5ce4c42a50fd0f07ad3be4ec4562329a

Sharing

Copy URL Twitter E-mail

General

Target

5ce4c42a50fd0f07ad3be4ec4562329a
Size

350KB
MD5

5ce4c42a50fd0f07ad3be4ec4562329a
SHA1

c3da015f798ed3d117d910a076e671098982419e
SHA256

79fec105572e974faab2774c88f937256aae6d1f5bf019184beb39f9308edf3c
SHA512

06f83c942db26e88caf9c7d044b822e9385fdef724f224abd926fc9a7af9f9c74990a82f39d1a2a8accee88e3e51ba91a8b98c132d3c3c55e0fac5ed8b96523d
SSDEEP

6144:L/OrlvNkxd1kWMx0nH9LOzrpyNLvf5qflWnum4u76GhkUVpWZl4wO453:iBvM16GhvLvB6nGhkUVelD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ce4c42a50fd0f07ad3be4ec4562329a

Files

5ce4c42a50fd0f07ad3be4ec4562329a
.exe windows:4 windows x86 arch:x86

52648e02f2d898248edb1c74113ad7a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dnsapi

DnsReplaceRecordSetW

ole32

CoCreateInstance
CoTaskMemFree
CoInitializeEx
CoUninitialize

user32

DialogBoxIndirectParamW
SetCursor
GetSysColorBrush
InflateRect
DestroyWindow
PeekMessageW
UpdateWindow
DestroyMenu
DialogBoxIndirectParamAorW
CharNextW
GetDlgCtrlID
ShowWindow
EndDeferWindowPos
GetPropW
SetWindowPlacement
DrawTextW
SetWindowsHookExW
ClipCursor
KillTimer
MessageBoxW
GetWindowLongA
SetTimer
GetWindowLongW
CheckRadioButton
SetCapture
MoveWindow
UnhookWindowsHookEx
WinHelpW
DrawFocusRect
GetWindow
SetDlgItemInt
MapWindowPoints
RegisterWindowMessageA
IsWindowVisible
FillRect
LoadCursorW
CallWindowProcW
ShowCursor
SetWindowTextW
CheckDlgButton
DlgDirListW
RegisterWindowMessageW
GetFocus
SetPropW
GetLastActivePopup
DispatchMessageW
LoadImageW
GetDlgItemTextA
LoadAcceleratorsW
PtInRect
TranslateAcceleratorW
CreateDialogIndirectParamAorW
CreateDialogIndirectParamW
LoadIconW
CopyRect
GetDlgItemInt
MsgWaitForMultipleObjects
GetParent
FrameRect
SetParent
LockWindowUpdate
CreateDialogIndirectParamA
SendDlgItemMessageW
CharPrevW
ReleaseDC
CharNextA
RemovePropW
GetSystemMenu
InvalidateRect
GrayStringW
BeginDeferWindowPos
MessageBeep
PostMessageW
EnumChildWindows
EqualRect
IntersectRect
GetDC
SendMessageW
SetWindowPos
LoadStringW
GetDialogBaseUnits
ChildWindowFromPoint
SetDlgItemTextW
IsWindowEnabled
GetWindowTextW
FindWindowExW
GetDlgItem
SetDlgItemTextA
GetWindowPlacement
GetSysColor
CallNextHookEx
GetDlgItemTextW
SetFocus
GetClientRect
IsWindow
IsDlgButtonChecked
RegisterClipboardFormatW
TranslateMessage
GetWindowTextLengthW
BeginPaint
RedrawWindow
GetSystemMetrics
CreateWindowExW
DeleteMenu
GetKeyState
GetKeyboardLayout
DrawEdge
ValidateRect
CreatePopupMenu
EnableWindow
GetWindowRect
EndPaint
DrawIcon
ScreenToClient
EndDialog
CharLowerW
DeferWindowPos
DefWindowProcW
SetWindowLongW

gdi32

SetBkColor
GetDeviceCaps
CreateCompatibleDC
DeleteObject
CreateDIBitmap
ExcludeClipRect
GetTextCharset
GetTextCharsetInfo
BitBlt
CreateFontW
CreateRectRgnIndirect
TextOutW
ExtTextOutW
CreateDCW
CreateCompatibleBitmap
SelectPalette
GetCharWidth32W
TranslateCharsetInfo
GetWindowExtEx
CreatePen
CreateFontIndirectW
EnumFontFamiliesExW
GetTextExtentPointW
SetMapMode
MoveToEx
GetViewportExtEx
GetObjectW
SetBkMode
SetWindowExtEx
SetViewportExtEx
LineTo
GetTextMetricsW
Rectangle
GetMapMode
PatBlt
GetStockObject
RealizePalette
SetTextColor
GetNearestColor
CreateSolidBrush
DeleteDC
CreateDiscardableBitmap
CreateICW
SelectClipRgn
SelectObject

