15e5d0c5fb2371c125a42aec3d1684c5

Sharing

Copy URL Twitter E-mail

General

Target

15e5d0c5fb2371c125a42aec3d1684c5
Size

131KB
MD5

15e5d0c5fb2371c125a42aec3d1684c5
SHA1

de1f4898790571db41157714fa9f8ed215bbe860
SHA256

ca8ec0bbb782426f0dc5b8e11951ce724ab85bc40b4dafb30e5b9e6499edb9f2
SHA512

761b00514704c852e43c155885bf7459238e9bf14ef0ad6d1d75597c91c4958f0695c0d74612dc4db8f4c8e0759dde249fc8bf8ae68df980c0f2a03fd2f62e2c
SSDEEP

3072:0RPnXQzgkyFEr32ECar/pZC/dCLxCGJvU4M5v9c8HtvP2dkAc6eG:0Rf3tSGECarxZ/xCGFUDFxNvu7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15e5d0c5fb2371c125a42aec3d1684c5

Files

15e5d0c5fb2371c125a42aec3d1684c5
.exe windows:4 windows x86 arch:x86

fd3db09c976d640cb8f0760d03f0269a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
PostQueuedCompletionStatus
lstrlenA
MapViewOfFile
AreFileApisANSI
OpenProfileUserMapping
SetConsoleMode
PrivMoveFileIdentityW
GetLongPathNameA
IsBadStringPtrA
SetConsoleOS2OemFormat
_lread
EnterCriticalSection
ReadFileScatter
ReadConsoleOutputA
SetVolumeLabelW
WaitForSingleObject
GetModuleHandleA
SetupComm
EnumResourceLanguagesA
VirtualFreeEx
CallNamedPipeA
SetCalendarInfoW
EndUpdateResourceA
MoveFileExA
OpenEventA
MoveFileA
RtlZeroMemory
OutputDebugStringW
EraseTape
ReplaceFileW
LockFile
GetCommState

msvcrt

srand
_ismbblead
_i64tow
_wexeclpe
_execlp
_strerror
_CIcosh
_adj_fprem
modf
_Getdays
strchr
putc
strcoll
_ismbcsymbol
time
__RTCastToVoid
strcmp
_CItan
?_query_new_handler@@YAP6AHI@ZXZ
_HUGE
iswupper
_wtempnam
??3@YAXPAX@Z
_spawnvpe
_Strftime
_CIsqrt

gdi32

GetRasterizerCaps
GetETM
PtVisible
SetICMProfileA
CreateMetaFileW
SetAbortProc
GetDIBits
ResetDCA
SelectBrushLocal
XLATEOBJ_cGetPalette
SetBitmapDimensionEx
UnrealizeObject
DeleteDC
GetFontResourceInfoW
GetDeviceCaps
Arc
GetDIBColorTable
RestoreDC
GetRegionData
EnumICMProfilesW
DeleteColorSpace
PATHOBJ_vGetBounds
GetCharABCWidthsI
GdiPlayEMF
GetCharacterPlacementW
CreateScalableFontResourceA

user32

AlignRects
BlockInput
EnumDisplaySettingsA
PrivateExtractIconExW
DdeClientTransaction
LoadStringW
SendIMEMessageExA
CheckMenuItem
EnumPropsA
FlashWindowEx
DefWindowProcW
SetWindowsHookExA
SetScrollRange
FindWindowW
UnregisterDeviceNotification
GetFocus
FillRect
CopyIcon
InitializeLpkHooks
ArrangeIconicWindows
SetCapture
CharNextW
WindowFromPoint
MB_GetString

shlwapi

PathSkipRootW
PathQuoteSpacesW
PathFindExtensionA
SHEnumKeyExA
wnsprintfA
PathRemoveArgsA
SHDeleteValueA
SHGetThreadRef
PathStripPathW
SHRegOpenUSKeyW
UrlApplySchemeW
SHRegQueryUSValueA
PathSearchAndQualifyW
SHRegGetPathW
PathMakePrettyW
PathFindOnPathA
StrFormatByteSizeW
PathFindOnPathW
SHRegGetUSValueA
PathIsURLA
StrStrA
StrCmpNIA
wnsprintfW
SHQueryValueExA
AssocQueryStringA
PathIsLFNFileSpecA
PathStripToRootA
PathIsRootA
PathCommonPrefixW

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd3db09c976d640cb8f0760d03f0269a

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

user32

shlwapi

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 119KB - Virtual size: 119KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 20B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 119KB - Virtual size: 119KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 20B