5b3b09e69472ad2cc1291f7493444f5a

Sharing

Copy URL

Twitter E-mail

General

Target

5b3b09e69472ad2cc1291f7493444f5a
Size

250KB
MD5

5b3b09e69472ad2cc1291f7493444f5a
SHA1

babf673f8e4d1bf715f66190c8e9fbf563193a76
SHA256

17c058ac5b55c442166d75b2b6075963007e72a0df10d1110589296770be5ea8
SHA512

04c31ff56d8a2ed3ebcd0fed6f03e31e5add1f31db1b2f68c82d91de717c61c6451fb52a050e859378593c206776355034ecc56493629a3371cde238215c6edb
SSDEEP

6144:dX6R9B4TOmFil7uxDGt7rE/kvl5UOQliAzLSMIZGyk3R:4X4T4t7SG5UOKkMINc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b3b09e69472ad2cc1291f7493444f5a

Files

5b3b09e69472ad2cc1291f7493444f5a
.exe windows:4 windows x86 arch:x86

3e09eabf6da7ba43725c5a67c4d341f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TrackPopupMenu
GetPropW
SendMessageW
GetDC
GetParent
SetWindowLongW
SetClipboardData
GetWindowTextW
SetCursor
SetDlgItemTextW
MessageBoxW
MoveWindow
GetSubMenu
GetAsyncKeyState
GetCapture
PostMessageW
ScreenToClient
DestroyMenu
EnableMenuItem
LoadStringW
EndDialog
RemovePropW
ReleaseDC
SendDlgItemMessageW
LoadMenuW
GetClientRect
GetDlgItem
ShowWindow
GetSysColor
CallWindowProcW
SetWindowTextW
LoadIconW
GetCursorPos
GetWindowLongW
EmptyClipboard
CloseClipboard
SetPropW
InvalidateRect
MapDialogRect
ClientToScreen
LoadCursorW
PtInRect
GetSystemMetrics
OpenClipboard
ExitWindowsEx
ReleaseCapture
GetWindowTextLengthW
DialogBoxParamW
GetWindowRect
SetCapture
SetWindowsHookExW

oleaut32

SysFreeString
VariantInit
SysAllocString
VariantClear

kernel32

SetFileTime
RemoveDirectoryW
GlobalAlloc
GetDriveTypeW
MapViewOfFile
GetDateFormatW
FindNextFileW
GetWindowsDirectoryW
GetDiskFreeSpaceExW
SetThreadPriority
WritePrivateProfileStringW
SetEndOfFile
GetCurrentDirectoryW
SetLastError
OpenProcess
VirtualProtectEx
GetPrivateProfileStringW
VirtualAlloc
CreateFileMappingW
GetTimeFormatW
GetFileSize
ReadFile
GetModuleHandleW
GetVolumeInformationW
SetPriorityClass
GetFileTime
GetCurrentThreadId
FormatMessageW
LoadLibraryExW
LoadResource
GetPriorityClass
SetUnhandledExceptionFilter
MoveFileW
IsDebuggerPresent
WriteFile
ResumeThread
LocalFree
FindResourceW
CopyFileW
FreeLibrary
GlobalUnlock
DeleteCriticalSection
EnterCriticalSection
SizeofResource
CloseHandle
ReadProcessMemory
WideCharToMultiByte
CreateThread
FileTimeToSystemTime
CreateProcessW
GetSystemDirectoryW
FreeResource
FlushFileBuffers
UnhandledExceptionFilter
GetFullPathNameW
SetFileAttributesW
GetSystemInfo
WriteProcessMemory
FindClose
SetThreadLocale
LockResource
DeleteFileW
GlobalFree
DisableThreadLibraryCalls
GetDiskFreeSpaceW
GlobalMemoryStatus
GetComputerNameW
LocalAlloc
FindResourceExW
GetSystemTimeAsFileTime
VirtualFree
GetLocalTime
UnmapViewOfFile
GetCommandLineW
CreateSemaphoreW
GetThreadLocale
GlobalLock
LeaveCriticalSection
MoveFileExW
QueryDosDeviceW
VirtualQueryEx
WaitForSingleObject
RaiseException
GetTempFileNameW
GetLogicalDrives
FindFirstFileW
MulDiv
FreeEnvironmentStringsW
CreateFileW
SetFilePointer
VirtualAllocEx

advapi32

RegEnumKeyExW
RegQueryInfoKeyW
GetUserNameW
AllocateAndInitializeSid
RegSetValueExW
RegDeleteKeyW
SetNamedSecurityInfoW
RegCreateKeyExW
RegUnLoadKeyW
RegOpenKeyExW
RegLoadKeyW
RegCloseKey
RegEnumValueW
RegDeleteValueW
LookupAccountSidW
FreeSid
RegQueryValueExW

mscms

CreateProfileFromLogColorSpaceA
UnregisterCMMW
SelectCMM
GetColorDirectoryA
CheckBitmapBits
SetColorProfileElementReference
GetPS2ColorRenderingIntent
UninstallColorProfileA

atl

AtlIPersistPropertyBag_Load
AtlAxGetHost
AtlCreateTargetDC

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.a
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.VLAwlW
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.HIZQ
Size: 512B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zDtH
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QIRb
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xZDH
Size: 512B - Virtual size: 633B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.epxLT
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.YHaSXt
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.NQ
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 211KB - Virtual size: 506KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.KD
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.miDHAp
Size: 1024B - Virtual size: 953B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Vvqe
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e09eabf6da7ba43725c5a67c4d341f2

Headers

DLL Characteristics

File Characteristics

Imports

user32

oleaut32

kernel32

advapi32

mscms

atl

Sections

.text Size: 16KB - Virtual size: 16KB

.a Size: 1KB - Virtual size: 1KB

.VLAwlW Size: 1KB - Virtual size: 1KB

.HIZQ Size: 512B - Virtual size: 592B

.zDtH Size: 2KB - Virtual size: 2KB

.QIRb Size: 1024B - Virtual size: 1KB

.rdata Size: 5KB - Virtual size: 4KB

.xZDH Size: 512B - Virtual size: 633B

.epxLT Size: 1KB - Virtual size: 2KB

.YHaSXt Size: 2KB - Virtual size: 3KB

.NQ Size: 1KB - Virtual size: 1KB

.data Size: 211KB - Virtual size: 506KB

.KD Size: 2KB - Virtual size: 2KB

.miDHAp Size: 1024B - Virtual size: 953B

.Vvqe Size: 1024B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 476B

.text
Size: 16KB - Virtual size: 16KB

.a
Size: 1KB - Virtual size: 1KB

.VLAwlW
Size: 1KB - Virtual size: 1KB

.HIZQ
Size: 512B - Virtual size: 592B

.zDtH
Size: 2KB - Virtual size: 2KB

.QIRb
Size: 1024B - Virtual size: 1KB

.rdata
Size: 5KB - Virtual size: 4KB

.xZDH
Size: 512B - Virtual size: 633B

.epxLT
Size: 1KB - Virtual size: 2KB

.YHaSXt
Size: 2KB - Virtual size: 3KB

.NQ
Size: 1KB - Virtual size: 1KB

.data
Size: 211KB - Virtual size: 506KB

.KD
Size: 2KB - Virtual size: 2KB

.miDHAp
Size: 1024B - Virtual size: 953B

.Vvqe
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 476B