5b20b3e8e449a78ca33a163e71bec347

Sharing

Copy URL Twitter E-mail

General

Target

5b20b3e8e449a78ca33a163e71bec347
Size

440KB
MD5

5b20b3e8e449a78ca33a163e71bec347
SHA1

d667f5a1269b796abe31f646ff053f03b752e119
SHA256

7bfff072d4b86ddb5abc1bc2904fce99d4bc5983b1281851a15fc7574880a601
SHA512

02d903498f1cd2968bc50fc96d620e22ed9cd3c16b7f33cea7b8052abb2b937135dbd44efd7e79a4ca3a41e2dc16b8c2b099700d4eeedd8a5328536a4ed37bd6
SSDEEP

6144:gy8j1Zfi3/S4w9NQCxTkrJVEE0GYIYumFpEFVJnLK9t1d1QcG7i5L1jG7w6Nb:gy8Xfka4kN3eSNg7IQri5LxG8O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b20b3e8e449a78ca33a163e71bec347

Files

5b20b3e8e449a78ca33a163e71bec347
.exe windows:5 windows x86 arch:x86

adb6ce0c302a0518e1e45da7231422b8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHOpenFolderAndSelectItems
SHGetPathFromIDListW
ord155
SHParseDisplayName
SHBrowseForFolderW

msvcrt

_adjust_fdiv
_initterm
exit
realloc
_except_handler3
__p__commode
_vsnwprintf
_c_exit

kernel32

MoveFileW
MultiByteToWideChar
Sleep
FindFirstFileW
LocalAlloc
GetSystemTimeAsFileTime
FreeLibraryAndExitThread
VirtualAllocEx
HeapDestroy
FindNextFileW
EnterCriticalSection
DeleteFileW
lstrcmpiW
GetFileSize
CreateEventA
LoadResource
GetTickCount
GetDateFormatW
GetLocalTime
GetModuleHandleA
QueryPerformanceCounter
SetLastError
LoadLibraryExW
LoadLibraryW
FindResourceW
lstrlenA
WaitForSingleObject
GetTempPathW
SetEvent
GlobalLock
GetHandleInformation

shlwapi

StrToIntExW

ole32

StringFromCLSID
StringFromIID
CoTaskMemFree

gdi32

MoveToEx
CreateDIBSection
SetROP2
CreateFontIndirectW
BitBlt
DeleteDC
GetTextMetricsW
CreateCompatibleBitmap
SetTextColor
CreateHalftonePalette
CreateCompatibleDC

advapi32

RegEnumValueW
RegQueryInfoKeyW
RegCreateKeyExW
OpenSCManagerW
RegOpenKeyExW

user32

SetForegroundWindow
GetCapture
DialogBoxParamW
MessageBoxW
KillTimer
WinHelpW
PostMessageW
GetMonitorInfoW
MessageBeep
SetWindowLongW
MapDialogRect
GetCursorPos
SendDlgItemMessageW
RegisterClassW
GetClientRect
GetFocus
GetClassInfoW
CreateWindowExW
GetWindowLongW
PeekMessageW
CopyIcon
DrawIconEx
RemovePropW
DispatchMessageW
DestroyIcon

gdiplus

GdipFree
GdipGetImageDecodersSize
GdipImageRotateFlip
GdipGetImageWidth
GdiplusStartup
GdipGetImageDecoders
GdipCloneImage

Sections

.text
Size: 394KB - Virtual size: 394KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

adb6ce0c302a0518e1e45da7231422b8

Headers

DLL Characteristics

File Characteristics

Imports

shell32

msvcrt

kernel32

shlwapi

ole32

gdi32

advapi32

user32

gdiplus

Sections

.text Size: 394KB - Virtual size: 394KB

.data Size: 39KB - Virtual size: 38KB

.rsrc Size: 6KB - Virtual size: 332KB

.text
Size: 394KB - Virtual size: 394KB

.data
Size: 39KB - Virtual size: 38KB

.rsrc
Size: 6KB - Virtual size: 332KB