5432a44db0fe4c3c33400c10119ba9e0

Sharing

Copy URL Twitter E-mail

General

Target

5432a44db0fe4c3c33400c10119ba9e0
Size

960KB
MD5

5432a44db0fe4c3c33400c10119ba9e0
SHA1

e5d9c2101523fe31d8442cc4a120ffa592d71059
SHA256

7bf139d6678ff8dd6063defd883a6c8464229193aec10be1f55a377bfb84eea5
SHA512

57a385f81f3148bb75610cbbfebf103fd7cef8206134b95833a328d11de89a7f53ffbcea014af0360eb14928f5422de00c344baab95946a8b6c0c8e514f0d7ed
SSDEEP

12288:PqvUKWZCqN9EgAl+kqpvN2M5t+H94X1tONDkfvkWELDFfb7yYqlMf:kQZCs9EgAkkqXhz+9y10xkfvVEfVvl5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5432a44db0fe4c3c33400c10119ba9e0

Files

5432a44db0fe4c3c33400c10119ba9e0
.dll windows:4 windows x86 arch:x86

e4497ac0b11334e4c0169a387033c804

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MapViewOfFile
CreateFileMappingA
CreateFileA
CreateFileW
UnmapViewOfFile
GetProcAddress
CreateThread
Sleep
GetModuleHandleA
GetModuleFileNameA
VirtualProtect
GetFileSize
FindResourceW
FindResourceA
IsBadWritePtr
IsBadReadPtr
HeapValidate
RtlUnwind
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
GetVersionExA
DebugBreak
RaiseException
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
SetLastError
GetLastError
GetCurrentThread
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
HeapAlloc
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
VirtualFree
TerminateProcess
GetCurrentProcess
ExitProcess
VirtualAlloc
WideCharToMultiByte
GetTimeZoneInformation
GetSystemInfo
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
GetProcessHeap
CloseHandle
FreeLibrary
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InitializeCriticalSection
InterlockedExchange
SetConsoleCtrlHandler
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetUnhandledExceptionFilter
IsBadCodePtr
SetFilePointer
SetStdHandle
GetLocaleInfoW
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
FlushInstructionCache
InterlockedCompareExchange
GetFullPathNameA
lstrcmpiA
LockResource
LoadResource
SizeofResource
MulDiv

user32

GetCursorPos
GetSystemMetrics
RegisterClassExA
GetDesktopWindow
CreateWindowExA
DestroyWindow
DefWindowProcA
GetAsyncKeyState

gdi32

SetMapMode
SelectObject
SetTextColor
CreateDIBSection
CreateCompatibleDC
CreateFontA
GetDeviceCaps
SetBkColor
SetTextAlign
GetTextExtentPoint32A
ExtTextOutA
DeleteObject
DeleteDC

d3d9

Direct3DCreate9

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey

Sections

.textbss
Size: - Virtual size: 368KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 760KB - Virtual size: 758KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4497ac0b11334e4c0169a387033c804

Headers

File Characteristics

Imports

kernel32

user32

gdi32

d3d9

advapi32

Sections

.textbss Size: - Virtual size: 368KB

.text Size: 760KB - Virtual size: 758KB

.rdata Size: 116KB - Virtual size: 114KB

.data Size: 44KB - Virtual size: 64KB

.idata Size: 8KB - Virtual size: 4KB

.reloc Size: 28KB - Virtual size: 24KB

.textbss
Size: - Virtual size: 368KB

.text
Size: 760KB - Virtual size: 758KB

.rdata
Size: 116KB - Virtual size: 114KB

.data
Size: 44KB - Virtual size: 64KB

.idata
Size: 8KB - Virtual size: 4KB

.reloc
Size: 28KB - Virtual size: 24KB