5e75d69a84876e9f8ef5f796f2519e8b

Sharing

Copy URL Twitter E-mail

General

Target

5e75d69a84876e9f8ef5f796f2519e8b
Size

120KB
MD5

5e75d69a84876e9f8ef5f796f2519e8b
SHA1

e38bb0f445a36a9bf088602d061c5bab465649f7
SHA256

a30b54206edd9cfb6397a0c0c1508845cf061e13f70c4d4d7d3deb7b23c97170
SHA512

26a633b8ce3b702c711ed525046698c3c89f55f27482bcfe6f3a9f39c09b5e7f715cb836e779a3dd33cfd21ea3f28e9d396890f8d6c5811e045d26997723ab97
SSDEEP

3072:H0H5B47WcfHj6tDlHb/rgCFuOk0cnu9mU4k:UHAKcfj6j/BoM6k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e75d69a84876e9f8ef5f796f2519e8b

Files

5e75d69a84876e9f8ef5f796f2519e8b
.exe windows:4 windows x86 arch:x86

25e4bde8dc8f336792442b88afee493a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

AddFontResourceTracking
GetBitmapBits
GetBrushOrgEx
CloseMetaFile
AddFontMemResourceEx
AddFontResourceA
GetPixel
DeleteDC
AddFontResourceExW
CancelDC
AbortPath
SetTextColor
GetCurrentPositionEx
CreateSolidBrush
DeleteObject
GetPixel
CloseFigure
BeginPath

comctl32

ImageList_DragMove
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragLeave
ImageList_LoadImageW
ImageList_GetImageRect
ImageList_DrawEx
ImageList_GetImageCount
ImageList_LoadImageA
ImageList_DrawIndirect
ImageList_DragEnter
ImageList_Remove
ImageList_Draw
ImageList_LoadImage
ImageList_Create
ImageList_Merge
ImageList_Copy
ImageList_GetImageInfo

kernel32

GetModuleHandleA
HeapAlloc
GetStdHandle
HeapFree
GetStringTypeW
lstrcatA
WideCharToMultiByte
GetFileAttributesA
SetLastError
GlobalFree
lstrcmpiA
GetCPInfo
GetLastError
GetModuleFileNameA
GetCommandLineA
CloseHandle
DeleteFileA
FreeLibrary
lstrcpyA
GetDateFormatA

advapi32

RegEnumValueW
RegEnumValueA
RegQueryValueA
RegDeleteValueW
RegOpenKeyW
RegEnumKeyExW
RegQueryValueExA
RegLoadKeyW
RegEnumKeyW
RegDeleteKeyW
RegLoadKeyA
RegEnumKeyExA
RegGetKeySecurity
RegOpenKeyExW
RegReplaceKeyA
RegQueryInfoKeyA
RegCreateKeyW
RegDeleteKeyA
RegQueryValueExW
RegDeleteValueA

user32

GetWindowTextA
GetDlgItem
BlockInput
LoadCursorA
DrawTextA
GetFocus
DrawTextW
LoadMenuA
DrawIconEx
CreateIcon
AlignRects
GetCursor
DialogBoxParamW
EndDialog
CopyIcon
CopyRect
CloseWindow
CalcMenuBar
GetDC

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25e4bde8dc8f336792442b88afee493a

Headers

File Characteristics

Imports

gdi32

comctl32

kernel32

advapi32

user32

Sections

.text Size: 8KB - Virtual size: 4KB

.data Size: 100KB - Virtual size: 96KB

.rdata Size: 4KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 96KB

.rdata
Size: 4KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 1KB