53a03c1a1b5372a0a2352fc1bd706d99

Sharing

Copy URL Twitter E-mail

General

Target

53a03c1a1b5372a0a2352fc1bd706d99
Size

185KB
MD5

53a03c1a1b5372a0a2352fc1bd706d99
SHA1

3b850e9b427f3cfea985abbb8a4b5731b30dac7e
SHA256

817181bce345a594f31f023b62675b3f297643ce7519bb3fe9818f793458da43
SHA512

9b69978c5e16d944a408b963d5365c97a23285cef7b2c3330764a862ddfaf1859e6f786c51683476d2fb2a62b5344f932a836aff07fe0ef8ae71575ddfa7b0cc
SSDEEP

3072:JZ9UoFYyqlt9omHr04eSZnLEzY0OBJz8E9UJuntlNFTM:DPYJb7LDpZh0OBJIkcut7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53a03c1a1b5372a0a2352fc1bd706d99

Files

53a03c1a1b5372a0a2352fc1bd706d99
.exe windows:4 windows x86 arch:x86

35a5e56c53771e638bc13be01bdac502

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegLoadKeyA

ole32

PropVariantClear
ReleaseStgMedium
StgCreateDocfileOnILockBytes
CLSIDFromString

oleaut32

SafeArrayUnaccessData
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayPtrOfIndex
SysFreeString
SafeArrayCreate
VariantChangeType
SysReAllocStringLen
VariantCopyInd
OleLoadPicture
SysAllocStringLen

msvcrt

asin
tolower
atan
memset
mbstowcs
strlen
memcmp
pow
memcpy
memcmp

version

VerInstallFileA
GetFileVersionInfoA
VerQueryValueA
VerFindFileA

shell32

SHFileOperationA
SHGetDiskFreeSpaceA

kernel32

GetCommandLineA
GetModuleHandleA
LoadLibraryExA
GetLastError
GetProcAddress
IsBadHugeReadPtr
ExitProcess
lstrlenA
Sleep
VirtualAlloc
ExitThread
CloseHandle
VirtualAllocEx

comctl32

ImageList_Write
ImageList_DrawEx
ImageList_DragShowNolock
ImageList_Draw
ImageList_Add
ImageList_Destroy
ImageList_Create
ImageList_GetBkColor
ImageList_Remove
ImageList_Read

gdi32

SaveDC
CreateFontIndirectA
GetClipBox
SelectObject
GetPixel

user32

AdjustWindowRectEx
BeginPaint
CallNextHookEx

shlwapi

SHGetValueA
SHQueryInfoKeyA
PathIsContentTypeA
SHEnumValueA
PathFileExistsA
SHDeleteKeyA
SHStrDupA
PathIsDirectoryA
SHDeleteValueA

comdlg32

ChooseColorA

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdata
Size: 1024B - Virtual size: 670B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cdata
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35a5e56c53771e638bc13be01bdac502

Headers

File Characteristics

Imports

advapi32

ole32

oleaut32

msvcrt

version

shell32

kernel32

comctl32

gdi32

user32

shlwapi

comdlg32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 1024B - Virtual size: 88KB

.data Size: 8KB - Virtual size: 7KB

.fdata Size: 1024B - Virtual size: 670B

.cdata Size: 123KB - Virtual size: 122KB

.bdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 980B

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 1024B - Virtual size: 88KB

.data
Size: 8KB - Virtual size: 7KB

.fdata
Size: 1024B - Virtual size: 670B

.cdata
Size: 123KB - Virtual size: 122KB

.bdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 980B