5001311cc30aaa1204b3df2abdeac271

Sharing

Copy URL

Twitter E-mail

General

Target

5001311cc30aaa1204b3df2abdeac271
Size

100KB
MD5

5001311cc30aaa1204b3df2abdeac271
SHA1

15e4547362df7588f08a58ec9dc4d9a952f5e9d8
SHA256

14aa6ac7b5d4ce50fc6de4f35f6ec4e2709a750575bac1157154d002b23e982c
SHA512

dbd87b32897dba04335fafe5d3d8781a4beabca694ed4b9eb27a584ec544b1e3ec84f9e2aa40dea081a61869c42a267c86754e4ca5398ca006c31e1998a2510c
SSDEEP

1536:Nne5YWJT9fPjMEe/m8GrpBL/uBitKAgAJsV3V7sVNQpjyGK273k:5e5YWTPQ/mDXYoKbVaS3k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5001311cc30aaa1204b3df2abdeac271

Files

5001311cc30aaa1204b3df2abdeac271
.exe windows:5 windows x86 arch:x86

1f11f9206c17a3f4e177b54804f45aaf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrlenA
VirtualProtect
GetLocaleInfoA
MulDiv
EnumCalendarInfoA
CompareStringA
GetEnvironmentStrings
GetUserDefaultLangID
GetModuleHandleA
SetEnvironmentVariableA
GetShortPathNameA
GetFullPathNameA
QueryPerformanceCounter
SetHandleCount
GetStartupInfoA
CreateDirectoryA
lstrcatA

user32

SetScrollPos
FillRect
IsWindowEnabled
DrawTextA
GetKeyboardType
GetWindowTextA
SetWindowTextA
DestroyWindow
GetSystemMetrics
IsIconic
SendMessageA
CloseClipboard
GetSysColor
GetPropA
UnhookWindowsHookEx

msvcrt

wcscat
_itoa
_ftol
sqrt
__p__fmode
towlower
localeconv
iswctype
__setusermatherr
__getmainargs
_XcptFilter
_ultoa
_initterm
exit
__set_app_type
_chmod
_adjust_fdiv
_acmdln
__p__commode
strncat
_except_handler3
_vsnprintf

comctl32

InitCommonControlsEx
ImageList_DrawEx
ImageList_DragLeave
ImageList_GetIcon
ImageList_SetDragCursorImage
ImageList_Read
PropertySheetW
PropertySheetA
DestroyPropertySheetPage
ImageList_LoadImageW
ImageList_GetImageCount
ImageList_Remove

advapi32

RegEnumValueA
FreeSid
RegCreateKeyExW
RegDeleteValueA
RegQueryValueExW
AddAccessAllowedAce
LookupPrivilegeValueA
RegFlushKey

oleaut32

VariantCopyInd
SetErrorInfo
SafeArrayCreate
GetActiveObject
SafeArrayGetElement
SysStringLen
SafeArrayPutElement

shell32

CommandLineToArgvW
SHGetMalloc
ExtractIconExW
DragQueryFileW
ShellExecuteExW
ShellExecuteEx
SHAppBarMessage

ole32

CoCreateGuid
CoReleaseMarshalData
CLSIDFromProgID
CoTaskMemAlloc
PropVariantClear
StringFromCLSID
CreateBindCtx
IIDFromString
CoRegisterMessageFilter

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f11f9206c17a3f4e177b54804f45aaf

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

comctl32

advapi32

oleaut32

shell32

ole32

Sections

.text Size: 69KB - Virtual size: 69KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 69KB - Virtual size: 69KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 25KB - Virtual size: 25KB