573c0c978d72d7152e335c06b2aacdb5

General

Target

573c0c978d72d7152e335c06b2aacdb5
Size

47KB
MD5

573c0c978d72d7152e335c06b2aacdb5
SHA1

c85cd6b01a1d31eebdf3e5c5b8ef7cb85b362e6a
SHA256

37effa6ccdaf23e5cd29586e716022ac2406e73dec4a7250d6e4fd0c426d5468
SHA512

5be991f4e4c9052cdafefa84d23c9bfe79b66777912c0d7f63a3cdafcf5d91c7b4fc38417c7781760ab3031835121d1af0a232720996cade5b5261d75bd0b694
SSDEEP

768:5PyTfHPmQw6GkMLSzsGoTY1KsFL1/CWDxHXqMLJMm6MIeQWgFvsJm/e+pEzlnJBw:cfvNwLROAtT2KsR1/CWDxHaMqWIeQZqU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
573c0c978d72d7152e335c06b2aacdb5

Files

573c0c978d72d7152e335c06b2aacdb5
.dll windows:4 windows x86 arch:x86

49b12e7edac287efebe2e315396b3e05

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

SHDeleteEmptyKeyA
ord195
AssocCreate
SHDeleteKeyA
PathRemoveBackslashA

ole32

CoCreateInstance
CoInitialize

kernel32

GetVersionExW
GetVersionExA
WideCharToMultiByte
GetCommandLineW
GetModuleHandleA
GetEnvironmentVariableW
SetErrorMode
Sleep
ResetEvent
CreateEventA
GetWindowsDirectoryA
FormatMessageA
GlobalFree
WaitForMultipleObjects
CreateEventW
GetCurrentProcess
GetVolumeInformationA
GetDriveTypeA
VirtualAlloc
VirtualFree
CreateFileA
ReadFile
WriteFile
GetCurrentProcessId
GetModuleFileNameA
GetSystemTime
SystemTimeToFileTime
LocalAlloc
GetFileSize
SearchPathA
CreateSemaphoreA
OpenSemaphoreA
TryEnterCriticalSection
SwitchToThread
ResumeThread
CreateThread
TerminateThread
IsDBCSLeadByteEx
GetStringTypeW
HeapReAlloc
GetStringTypeA
GetCPInfo

user32

MessageBeep
GetWindowLongA
SendMessageA
GetDlgItem
MessageBoxW

winhttp

WinHttpCloseHandle
WinHttpConnect

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegEnumValueA
RegDeleteValueA
RegCloseKey

shell32

SHGetFolderPathW

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 258B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49b12e7edac287efebe2e315396b3e05

Headers

File Characteristics

Imports

shlwapi

ole32

kernel32

user32

winhttp

advapi32

shell32

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 15KB - Virtual size: 14KB

.reloc Size: 512B - Virtual size: 258B

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 15KB - Virtual size: 14KB

.reloc
Size: 512B - Virtual size: 258B