543c5a2183d1e265e5d8283c63858904

General

Target

543c5a2183d1e265e5d8283c63858904
Size

214KB
MD5

543c5a2183d1e265e5d8283c63858904
SHA1

d59e42df43e2f4db3feb79dac28e3362b4e12063
SHA256

bd2bd7a6e56d19b3d0d11005199a30a973f2734c55bed354885bd618fbfb91c7
SHA512

2807ed9bdeb111d9fbbd2b68d79293963e22f6f464a93c898faf91e8142733033dc6ecebd263b08e755705cb59dc3ae6f76da0008f02cfd11e6b859820477442
SSDEEP

3072:a52g8PbmlkbhCZJozVHw6oqPTcor8qk80NQcQ3Gc1vNy1vkh37rgb3D5Tn0Ks6IW:1jjC8O6o6cYkxNQ9B17h37SFjAuwI+k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
543c5a2183d1e265e5d8283c63858904

Files

543c5a2183d1e265e5d8283c63858904
.exe windows:4 windows x86 arch:x86

139d8c2e43c3343bbb17966d2d96ec1b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
GetProcessHeap
SetEndOfFile
GetCurrentThreadId
GetCurrentProcess
ResetEvent
GetCurrentProcessId
GlobalAlloc
VirtualQuery
GetDiskFreeSpaceA
WideCharToMultiByte
GetThreadLocale
SetHandleCount
DeleteCriticalSection
GetModuleFileNameA
HeapFree
EnumCalendarInfoA
MoveFileExA
GetLastError
GetVersionExA
lstrlenA
FindClose
WriteFile
GetCPInfo
LocalAlloc
VirtualAlloc
GetDateFormatA
LoadLibraryExA
Sleep
LockResource
EnterCriticalSection
GetOEMCP
GetFullPathNameA
lstrcatA
SetEvent
GetCurrentThread
LoadResource
MulDiv
ExitProcess
lstrcpynA

user32

DrawEdge
GetForegroundWindow
RegisterClassA
GetActiveWindow
CreateIcon
GetKeyNameTextA
DefMDIChildProcA
CreateMenu
FillRect
CheckMenuItem
SetTimer
IsWindowEnabled
IsChild
GetMessagePos
CharLowerA
GetCursorPos
GetDesktopWindow
GetDCEx
ShowWindow
IsWindowVisible
GetCursor
GetMenuItemInfoA
GetPropA
GetFocus
SetWindowTextA

msvcrt

_XcptFilter
__wgetmainargs
_snprintf
tolower
mbstowcs
atol
memcpy
_itow
__p__commode
wcschr

advapi32

RegQueryValueA

shlwapi

StrNCatA
StrRChrA
IsCharSpaceA
StrToIntExA
StrFormatByteSizeA
PathIsContentTypeA
PathIsDirectoryA
SHSetValueA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 199KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

139d8c2e43c3343bbb17966d2d96ec1b

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

shlwapi

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 2KB - Virtual size: 2KB

.edata Size: 199KB - Virtual size: 231KB

.init Size: 3KB - Virtual size: 3KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 2KB - Virtual size: 2KB

.edata
Size: 199KB - Virtual size: 231KB

.init
Size: 3KB - Virtual size: 3KB