5ed9a4127e47c13bb475aa05d7d94969

Sharing

Copy URL Twitter E-mail

General

Target

5ed9a4127e47c13bb475aa05d7d94969
Size

80KB
MD5

5ed9a4127e47c13bb475aa05d7d94969
SHA1

80ce8d4e8b8d47359aa7fb61af0b02f069472554
SHA256

ddaa813c1985124f5f934abd95c47c60a806dbe8252505f6827bc1734f0bb054
SHA512

7523f286f0b56f867af9930b8be28c8e82a2353e631aac5b3eb00f9ac6bede35ff6635b92fc64beca4b82bca45e742ba912ee29f2cc989d1c264449d359358e0
SSDEEP

768:0ry0tTzxaY9RKDof7D9G4mLr72yRuWXtQqm+gU/2tV2wMxIv/k/yCBX9nuWXjI7e:GX5RcUQz7zttlg+SMxIvojBRuyjI7e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ed9a4127e47c13bb475aa05d7d94969

Files

5ed9a4127e47c13bb475aa05d7d94969
.exe windows:4 windows x86 arch:x86

a8e29b919240324c8fa2931cc3527ac1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegSetValueExA

ole32

CoUninitialize
CoInitialize

user32

TranslateMessage
DefWindowProcA
SetDlgItemTextA
LoadStringA
GetDlgItemTextA
SendDlgItemMessageA
GetDlgItem
EndDialog
GetParent
DestroyWindow
DialogBoxParamA
GetWindowDC
ReleaseDC
EnumChildWindows
GetClassNameA
SendMessageA
MessageBoxW
LoadIconA
RegisterClassA
CreateWindowExA
CreateDialogParamA
SetFocus
PostQuitMessage
GetMessageA
IsDialogMessageA
DispatchMessageA

kernel32

RemoveDirectoryA
GetModuleHandleA
GetStartupInfoA
GetStringTypeW
GetFileAttributesA
LCMapStringA
LCMapStringW
GetStringTypeA
LoadLibraryA
GetProcAddress
VirtualAlloc
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
DeleteFileA
MulDiv
GetUserDefaultLangID
GetTempFileNameA
OpenFile
MultiByteToWideChar
WideCharToMultiByte
LocalFree
FormatMessageA
GetLastError
MoveFileA
CreateDirectoryA
GetModuleFileNameA
GetVersion
GetFullPathNameA
GetCurrentDirectoryA
GetDriveTypeA
TerminateProcess
GetCommandLineA
HeapAlloc
ExitProcess
HeapFree
GetCurrentProcess
UnhandledExceptionFilter

gdi32

GetDeviceCaps
GetObjectA
GetStockObject
CreateFontIndirectA

msjet40

ord185

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a8e29b919240324c8fa2931cc3527ac1

Headers

File Characteristics

Imports

comdlg32

advapi32

ole32

user32

kernel32

gdi32

msjet40

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 32KB - Virtual size: 36KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 32KB - Virtual size: 36KB