054423c7a07e0cbf05000f2a4ced2995

Sharing

Copy URL Twitter E-mail

General

Target

054423c7a07e0cbf05000f2a4ced2995
Size

511KB
MD5

054423c7a07e0cbf05000f2a4ced2995
SHA1

266d54e7968b7617261557ca0b43da00cd8489d6
SHA256

7eb10f4cc06da001238ffba3486883c8acce9cf27bf060648c343df3f0ba5f23
SHA512

01c77b455b32c4bed0802baedd27df98c8a5f50d09e370dde4730e504a1d46dc830a10e240e3220f95ccb4c313a434d9a31091cf11f0f67fb8b40c3e6edefc7e
SSDEEP

6144:k8DYGdx6XVEwII0YLyEXME4vtfOt046qrRO0+UQAurywhXKDRFyB8vTEWGnF06I6:kivPdI030m439OaQ33FowB8vTEWGJ+a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
054423c7a07e0cbf05000f2a4ced2995

Files

054423c7a07e0cbf05000f2a4ced2995
.exe windows:4 windows x86 arch:x86

b91edea95c3d21239b82532c497c0a4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
HeapLock
InitializeCriticalSection
TerminateProcess
GetEnvironmentStringsW
SetConsoleWindowInfo
SetConsoleOutputCP
InterlockedIncrement
HeapFree
UnhandledExceptionFilter
GetStartupInfoA
HeapDestroy
GetProcAddress
GetEnvironmentStrings
IsBadWritePtr
VirtualAlloc
SetEnvironmentVariableA
RtlUnwind
SetHandleCount
GetLastError
SetLocalTime
SetStdHandle
ExitProcess
CompareStringW
VirtualProtectEx
MultiByteToWideChar
GetModuleFileNameA
GetSystemTimeAsFileTime
FlushFileBuffers
VirtualFree
GetFileAttributesExW
VirtualFreeEx
FindFirstFileExA
CreateMutexA
GetCommandLineA
MoveFileExW
SetLastError
GetStringTypeA
GetCurrentThreadId
FreeEnvironmentStringsA
GetCurrentThread
GetSystemTime
WritePrivateProfileStringA
LoadLibraryA
CloseHandle
HeapAlloc
WideCharToMultiByte
GetCurrentProcess
OpenMutexA
GetVersionExW
GetOEMCP
TlsAlloc
ResetEvent
GetCurrentProcessId
TlsGetValue
GetStdHandle
WriteFile
DeleteCriticalSection
LeaveCriticalSection
GetStringTypeW
LCMapStringA
GetComputerNameA
LockFile
HeapReAlloc
GlobalUnlock
GetProfileSectionA
TlsFree
CompareStringA
OpenProcess
EnumDateFormatsW
GetACP
FreeEnvironmentStringsW
InterlockedDecrement
SetFilePointer
GetFileType
QueryPerformanceCounter
GetCPInfo
GetTimeZoneInformation
VirtualQuery
GetVersion
EnterCriticalSection
GetTickCount
LCMapStringW
TlsSetValue
InterlockedExchange
GetLocalTime
HeapCreate
ReadFile

comctl32

InitCommonControlsEx

user32

wsprintfW
TrackMouseEvent
GetProcessWindowStation
RegisterClassA
SendIMEMessageExA
PostMessageW
SetThreadDesktop
CallMsgFilterA
CharLowerBuffA
GetMenu
GetPropA
DlgDirSelectComboBoxExW
CreateCursor
RegisterClassExA
GetAltTabInfo
ReuseDDElParam

Sections

.text
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b91edea95c3d21239b82532c497c0a4e

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 181KB - Virtual size: 181KB

.rdata Size: 4KB - Virtual size: 22KB

.data Size: 314KB - Virtual size: 313KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 181KB - Virtual size: 181KB

.rdata
Size: 4KB - Virtual size: 22KB

.data
Size: 314KB - Virtual size: 313KB

.rsrc
Size: 11KB - Virtual size: 10KB