5038d541dbca721a9643a5102043a54d

Sharing

Copy URL

Twitter E-mail

General

Target

5038d541dbca721a9643a5102043a54d
Size

251KB
MD5

5038d541dbca721a9643a5102043a54d
SHA1

c0ef72eabb7dac1cc30080c25359cfecb8db61d9
SHA256

18ccf93f18f1e4d14dec404870954823f8ff34b7d5f3d2694d03fa2385610dc5
SHA512

86d169936135653d25c0157352c63eeca21769bccc2bb9b8371fbd91e2fb4fb9ded2bc3b65ec24b3da83939716c1ca75fe3423fb49a6ed377178035205c1b21d
SSDEEP

6144:5lThABjgbmLHagKEDtiIdLtKq1rxtHy5pCOrkGpfgud+4nU:jhABkmDMEptPrxEnCOrkG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5038d541dbca721a9643a5102043a54d

Files

5038d541dbca721a9643a5102043a54d
.exe windows:4 windows x86 arch:x86

299bdf091134c40af1b4a38918930a93

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSemaphoreW
GetLocaleInfoA
FormatMessageW
CreateDirectoryA
GetCurrentThread
SetFileTime
HeapAlloc
TlsFree
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetEnvironmentVariableA
SetComputerNameW
FlushFileBuffers
CreateMailslotA
WriteFile
LCMapStringW
VirtualFree
GetEnvironmentStringsW
GetFileType
GetProcessHeaps
IsValidCodePage
DeleteCriticalSection
GetLastError
EnterCriticalSection
EnumCalendarInfoExA
GetOEMCP
SetConsoleCtrlHandler
GetEnvironmentStrings
GetProcAddress
EnumTimeFormatsA
GetDateFormatA
Sleep
CompareStringA
CompareStringW
SetLastError
GetStartupInfoA
VirtualQuery
HeapSize
SetUnhandledExceptionFilter
InterlockedIncrement
MoveFileExA
GetStringTypeA
MultiByteToWideChar
GetCPInfo
HeapReAlloc
HeapDestroy
ExitProcess
GetShortPathNameW
UnlockFileEx
VirtualAlloc
TlsAlloc
QueryPerformanceCounter
GetCurrentProcess
GetTimeZoneInformation
GetModuleHandleA
FreeEnvironmentStringsW
GetStringTypeW
GetTimeFormatA
GetCurrentThreadId
IsDebuggerPresent
TlsSetValue
GetCommandLineA
FreeLibrary
GetCurrentProcessId
WideCharToMultiByte
GetUserDefaultLCID
WriteConsoleOutputW
GetEnvironmentVariableW
GetTickCount
GetModuleHandleW
LocalUnlock
FreeEnvironmentStringsA
IsValidLocale
InterlockedDecrement
RtlUnwind
EnumSystemLocalesA
GetSystemTimeAsFileTime
InterlockedExchange
HeapCreate
WriteConsoleOutputA
GlobalReAlloc
GetACP
UnhandledExceptionFilter
GetLocaleInfoW
GetStdHandle
HeapFree
TerminateProcess
LoadLibraryA
GlobalUnfix
SetHandleCount
TlsGetValue
FileTimeToDosDateTime
GetModuleFileNameA
LCMapStringA

wininet

InternetShowSecurityInfoByURLW
SetUrlCacheEntryInfoW
FtpOpenFileW
CreateUrlCacheEntryA

shell32

SHGetPathFromIDList
DuplicateIcon
DoEnvironmentSubstW
SHGetSettings
RealShellExecuteExA
ExtractAssociatedIconExW
SHGetSpecialFolderLocation
FreeIconList
SHLoadInProc
RealShellExecuteExW
ExtractAssociatedIconExA
ShellExecuteW
DragAcceptFiles
SHGetDesktopFolder
SHGetDataFromIDListA
ShellHookProc
SHInvokePrinterCommandW
ExtractIconEx
SheChangeDirExW
SheSetCurDrive

comdlg32

PageSetupDlgW
PrintDlgW
ReplaceTextW
FindTextW
ChooseFontA
GetFileTitleA
ChooseColorA
GetSaveFileNameA
ReplaceTextA
GetFileTitleW
GetOpenFileNameW
PageSetupDlgA
GetSaveFileNameW
FindTextA
LoadAlterBitmap
GetOpenFileNameA
ChooseFontW
ChooseColorW

Sections

.text
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

299bdf091134c40af1b4a38918930a93

Headers

File Characteristics

Imports

kernel32

wininet

shell32

comdlg32

Sections

.text Size: 133KB - Virtual size: 133KB

.data Size: 113KB - Virtual size: 113KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 133KB - Virtual size: 133KB

.data
Size: 113KB - Virtual size: 113KB

.rsrc
Size: 3KB - Virtual size: 2KB