5ce0ba3cdcf5642572313fec24b74be8

Sharing

Copy URL

Twitter E-mail

General

Target

5ce0ba3cdcf5642572313fec24b74be8
Size

526KB
MD5

5ce0ba3cdcf5642572313fec24b74be8
SHA1

591990e1331fbc6dc34144dd41647e1377af0858
SHA256

233978a632101610a3cfdac56261ee0ebe4a81b796dc632494140142d1a3d30e
SHA512

48feebb30bea1a3294091610d79616d1cf7d6a8c743663c7568914f3d175c51927e1e3d5bef0a2453f61e238f541869586381d6baa7f11f5bf34e15607f3a662
SSDEEP

12288:tPH9FmhOQNZ9+k3yRlfDE3QrUmxggVceUUmWo2c7tcUAu:5d4hNpUlE3MXxggVlUUJLc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ce0ba3cdcf5642572313fec24b74be8

Files

5ce0ba3cdcf5642572313fec24b74be8
.exe windows:4 windows x86 arch:x86

10a33c9555f27b56c6cba82389bc60fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
InitializeCriticalSection
DeleteCriticalSection
lstrcpyW
LeaveCriticalSection
EnterCriticalSection
CreateThread
lstrcpynW
TerminateThread
OutputDebugStringW
GetVersionExW
GetTempPathW
DeleteFileW
WriteFile
lstrlenW
CreateMutexW
GetLastError
GetModuleFileNameW
lstrcatW
CreateFileW
CloseHandle
SetFileAttributesW
GetSystemDefaultLangID
GetPrivateProfileStringW
WritePrivateProfileStringW
GetModuleHandleW
FindResourceW
SizeofResource
LoadResource
LockResource
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
FreeLibrary
LoadLibraryW
GetLocalTime
GetProcAddress
GetStartupInfoW

user32

ReleaseDC
GetDlgItem
SetWindowTextW
SetForegroundWindow
DefWindowProcW
GetSystemMetrics
LoadImageW
PostMessageW
EnumWindows
PostQuitMessage
CreateWindowExW
ShowWindow
UpdateWindow
SetTimer
GetDC
LoadCursorW
RegisterClassExW
LoadAcceleratorsW
GetMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
wsprintfW
LoadStringW
SendMessageTimeoutW
RegisterWindowMessageW
SendMessageW
EndDialog
SetWindowLongW
SetWindowsHookExW
SetCursor
CallNextHookEx
GetIconInfo
IsWindowVisible
DrawAnimatedRects
SystemParametersInfoW
FindWindowExW
DestroyIcon
ScreenToClient
GetAsyncKeyState
GetKeyState
GetDoubleClickTime
GetCursorPos
SetRect
GetWindowRect
MoveWindow
SetWindowPos
CreatePopupMenu
AppendMenuW
ClientToScreen
TrackPopupMenu
CheckDlgButton
SetDlgItemTextW
CreateDialogParamW
LoadIconW
KillTimer
CreateIconIndirect

gdi32

SetPixel
GetPixel
CreateBitmap
RestoreDC
SetWorldTransform
SetGraphicsMode
GetStockObject
SaveDC
CreateFontIndirectW
CreateDIBSection
CreateCompatibleDC
SelectObject
DeleteObject
GetWorldTransform
GetObjectW
DeleteDC

advapi32

RegSetValueExW
RegQueryValueExW
RegDeleteValueW
RegOpenKeyW
RegCloseKey

shell32

Shell_NotifyIconW
ShellExecuteW
SHAppBarMessage

ole32

CreateStreamOnHGlobal
OleInitialize

msvcrt

_except_handler3
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
_XcptFilter
_exit
_onexit
__dllonexit
wcscmp
clock
wcscat
free
malloc
wcsstr
wcsrchr
_wtoi
fread
getc
putc
exit
??3@YAXPAX@Z
_ftol
_controlfp
__set_app_type

comctl32

ord17
InitCommonControlsEx

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 490KB - Virtual size: 489KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10a33c9555f27b56c6cba82389bc60fd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

msvcrt

comctl32

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 10KB - Virtual size: 66KB

.rsrc Size: 490KB - Virtual size: 489KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 10KB - Virtual size: 66KB

.rsrc
Size: 490KB - Virtual size: 489KB