5349c4bf77c4ee18a20abf1967c28c73

Sharing

Copy URL

Twitter E-mail

General

Target

5349c4bf77c4ee18a20abf1967c28c73
Size

292KB
MD5

5349c4bf77c4ee18a20abf1967c28c73
SHA1

32672e189ca344763f78f48d1d9efda99619bfd9
SHA256

14a313ce5ce93c34ed54d656915ede403537d580da0029c3b7f75bcc2b3c86e5
SHA512

f049eef0fdae63ca9f2634933f1e728dc3d22774a1f3663b26b0fab48f87db6c638b85aa236fd895adcfe8d66503366e676fdbe98223e2b0487e4087634e8841
SSDEEP

6144:5kow8Oj2tsBHio9YScJeicSmSXx3O1ypa7x85ZHNlIapHPj:KF8w2tiF9YScHcSH0KIeHNdp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5349c4bf77c4ee18a20abf1967c28c73

Files

5349c4bf77c4ee18a20abf1967c28c73
.exe windows:4 windows x86 arch:x86

363bb8e0c50e347fe7dab1cffbe3453f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

SetEntriesInAclW
OpenServiceA
RegOpenKeyA
RegSetValueExA
GetTokenInformation
StartServiceCtrlDispatcherW
SetServiceStatus
RegQueryInfoKeyA
RegCloseKey
GetSecurityDescriptorLength
RegDeleteValueW
AccessCheck
RegisterEventSourceW
CreateProcessAsUserW
RegCreateKeyExA

kernel32

VirtualAlloc
GetFileType
CreateEventA
GlobalFindAtomW
GlobalGetAtomNameW
RemoveDirectoryA
IsBadCodePtr
GetProfileStringA
EnumSystemLocalesA
LCMapStringA
GetStringTypeA
RaiseException
SuspendThread
lstrcmpW
ReleaseMutex
GetLogicalDriveStringsA
GetStringTypeW
GetVersionExA
GetDiskFreeSpaceW
GetCurrentThreadId
ConvertDefaultLocale
GetUserDefaultUILanguage
HeapCreate
EnterCriticalSection
GetStringTypeExA
CreateDirectoryA
EnumCalendarInfoA
GetExitCodeProcess
GetTimeFormatA
Sleep
GetExitCodeThread
GetTimeFormatW
GetSystemInfo
GetTempPathW
MultiByteToWideChar
GetSystemTimeAsFileTime
GetACP
ReadFile
_lopen
Process32NextW
InterlockedDecrement
DeviceIoControl
SetUnhandledExceptionFilter
GlobalAddAtomW
GetPrivateProfileSectionA
DeleteTimerQueueEx
VerSetConditionMask
GetThreadPriority
GetShortPathNameW
LocalUnlock
ResumeThread
GetOEMCP
lstrcmpiA
GetConsoleOutputCP
UnlockFile
CreateFileW
DeleteCriticalSection
CreateTimerQueueTimer
GetPrivateProfileStringA
GetProcessTimes
SetFileAttributesA
SetEndOfFile
TlsSetValue
GetCurrentDirectoryA
CreateIoCompletionPort
GetProcAddress
CreateFileA
InterlockedIncrement
LCMapStringW
LoadLibraryA
HeapReAlloc
HeapAlloc
GetCPInfo
LeaveCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapDestroy
GetEnvironmentVariableA
GetLastError
TlsGetValue
SetLastError
TlsAlloc
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA

user32

GetDlgItemTextW
CharPrevA
CharLowerA
CopyIcon
MessageBoxA
MessageBeep
GetQueueStatus
UnregisterClassW
CopyAcceleratorTableW
UnregisterClassA
AppendMenuA
SystemParametersInfoW
SetDlgItemInt
ScrollDC
GetWindowLongA
CharLowerBuffA
GetClassNameW
DrawFrameControl
SetCursor
EndDialog
IsChild
GrayStringA
DialogBoxIndirectParamW
WindowFromPoint
GetAsyncKeyState
SendDlgItemMessageW
IsIconic
InsertMenuItemA
IsCharAlphaW
ReleaseCapture
DrawIcon
GetMenuStringW
GetNextDlgTabItem
InflateRect
InvalidateRect
TrackMouseEvent
DefMDIChildProcA
TranslateAcceleratorA
ReuseDDElParam
GetClassInfoExA
CharPrevW
TranslateMDISysAccel
IsWindowEnabled
GetDialogBaseUnits
GetSysColorBrush
GetClassInfoExW
MessageBoxW
CharToOemBuffA
RemovePropA
MessageBoxIndirectW
DefWindowProcW
OpenIcon
PeekMessageA
PtInRect
DdeCreateDataHandle
DdeClientTransaction
GetCaretBlinkTime
DispatchMessageW
IsWindow
IntersectRect
RegisterClassExW
RegisterClipboardFormatW
MsgWaitForMultipleObjects
TabbedTextOutA
DrawMenuBar
ShowCaret
EnableScrollBar
FlashWindow
CreatePopupMenu
LoadMenuW
EmptyClipboard

Sections

.text
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

363bb8e0c50e347fe7dab1cffbe3453f

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.text Size: 244KB - Virtual size: 241KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 20KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 712B

.text
Size: 244KB - Virtual size: 241KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 20KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 712B