5caea4e28c36e0570045dda41f2f6a5f

Sharing

Copy URL Twitter E-mail

General

Target

5caea4e28c36e0570045dda41f2f6a5f
Size

356KB
MD5

5caea4e28c36e0570045dda41f2f6a5f
SHA1

1d6f79cb36addd74e69cf8b3ad7080cc9b6c0d40
SHA256

ecaee21c398da9258346b6b58d628b729c4f849b7d54f1cad9c25131e927bfea
SHA512

9f7ce9ba8810ba26deacfb55e85dede40b7f201cffa44aa5558eaf2e1b2bd85eff64522aec8302fbb825141af30f0a920070066c6776882430cbe8dfecc43e66
SSDEEP

6144:Sfk5SfVyiz5UvanvnO1qjBAtJxvzz/4KhOYbIguhbWZD03ILSYEu4l7+D0o8G6t:yVdyiz5UcW1OBMzkKh1bPuFm/7o7U8G6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5caea4e28c36e0570045dda41f2f6a5f

Files

5caea4e28c36e0570045dda41f2f6a5f
.exe windows:4 windows x86 arch:x86

f35767e443e7ebea5d4e7a8f1007c4cf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetVersionExA
GetSystemInfo
EnterCriticalSection
LocalUnlock
CreateFileA
RaiseException
FindResourceW
GetACP
GetTickCount
lstrcatW
FileTimeToSystemTime
ReadFile
lstrcpyW
GetCurrentProcess
GetCurrentThreadId
IsDebuggerPresent
GetTimeFormatW
LocalReAlloc
GetLocaleInfoW
GetSystemTimeAsFileTime
TerminateProcess
LocalFree
TlsAlloc
GlobalUnlock
ReleaseSemaphore
GetUserDefaultLCID
InterlockedCompareExchange
LeaveCriticalSection
MultiByteToWideChar
lstrcpynW
GetEnvironmentStrings
GetCurrentProcessId
VirtualProtect
LocalLock
GetStdHandle
lstrcmpW
LoadLibraryA
GetCPInfo
FreeEnvironmentStringsW
GetLocaleInfoA
CreateMutexW
FindFirstFileW
InterlockedIncrement
CreateEventA
SetLastError
LoadLibraryExW
WriteFile
GetLocalTime
GetVersion
lstrcmpiW
LockResource
FindClose
GetLastError
UnhandledExceptionFilter
lstrlenW
GetFileInformationByHandle
GlobalLock
GetModuleHandleA
GetUserDefaultUILanguage
lstrcatA
ExitProcess
HeapAlloc
LocalAlloc
GetFileAttributesW
GetDateFormatW
GlobalAlloc
SetEnvironmentVariableA
QueryPerformanceCounter
Sleep
FreeLibrary
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
WideCharToMultiByte
CreateFileW
HeapFree
CreateFileMappingW
GetFileType
FindFirstFileA
GetCommandLineW
GetStartupInfoA
GetDateFormatA
RtlUnwind
FoldStringW
CloseHandle
CompareStringW
DeleteFileW
LocalSize
VirtualQuery
FormatMessageW
GlobalFree
HeapDestroy
InterlockedDecrement
MulDiv
SetUnhandledExceptionFilter
GetProcAddress

comdlg32

CommDlgExtendedError
PageSetupDlgW
PrintDlgExW
GetOpenFileNameW
ReplaceTextW
GetSaveFileNameW
FindTextW
GetFileTitleW
ChooseFontW

user32

CharLowerW
PostMessageW
SetCapture
wsprintfW
LoadAcceleratorsW
ShowWindow
SetWinEventHook
GetWindowLongW
SendDlgItemMessageW
DrawTextExW
SetCursor
ReleaseDC
GetDlgItemTextW
TranslateAcceleratorW
LoadIconW
MoveWindow
SetDlgItemTextW
CreateWindowExW
SendDlgItemMessageA
GetMessageW
CreateDialogParamW
LoadImageW
CheckMenuItem
RegisterClassW
DestroyWindow
TranslateMessage
GetWindowRect
CloseClipboard
GetSystemMetrics
LoadCursorW
IsIconic
CreateWindowExA
GetKeyboardLayout
DestroyIcon
MessageBoxW
InvalidateRect
GetDC
WinHelpW
GetDlgCtrlID
DestroyMenu
GetDlgItem
GetSystemMenu
EndDialog
IsDialogMessageW
LoadStringW
GetFocus
ScreenToClient
ChildWindowFromPoint
MessageBoxA
SetActiveWindow
GetSubMenu
EnableWindow
GetAsyncKeyState
GetWindowDC
CallWindowProcW
RegisterClassExW
GetWindowPlacement
DefWindowProcA
DeleteMenu
GetDesktopWindow
GetMenu
GetWindowTextW
UpdateWindow
SetScrollPos
RegisterWindowMessageW
DialogBoxParamW
SetWindowPlacement
UnhookWinEvent
GetCursorPos
GetClientRect
GetMenuState
CharNextW
GetWindowLongA
GetForegroundWindow
GetParent
OpenClipboard
IsWindowEnabled
IsClipboardFormatAvailable
PeekMessageW
SetWindowTextW
GetKeyState
EnableMenuItem
DefWindowProcW
DispatchMessageW
SendMessageW
SetWindowLongW
SetFocus
PostQuitMessage
MessageBeep
CharUpperW

advapi32

RegCloseKey
RegSetValueExW
RegQueryValueExW
IsTextUnicode
RegOpenKeyExA
RegCreateKeyW
RegQueryValueExA

msvcrt

_acmdln
exit
_controlfp
__p__fmode
localtime
_c_exit
_exit
__set_app_type
_initterm
wcstoul
??_U@YAPAXI@Z
_wtol
wcsstr
_snwprintf
__getmainargs
_adjust_fdiv
_XcptFilter
_cexit
iswctype
_iob
__setusermatherr
memcpy
wcsncpy
_errno
wcsncmp
_unlock
time
__p__commode

gdi32

GetDeviceCaps
StartPage
GetTextMetricsW
TextOutW
SetBkMode
StartDocW
SetAbortProc
GetTextExtentPoint32W
DeleteDC
SetWindowExtEx
AbortDoc
CreateFontIndirectW
DeleteObject
EndPage
EndDoc
GetStockObject
SetViewportExtEx
EnumFontsW
SelectObject
CreateDCW
GetObjectW
LPtoDP
SetMapMode
GetTextFaceW

winspool.drv

OpenPrinterW
GetPrinterDriverW
ClosePrinter

comctl32

CreateStatusWindowW

shell32

DragAcceptFiles
ShellAboutW
DragFinish
DragQueryFileW

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 290KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 510KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 258B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f35767e443e7ebea5d4e7a8f1007c4cf

Headers

File Characteristics

Imports

kernel32

comdlg32

user32

advapi32

msvcrt

gdi32

winspool.drv

comctl32

shell32

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 290KB - Virtual size: 289KB

.data Size: 48KB - Virtual size: 510KB

.reloc Size: 512B - Virtual size: 258B

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 290KB - Virtual size: 289KB

.data
Size: 48KB - Virtual size: 510KB

.reloc
Size: 512B - Virtual size: 258B

.rsrc
Size: 7KB - Virtual size: 6KB