515d80ed8ddc9298c8a7e1372af9962c

Sharing

Copy URL

Twitter E-mail

General

Target

515d80ed8ddc9298c8a7e1372af9962c
Size

87KB
MD5

515d80ed8ddc9298c8a7e1372af9962c
SHA1

15a4415522c1cf42e4e99a42ebc244ced8c4bb66
SHA256

8de98435e9b4c009d125c3805f688d55cdff9fc45a39f025905ff681ef5d7b2c
SHA512

426b544609ced743d9f43661421595b47af5ddb5a870e53e77d48d2f7e708a80ffc5a1f8afe3af950101fab4336fda0f9716b7cdf5dd9381540aa06f69410f71
SSDEEP

1536:mEDUizO/oDEyup61H/oQBGW4bnBfPTRWHhvU+r7yHYbJ4p0fABOTyBTfy6fG:RDUizMo1upYwQIcHhsDC4/mylbG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
515d80ed8ddc9298c8a7e1372af9962c

Files

515d80ed8ddc9298c8a7e1372af9962c
.exe windows:5 windows x86 arch:x86

eb6c1d68e03e33d234fcbe78c2d81554

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsUNCW

comdlg32

PrintDlgExW
CommDlgExtendedError
ReplaceTextW
PageSetupDlgW
GetOpenFileNameW

kernel32

FileTimeToSystemTime
CloseHandle
CopyFileA
LoadLibraryW
CreateNamedPipeA
IsBadCodePtr
TransactNamedPipe
SetFilePointer
lstrlenW
SleepEx
EnumResourceTypesA
FindNextFileW
GetShortPathNameA
lstrcatW
FindFirstFileA
FindResourceExW
SizeofResource
GetFileInformationByHandle
GetLongPathNameW
GetUserDefaultLCID
GetModuleFileNameA
VerifyVersionInfoW
GetModuleFileNameW
GetExitCodeThread
GlobalReAlloc
SetEvent
WaitCommEvent
FormatMessageA
FreeLibrary
EnumResourceNamesW
SetMailslotInfo
LocalReAlloc
EscapeCommFunction
SetEndOfFile
CreateFileMappingW
LockFile
lstrcmpW
ReleaseMutex
SetupComm
GetUserDefaultUILanguage
SetThreadContext
CreateThread
SetThreadPriority
DisconnectNamedPipe
SetErrorMode
GetCommConfig
GetFileType
HeapFree
GetVersionExA
lstrcpyW
GetSystemDirectoryA
RegisterWaitForSingleObject
WaitForSingleObject
SetHandleCount
SetFileTime
GetSystemTimeAdjustment

msvcrt

strcpy
exit
strerror
fgets
_controlfp
atol
isdigit
srand
wcscpy
strrchr
fwrite
bsearch
iswspace
realloc
__set_app_type
__p__fmode
sprintf
setlocale
setvbuf
wcschr
iswxdigit
__p__commode
swprintf
strncmp
strspn
wcstoul
_amsg_exit
_initterm
isprint
rand
system
iswctype
_ismbblead
puts
fflush
_XcptFilter
fputs
islower
_exit
_cexit
wcsrchr
wcstok
memset
__setusermatherr
vswprintf
calloc
__getmainargs
isalpha

user32

GetClientRect
ReplyMessage
LoadIconW
SetMenuItemInfoW
GetFocus
SendDlgItemMessageW
DrawIcon
GetUpdateRect
SetMenuDefaultItem
GetActiveWindow
ExitWindowsEx
InSendMessage
GrayStringW
WindowFromPoint
SetActiveWindow
SetScrollRange
SetSysColors
SendMessageW
GetUserObjectInformationW
SetParent
DragObject
OemToCharBuffA
SetDlgItemTextA
HiliteMenuItem
AppendMenuA
GetScrollInfo
IsDialogMessageW
FindWindowW
CharNextA
LoadMenuW
RemoveMenu
AppendMenuW
IsWindowVisible
GetClassInfoExW
GetMenuItemRect
DialogBoxParamW
GetDlgItem
MapDialogRect
OpenInputDesktop
HideCaret
GetForegroundWindow
ShowOwnedPopups
ValidateRect
SetFocus
SendNotifyMessageW
InSendMessageEx
BeginPaint
AdjustWindowRectEx
PostThreadMessageW
SetScrollPos
GetMessageW
SetCaretPos
TranslateMessage
GetMessageA
AttachThreadInput
InvalidateRgn
OemToCharA
AllowSetForegroundWindow
ClipCursor
GetWindowTextLengthW
MonitorFromRect
GetMonitorInfoW
DrawFrameControl
CharLowerBuffW
GetShellWindow
KillTimer
DrawIconEx
DestroyWindow
CharNextW
GetMessagePos
ShowScrollBar
InsertMenuA
IsCharAlphaA
ScreenToClient
SetRectEmpty
CheckDlgButton
GetAsyncKeyState
CharPrevA
ShowCursor
GetKeyboardType
FillRect
GetSysColor
CheckMenuItem
GetDC
IsMenu
ShowWindowAsync
ReleaseDC
TrackPopupMenu
SetLastErrorEx
CheckRadioButton
SetCursorPos
SetWindowPlacement
GetScrollPos
RegisterClassExA
mouse_event
FindWindowExA
GetPropW
CreateMenu
GetKeyNameTextW
ActivateKeyboardLayout
InternalGetWindowText
wvsprintfA
InsertMenuItemW
ModifyMenuW
DialogBoxIndirectParamW
SetMenuItemBitmaps
GetClassLongA
SendDlgItemMessageA
wsprintfA
SystemParametersInfoW
CreateCursor
RegisterClassW
GetMenuItemInfoW
ScrollWindow
GetClassNameW
GetClassInfoW
GetMenu
SetScrollInfo
GetWindowLongW
GetTopWindow
CreateDialogParamA
LoadStringW

Exports

Exports

?CalculateStringCapacity@@YGKDDPAX:O

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dati
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.date
Size: 512B - Virtual size: 99B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.char
Size: 1024B - Virtual size: 559B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.odata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.align
Size: - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eb6c1d68e03e33d234fcbe78c2d81554

Headers

File Characteristics

Imports

shlwapi

comdlg32

kernel32

msvcrt

user32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.dati Size: 6KB - Virtual size: 5KB

.date Size: 512B - Virtual size: 99B

.char Size: 1024B - Virtual size: 559B

.odata Size: 13KB - Virtual size: 12KB

.data Size: 3KB - Virtual size: 2KB

.align Size: - Virtual size: 119KB

.tls Size: 512B - Virtual size: 512B

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 20KB - Virtual size: 22KB

.text
Size: 9KB - Virtual size: 8KB

.dati
Size: 6KB - Virtual size: 5KB

.date
Size: 512B - Virtual size: 99B

.char
Size: 1024B - Virtual size: 559B

.odata
Size: 13KB - Virtual size: 12KB

.data
Size: 3KB - Virtual size: 2KB

.align
Size: - Virtual size: 119KB

.tls
Size: 512B - Virtual size: 512B

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 20KB - Virtual size: 22KB