571d3c66bea9935818b6271c1dd8b354

Sharing

Copy URL Twitter E-mail

General

Target

571d3c66bea9935818b6271c1dd8b354
Size

72KB
MD5

571d3c66bea9935818b6271c1dd8b354
SHA1

2788fc1022d8cc5d75db5b3e3f47418d3fa0c4f3
SHA256

e30220dea59e5ac0b23994c1768bfd2cd2c51c6d086298c4541d3580bdde2867
SHA512

42a338142267bb45e27304a09bb976caab6ca2c9d1a92b415f26a0814bd652a73fe6e8f546751aaf2760730fcbbf484691df116bc88cb26600a5267e6fc6b16d
SSDEEP

1536:jfSh7BKitsY0ujGaCtWKqGEXVBNoiSLApHYDwLGiLAhx:jfSh7YitsY1QqPXvNUJuGiLQx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
571d3c66bea9935818b6271c1dd8b354

Files

571d3c66bea9935818b6271c1dd8b354
.exe windows:4 windows x86 arch:x86

dc1ded3129b54fa5a65d1845876ffe46

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
SetThreadLocale
GetUserDefaultLCID
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
DeleteFileA
GetTempFileNameA
GetTempPathA
lstrlenW
InterlockedDecrement
GetStringTypeExA
GetThreadLocale
HeapCreate
InitializeCriticalSection
FlushInstructionCache
ReadFile
LoadResource
CreateFileA
WriteFile
GetProcAddress
GetVolumeInformationA
GetComputerNameA
FindClose
FindFirstFileA
GetWindowsDirectoryA
WideCharToMultiByte
MultiByteToWideChar
GetFileAttributesA
GetSystemTime
GetSystemDirectoryA
FindNextFileA
lstrcmpA
FreeLibrary
SizeofResource
FreeResource
InterlockedIncrement
GetVersionExA
GetCurrentProcess
GetLastError
GetModuleHandleA
GetShortPathNameA
lstrlenA
GetEnvironmentVariableA
LoadLibraryA
GetModuleFileNameA
OpenEventA
CreateEventA
CloseHandle
WaitForSingleObject
GetExitCodeProcess
SetEvent
HeapFree
HeapAlloc
GetCommandLineA
ExitProcess
GetStartupInfoA
GetFileSize

user32

GetWindowTextA
GetWindowTextLengthA
UpdateWindow
InvalidateRect
RedrawWindow
ScreenToClient
ClientToScreen
CharLowerA
LoadStringW
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
SetCursor
GetWindowLongA
wvsprintfA
SetTimer
SetWindowTextA
SetDlgItemTextA
IsDlgButtonChecked
GetSystemMetrics
LoadImageA
SendMessageA
GetDlgItem
CheckDlgButton
EndDialog
PostMessageA
GetMessageA
GetActiveWindow
DialogBoxParamA
MessageBoxA
CallWindowProcA
SetWindowLongA
GetSysColor
CharNextA
LoadStringA
GetParent
DefWindowProcA

gdi32

GetStockObject
GetObjectA
CreateSolidBrush
DeleteObject
SetTextColor
CreateFontIndirectA

advapi32

OpenServiceA
LsaOpenPolicy
LsaAddAccountRights
LsaClose
RegCreateKeyExA
RegSetValueExA
GetTokenInformation
OpenProcessToken
GetUserNameA
CloseServiceHandle
ChangeServiceConfigA
RegQueryValueExA
OpenSCManagerA
CreateWellKnownSid
RegCloseKey
RegOpenKeyExA

shell32

ShellExecuteA
ShellExecuteExA

ole32

CoInitialize

comctl32

InitCommonControlsEx

Sections

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc1ded3129b54fa5a65d1845876ffe46

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

Sections

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 45KB - Virtual size: 45KB

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 45KB - Virtual size: 45KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 2KB - Virtual size: 1KB