kernel32

GetCurrentProcess
GetSystemTimeAsFileTime
lstrcpyA
TerminateProcess
GetProfileStringW
GetModuleHandleW
GetProcessVersion
CreateEventW
LoadLibraryA
DeleteCriticalSection
GlobalReAlloc
SizeofResource
SetErrorMode
LoadLibraryW
FindResourceExW
GetShortPathNameW
MulDiv
LocalReAlloc
TlsFree
GetDriveTypeW
GetCurrentProcessId
GlobalFree
GetSystemDefaultUILanguage
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
DisableThreadLibraryCalls
LocalAlloc
GetLastError
FreeResource
WideCharToMultiByte
TlsGetValue
lstrlenA
SetUnhandledExceptionFilter
QueryPerformanceCounter
SetCurrentDirectoryW
GetFullPathNameW
InterlockedCompareExchange
EnterCriticalSection
GlobalLock
FormatMessageW
LeaveCriticalSection
InterlockedDecrement
GlobalAlloc
GetVolumeInformationW
GetModuleFileNameW
FreeLibraryAndExitThread
CreateThread
GetACP
MultiByteToWideChar
GetVersionExA
VirtualAlloc
GetCurrentDirectoryW
GetFileAttributesW
GlobalUnlock
FindClose
GetTempFileNameW
LoadResource
CloseHandle
ResetEvent
InterlockedIncrement
FindResourceW
ExpandEnvironmentStringsW
GetModuleHandleA
lstrlenW
GetUserDefaultLCID
CreateFileW
LocalSize
WaitForSingleObject
DelayLoadFailureHook
SetEvent
FreeLibrary
lstrcmpW
UnhandledExceptionFilter
TlsAlloc
TlsSetValue
FindResourceA
LockResource
GetProcAddress
SetLastError
lstrcpynW
FindFirstFileW
GetLocaleInfoW
LocalFree
lstrcpyW
lstrcmpiW
GetTickCount
DeleteFileW
FindNextFileW

mswsock

AcceptEx
GetAcceptExSockaddrs

comctl32

CreatePropertySheetPageW
PropertySheetW
ImageList_GetIconSize
InitCommonControlsEx
ImageList_Destroy
CreateToolbarEx
ImageList_Draw

advapi32

RegQueryValueExA
RegEnumValueW
RegSetValueExW
RegOpenKeyExA
RegOpenKeyExW
RegCloseKey
RegQueryValueW
RegQueryValueExW

ntdll

RtlUnicodeStringToAnsiString
RtlIsNameLegalDOS8Dot3
RtlUnicodeToMultiByteSize
NtQueryVirtualMemory
_wcsicmp
_vsnwprintf
RtlUnwind
_chkstk
RtlAnsiStringToUnicodeString
wcslen
RtlInitUnicodeStringEx
memmove

ws2_32

WSAStringToAddressA
getaddrinfo
WSALookupServiceEnd
getnameinfo
WSAAddressToStringA
WSAAddressToStringW
WSARecvFrom
WSASocketW
WSALookupServiceBeginW
WSAEventSelect
WSAIoctl
freeaddrinfo
WSASendTo
WSALookupServiceNextW

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 298KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

52648e02f2d898248edb1c74113ad7a2

Headers

DLL Characteristics

File Characteristics

Imports

dnsapi

ole32

user32

gdi32

kernel32

mswsock

comctl32

advapi32

ntdll

ws2_32

Sections

.text Size: 10KB - Virtual size: 10KB

.rsrc Size: 25KB - Virtual size: 25KB

.rdata Size: 14KB - Virtual size: 14KB

.reloc Size: 512B - Virtual size: 20B

.data Size: 298KB - Virtual size: 1.0MB

.text
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 25KB - Virtual size: 25KB

.rdata
Size: 14KB - Virtual size: 14KB

.reloc
Size: 512B - Virtual size: 20B

.data
Size: 298KB - Virtual size: 1.0MB