

General

Target

05ecf0e75ae8264d0f9486a8f9799f1a
Size

173KB
MD5

05ecf0e75ae8264d0f9486a8f9799f1a
SHA1

52d7211039c802d3e6ed2208423a33f8b51b128d
SHA256

e5db6215ac6ef11d07ef39e2b112ae03b83e7ba06f5bf39c5d5d12cd5f7a6271
SHA512

8b4af7007cab58f8636b485cb2455691a7dda5baf76458aae4eeff1532bd3d0194bb1b03bbc697df833a9a3ab88ebe79ad75636bb17848a331672605437d57ad
SSDEEP

3072:boK3gHx8CRh/RuH/W9J3f6kMXbdxYNMO9yCIPzeoPPRUdbxJa:v3gHxqufC/gFyFJUNu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05ecf0e75ae8264d0f9486a8f9799f1a

Files

05ecf0e75ae8264d0f9486a8f9799f1a
.dll windows:1 windows x86 arch:x86

25f15cbc456ee195067b6039b86b71ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleFileNameA
GetSystemTime
LocalAlloc
LocalFree
CloseHandle
CreateEventA
CreateFileA
CreateMutexA
CreateThread
DeleteFileA
ExitProcess
ExitThread
GetCommandLineA
GetConsoleMode
GetCurrentProcessId
GetCurrentThreadId
GetCurrentThread
GetEnvironmentStrings
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStdHandle
GetTimeZoneInformation
GetVersion
LoadLibraryA
ReadConsoleInputA
ReadFile
ReleaseMutex
SetConsoleCtrlHandler
SetConsoleMode
SetEvent
SetFilePointer
SetStdHandle
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteConsoleA
WriteFile

shell32

ShellExecuteA

gdi32

CreateSolidBrush
DeleteMetaFile
DeleteObject
ExtTextOutA
GetStockObject
LineTo
MoveToEx
PlayMetaFile
Rectangle
RestoreDC
SaveDC
SelectObject
SetBkMode
SetMapMode
SetMetaFileBitsEx
SetTextAlign
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx

user32

BeginPaint
CallWindowProcA
CheckDlgButton
CheckRadioButton
ClientToScreen
DefWindowProcA
DestroyWindow
DialogBoxParamA
EnableWindow
EndDialog
EndPaint
FillRect
GetActiveWindow
GetClassInfoA
GetClientRect
GetDlgCtrlID
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
GetKeyState
GetParent
GetWindowDC
GetWindowLongA
GetWindowRect
GetWindowTextA
InvalidateRect
IsDlgButtonChecked
KillTimer
LoadCursorA
MessageBoxA
PeekMessageA
RegisterClassA
ReleaseCapture
ReleaseDC
ScreenToClient
SendDlgItemMessageA
SendMessageA
SetCapture
SetCursor
SetDlgItemInt
SetDlgItemTextA
SetTimer
SetWindowPos
SetWindowTextA
ShowWindow
UnregisterClassA
GetActiveWindow
MessageBoxA
wsprintfA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

comctl32

ord17

Exports

Exports

ENTRYPOINT

Sections

BEGTEXT
Size: 57KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DGROUP
Size: 20KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25f15cbc456ee195067b6039b86b71ae

Headers

File Characteristics

Imports

kernel32

shell32

gdi32

user32

advapi32

comctl32

Exports

Exports

Sections

BEGTEXT Size: 57KB - Virtual size:

DGROUP Size: 20KB - Virtual size:

.bss Size: 4KB - Virtual size:

.idata Size: 3KB - Virtual size:

.edata Size: 512B - Virtual size:

.reloc Size: 5KB - Virtual size:

.rsrc Size: 4KB - Virtual size:

BEGTEXT
Size: 57KB - Virtual size:

DGROUP
Size: 20KB - Virtual size:

.bss
Size: 4KB - Virtual size:

.idata
Size: 3KB - Virtual size:

.edata
Size: 512B - Virtual size:

.reloc
Size: 5KB - Virtual size:

.rsrc
Size: 4KB - Virtual size: