5c1a8598d1d4c5864df3931afb09b1af

Sharing

Copy URL

Twitter E-mail

General

Target

5c1a8598d1d4c5864df3931afb09b1af
Size

132KB
MD5

5c1a8598d1d4c5864df3931afb09b1af
SHA1

fb884f58f5f835e18a6752f21b4ca354d5ac4238
SHA256

9f8cbcf87629c38a889ad602c98fe3dc57868744ebd49df82dad10eaf7b4b340
SHA512

ed78ef1b7ffd606debc216900c03bc0be0184419a83bac4dbb61faf94590a4c7acd75174ab050bd0f1a1c50dc96538859b510505d9f6a68e92ca8ec84e0d5262
SSDEEP

3072:FtWwoCubILXmfqenWLU75zZUmNbZqQwbmkj5MSca:ZXTs7Rtwbm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c1a8598d1d4c5864df3931afb09b1af

Files

5c1a8598d1d4c5864df3931afb09b1af
.exe windows:4 windows x86 arch:x86

4b12b4188ff108b1c6abee5eafc7e2c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetCursorPos
GetDCEx
SetClipboardData
GetCursor
GetSysColor
GetMenu
MoveWindow
CreateMenu
CallWindowProcA
GetMessagePos
LoadIconA
DestroyIcon
CharLowerBuffA
ShowOwnedPopups
SetWindowPos
GetPropA
GetKeyboardLayoutNameA
RemovePropA
ScrollWindow
GetClassLongA
PeekMessageA
EmptyClipboard
GetClassNameA
SetWindowLongA
GetDlgItem
InflateRect
DispatchMessageW
CharNextW
UnhookWindowsHookEx
WindowFromPoint
LoadCursorA
GetWindowPlacement
PostQuitMessage
SendMessageA
DispatchMessageA
SetScrollInfo
SetRect
IsDialogMessageA
EndPaint
GetDC
GetScrollRange
MapVirtualKeyA
DrawTextA
GetKeyboardLayout
ShowWindow
IsWindowEnabled
CreatePopupMenu
DrawIconEx
IsWindowVisible
PtInRect
IsRectEmpty
GetScrollPos
DestroyWindow
SetScrollRange
LoadBitmapA
ChildWindowFromPoint
FrameRect
RegisterClassA
CreateWindowExA
SetCursor
OemToCharA
DrawFrameControl
EnumThreadWindows
EnumChildWindows
GetMenuState
WaitMessage
GetMenuStringA

kernel32

CompareStringA
HeapFree
FindResourceA
GetStartupInfoA
GetCPInfo
WriteFile
lstrcatA
GetStringTypeA
FreeLibrary
RaiseException
MoveFileExA
InitializeCriticalSection
LoadResource
GetEnvironmentStrings
SetFilePointer
LoadLibraryA
GetDiskFreeSpaceA
lstrcpyA
GlobalDeleteAtom
GetThreadLocale
GetModuleHandleA
GetTickCount
DeleteFileA
lstrcpynA
GetLocalTime
LoadLibraryExA
lstrlenA
lstrcmpiA
MulDiv
VirtualFree
GetCommandLineA
GetProcAddress
GetUserDefaultLCID
ExitThread
GetCurrentProcess
GlobalAlloc
SetEvent
GetFileAttributesA
GetFileType
Sleep
GetModuleHandleW
SetThreadLocale
ResetEvent
SizeofResource
VirtualAllocEx
GetLastError
LocalReAlloc
GetVersion
lstrcmpA
ExitProcess
VirtualAlloc
ReadFile
GlobalFindAtomA
SetLastError
GetDateFormatA
WaitForSingleObject
WideCharToMultiByte

Sections

CODE
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b12b4188ff108b1c6abee5eafc7e2c2

Headers

File Characteristics

Imports

user32

kernel32

Sections

CODE Size: 49KB - Virtual size: 48KB

.rdata Size: 70KB - Virtual size: 70KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 10KB - Virtual size: 9KB

CODE
Size: 49KB - Virtual size: 48KB

.rdata
Size: 70KB - Virtual size: 70KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 10KB - Virtual size: 9KB