53a7fa42db2139da6c778e1772443ea7

Sharing

Copy URL Twitter E-mail

General

Target

53a7fa42db2139da6c778e1772443ea7
Size

488KB
MD5

53a7fa42db2139da6c778e1772443ea7
SHA1

84ce6b7a67246388c0b8f7fb1586cef0fe8db48d
SHA256

f0190905da993035d1c4ba99dd0c2f4ab77a76db41eadc0a19d0fe80398a9dfb
SHA512

94357c554d49a02f0521fab35f2e849be79176a3bc858b58d607562bab39f8aa84db4287ffb082aec0433684095db0eb5f7aa6b26fac7f4c4d618357439c1529
SSDEEP

12288:5hZVRAxQyaRfYUM45AdyS/1gLoI3fDfFzN9LAArT5:fvRAxLaRfYA5KFmLoM7fFzn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53a7fa42db2139da6c778e1772443ea7

Files

53a7fa42db2139da6c778e1772443ea7
.exe windows:4 windows x86 arch:x86

635eca663879437e0a846ff74f474f30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
FreeEnvironmentStringsW
SetConsoleCtrlHandler
EnterCriticalSection
RtlUnwind
HeapCreate
DeleteCriticalSection
GetCurrentProcess
GetStringTypeW
VirtualAlloc
SetLastError
LeaveCriticalSection
HeapReAlloc
GetProcessHeap
GetEnvironmentStringsA
GetOEMCP
GetCurrentThread
SetHandleCount
GetModuleFileNameA
GetEnvironmentStrings
GetVersionExA
ExitProcess
GetLastError
GetUserDefaultLCID
InitializeCriticalSection
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetTimeFormatA
GetCommandLineA
IsDebuggerPresent
QueryPerformanceCounter
WriteFile
TlsFree
WaitForMultipleObjects
TlsAlloc
VirtualFree
GetCPInfo
HeapAlloc
GetStdHandle
HeapFree
EnumResourceTypesA
SetUnhandledExceptionFilter
GetCurrentProcessId
CompareStringW
HeapDestroy
GetTimeZoneInformation
TlsSetValue
InterlockedIncrement
GetACP
GetLocaleInfoA
HeapSize
GetDateFormatA
LCMapStringW
TlsGetValue
EnumSystemCodePagesA
EnumSystemLocalesA
GetModuleHandleA
EnumDateFormatsExW
GetFileType
CompareStringA
IsValidLocale
Sleep
EnumDateFormatsW
CreateEventA
FreeLibrary
InterlockedDecrement
GetProcAddress
GetLocaleInfoW
GetStartupInfoA
FreeEnvironmentStringsA
MultiByteToWideChar
InterlockedExchange
IsValidCodePage
TerminateProcess
GetStringTypeA
VirtualQuery
WideCharToMultiByte
UnhandledExceptionFilter
FormatMessageA
SetEnvironmentVariableA
GetCurrentThreadId
LCMapStringA
DosDateTimeToFileTime

shell32

SheChangeDirExW
RealShellExecuteA
SHGetMalloc
RealShellExecuteExW
FindExecutableW
ExtractAssociatedIconExA
FindExecutableA
SheSetCurDrive
SHInvokePrinterCommandW
SHFileOperationA
SHGetFileInfoW
SHGetDataFromIDListA
ShellExecuteA
SHFormatDrive
DuplicateIcon
DragAcceptFiles
ExtractIconEx
ShellExecuteEx
DragQueryFileAorW
SHGetNewLinkInfo
SHEmptyRecycleBinA
SheGetDirA
SHLoadInProc

comdlg32

PageSetupDlgA

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

635eca663879437e0a846ff74f474f30

Headers

File Characteristics

Imports

kernel32

shell32

comdlg32

Sections

.text Size: 168KB - Virtual size: 168KB

.data Size: 314KB - Virtual size: 313KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 168KB - Virtual size: 168KB

.data
Size: 314KB - Virtual size: 313KB

.rsrc
Size: 4KB - Virtual size: 4KB