53b79f0768b93cca33a3e1f9bce727dd

Sharing

Copy URL Twitter E-mail

General

Target

53b79f0768b93cca33a3e1f9bce727dd
Size

131KB
MD5

53b79f0768b93cca33a3e1f9bce727dd
SHA1

35f5e71443bdd564a58197069bf80f8793f71ca8
SHA256

e0c6fd59f3767e0bb43f53ac14ce2c940a658316cf1e025dd6b174eea891eafd
SHA512

29360f727629e0e2cbcc48e62f5100db436fa6ba229bfcd3c03625e6a6af802300f65a5126c6e728ff6908cda90b434c543c566a67a1ace3b8f0fcb67180a41f
SSDEEP

3072:7jqWKO7OUmnF/Vde5J81LhNzgH6K55dUVFKo+tsL0lIqHU4ug:jOUmFqP06xoHX+t6GT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53b79f0768b93cca33a3e1f9bce727dd

Files

53b79f0768b93cca33a3e1f9bce727dd
.exe windows:4 windows x86 arch:x86

5b4eebf16c60561169d7ce02215e65ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
GetStartupInfoA
InterlockedCompareExchange
VirtualAlloc
MultiByteToWideChar
UnhandledExceptionFilter
GetStringTypeW
WriteConsoleA
GetEnvironmentStringsW
WaitForSingleObject
GetStringTypeExA
GetModuleHandleA

msvcrt

malloc
exit
iswspace
_putenv
_errno
strchr
_acmdln
_initterm
_adjust_fdiv
log
fwrite
__p__commode
_XcptFilter
strcpy
wctomb
__pioinfo
__p__fmode
_setjmp3
__getmainargs
__set_app_type
__setusermatherr
_except_handler3

user32

ShowOwnedPopups
SetWindowTextA
RemovePropA
GetScrollRange
SetRect
IsWindow
UpdateWindow
EnableMenuItem
CreatePopupMenu
IsIconic
GetParent
GetDlgItem

shell32

SHCreateDirectoryExW
Shell_NotifyIconA
ExtractIconExW
ExtractIconW
DragAcceptFiles
SHGetFolderPathW
SHGetSpecialFolderPathW
DragQueryFile
SHBrowseForFolderA
ShellExecuteExW
DragQueryFileA

oleaut32

SafeArrayCreate
SysStringLen
SafeArrayGetUBound
GetErrorInfo
SysAllocStringByteLen
SysFreeString
SafeArrayPutElement
SysStringByteLen
SysAllocStringLen
LoadTypeLib
VariantClear

advapi32

OpenProcessToken
RegQueryValueExW
CryptDestroyHash
CryptReleaseContext
DeleteService
RegEnumValueA
OpenServiceA
RegDeleteValueW
GetUserNameA
CryptCreateHash
RegSetValueExA
InitializeAcl

version

VerFindFileW
GetFileVersionInfoSizeA
VerInstallFileW
GetFileVersionInfoW
VerQueryValueA

ole32

RevokeDragDrop
OleSetMenuDescriptor
CreateBindCtx
StringFromIID
CoTaskMemAlloc
RegisterDragDrop
CoUninitialize
OleInitialize
OleDraw
CoGetInterfaceAndReleaseStream

comctl32

CreatePropertySheetPageA
ImageList_DragShowNolock
PropertySheetW
DestroyPropertySheetPage
ImageList_LoadImageA

gdi32

CreateDIBitmap
SaveDC
EnumEnhMetaFile
GetEnhMetaFileBits
GetMetaFileBitsEx
CreateICA
CreateCompatibleBitmap
PlayMetaFileRecord

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b4eebf16c60561169d7ce02215e65ec

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

shell32

oleaut32

advapi32

version

ole32

comctl32

gdi32

Sections

.text Size: 61KB - Virtual size: 61KB

.data Size: 48KB - Virtual size: 48KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 61KB - Virtual size: 61KB

.data
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 20KB - Virtual size: 19KB