51002a96cdb627148c5ca80ee2f2d03c

Sharing

Copy URL

Twitter E-mail

General

Target

51002a96cdb627148c5ca80ee2f2d03c
Size

240KB
MD5

51002a96cdb627148c5ca80ee2f2d03c
SHA1

1a49aaae9764324056a23f5c6ad00027160b9ae5
SHA256

a214db3d8963dc4dc57517ab9cd5bf9a8d487f7fab22e971850603a08110dc32
SHA512

55672f23f2b6c6a9533df2fbff7c51f76aa23d94596291ddd67ba854c685c1b0452dfc47bd432a3a39c92e2327ffe5a9c485e9e499198a140eb5e2ec15bcb38e
SSDEEP

6144:W0wFubYTIsZurmvY0MW25dkBM/QwLVsjufZKbS:VETIsZlvIWqKKLs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51002a96cdb627148c5ca80ee2f2d03c

Files

51002a96cdb627148c5ca80ee2f2d03c
.exe windows:4 windows x86 arch:x86

a951624d9e6264e4db13d522d8f1a4e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DPtoLP
OffsetRgn
EnumFontFamiliesW
GetSystemPaletteEntries
GetClipBox
SetDIBits
StartPage

user32

IsDialogMessageA
MessageBoxW
IntersectRect
DispatchMessageA
GetUpdateRect
OemToCharBuffA
CascadeChildWindows
NotifyWinEvent
RealChildWindowFromPoint
GetGUIThreadInfo
DrawAnimatedRects
EnumDisplaySettingsExA
EnumPropsA
RegisterClassA

shell32

SHGetFileInfoW
SHFileOperation
DoEnvironmentSubstA
DragFinish
ExtractAssociatedIconExA
ExtractAssociatedIconW
FindExecutableA
ShellExecuteExW
DragQueryFileA
CommandLineToArgvW
SHFormatDrive
ShellHookProc
SHGetSpecialFolderLocation
DragQueryFileAorW
FindExecutableW
ExtractIconExA

advapi32

StartServiceW
RegEnumKeyExW
RegSaveKeyW
LookupPrivilegeValueA
InitiateSystemShutdownW
CryptHashData
CryptAcquireContextA
AbortSystemShutdownW
RegDeleteValueW
CryptImportKey
RegLoadKeyA
RegSetValueW
LookupSecurityDescriptorPartsW
RegOpenKeyExA
CryptEnumProvidersA
LookupSecurityDescriptorPartsA
CryptSetKeyParam
RegCreateKeyExA
CryptCreateHash

kernel32

GetLocaleInfoW
InitializeCriticalSection
FindAtomA
GetSystemTimeAsFileTime
GetModuleFileNameA
WriteFile
GetFileType
SetEnvironmentVariableA
ExitProcess
WideCharToMultiByte
GetProcessHeap
SetUnhandledExceptionFilter
GetEnvironmentStrings
GetProcAddress
FreeLibrary
MultiByteToWideChar
LoadLibraryA
VirtualQuery
GetTimeZoneInformation
InterlockedIncrement
RtlUnwind
HeapSize
HeapReAlloc
VirtualAlloc
GetCommandLineA
IsValidLocale
GetModuleFileNameW
GetUserDefaultLCID
GetCurrentThreadId
GetOEMCP
CreateEventA
GetLocaleInfoA
GetStdHandle
TlsFree
GetStringTypeA
EnumSystemLocalesA
GetVersionExA
CompareStringA
InterlockedDecrement
GetLastError
TlsAlloc
LCMapStringW
Sleep
GetStartupInfoA
GetCurrentProcessId
InterlockedExchange
GetTickCount
GetEnvironmentStringsW
GetACP
GetStringTypeW
DeleteCriticalSection
GetTimeFormatA
HeapCreate
HeapAlloc
FreeEnvironmentStringsW
IsDebuggerPresent
HeapDestroy
TlsGetValue
VirtualFree
IsValidCodePage
DuplicateHandle
FreeEnvironmentStringsA
HeapFree
GetStartupInfoW
GetCurrentProcess
EnterCriticalSection
QueryPerformanceCounter
LCMapStringA
CompareStringW
FlushInstructionCache
GetDateFormatA
SetConsoleCtrlHandler
TerminateProcess
SetHandleCount
GetCPInfo
GetCurrentThread
EnumDateFormatsA
LeaveCriticalSection
GetCommandLineW
SetLastError
GetModuleHandleA
TlsSetValue
UnhandledExceptionFilter

comdlg32

PrintDlgA
GetOpenFileNameA
ChooseFontA
GetSaveFileNameW
ChooseColorW
ReplaceTextA
FindTextA
PageSetupDlgA
FindTextW
PrintDlgW

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a951624d9e6264e4db13d522d8f1a4e5

Headers

File Characteristics

Imports

gdi32

user32

shell32

advapi32

kernel32

comdlg32

Sections

.text Size: 118KB - Virtual size: 117KB

.data Size: 112KB - Virtual size: 118KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 118KB - Virtual size: 117KB

.data
Size: 112KB - Virtual size: 118KB

.rsrc
Size: 8KB - Virtual size: 8KB