05639b8a02380f2454f38a9418cf105a

Sharing

Copy URL

Twitter E-mail

General

Target

05639b8a02380f2454f38a9418cf105a
Size

943KB
MD5

05639b8a02380f2454f38a9418cf105a
SHA1

ded3b499493517667f8d6137c2678f82221f2d89
SHA256

cb761e9ebf68786be2280e5fe5f5d73405bd92129fc4c52b3057bc3604250e82
SHA512

f1a9b83c25fe9f760bcfd8e86fb8d0e190f0b6205ff2466042fa046617b8207ada17713d13b0a568bdedd5e8b9c725cfd29f408b3775f4c83356d9930cedd71b
SSDEEP

12288:83be3qkyIe9mIhug+gDiHw97wtkOtURx0VWsFVLmUBGri9mddeOsmXfGNyLNgc4I:8vT9JuyPSkOtBRKUBwi9Hmnpg2D9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05639b8a02380f2454f38a9418cf105a

Files

05639b8a02380f2454f38a9418cf105a
.exe windows:5 windows x86 arch:x86

491eb96c4fb8c076cbedd827e87be121

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_itoa
exit
_stricmp
wcstombs
isxdigit
toupper
isdigit
isspace
_c_exit
_exit
_XcptFilter
_cexit
_acmdln
strtol
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
??1type_info@@UAE@XZ
malloc
free
__CxxFrameHandler
strrchr
__dllonexit
_onexit
strtok
atoi
_strnicmp
__getmainargs
_controlfp
?terminate@@YAXXZ
mbstowcs
_setmbcp

user32

MessageBoxA
EmptyClipboard
SetClipboardData
CloseClipboard
GetMessagePos
LoadBitmapA
OpenClipboard
GetFocus
LoadMenuA
GetSubMenu
EnableMenuItem
SetActiveWindow
UpdateWindow
RedrawWindow
LoadCursorA
SetCursor
SendMessageA
EnableWindow
ScreenToClient
GetWindowRect
wsprintfA
LoadIconA
DeleteMenu

gdi32

DeleteObject

shlwapi

wnsprintfA

comctl32

ImageList_AddMasked

shell32

ExtractIconA
DragFinish
DragQueryFileA
ShellAboutA

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
FormatMessageA
GetCurrentProcess
CloseHandle
InterlockedDecrement
InterlockedIncrement
LocalFree
LocalAlloc
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
GetUserDefaultLCID
LoadLibraryExA
TerminateProcess
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SuspendThread
ResumeThread
WinExec
GetLastError
lstrcmpiA
lstrcmpA
GetVersionExA
lstrlenA
GetModuleFileNameA
lstrcpyA
lstrcatA
lstrlenW
LoadLibraryA
GetProcAddress
FreeLibrary
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LeaveCriticalSection
GetStartupInfoA
GetTickCount

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

advapi32

CopySid
AllocateAndInitializeSid
FreeSid
RegDeleteValueA
RegCreateKeyExA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSid
InitializeSecurityDescriptor
EqualSid
AddAccessAllowedAce
InitializeAcl
GetAclInformation
AddAce
LookupAccountNameA
OpenProcessToken
GetTokenInformation
GetLengthSid
RegQueryValueA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
GetSecurityDescriptorLength
MakeSelfRelativeSD
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegQueryValueExA
RegEnumValueA
GetAce
LookupAccountSidA
MapGenericMask
GetSecurityDescriptorDacl
GetExplicitEntriesFromAclA
SetEntriesInAclA
MakeAbsoluteSD
SetSecurityDescriptorDacl
RegQueryInfoKeyA

ole32

CreateBindCtx
MkParseDisplayName
StringFromCLSID
CoTaskMemFree
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
StringFromGUID2
CoFreeUnusedLibraries

winmm

midiOutGetID
midiConnect
midiDisconnect

Sections

.text
Size: 481KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 429KB - Virtual size: 429KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 27KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

491eb96c4fb8c076cbedd827e87be121

Headers

File Characteristics

Imports

msvcrt

user32

gdi32

shlwapi

comctl32

shell32

kernel32

version

advapi32

ole32

winmm

Sections

.text Size: 481KB - Virtual size: 480KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 429KB - Virtual size: 429KB

.edata Size: 27KB - Virtual size: 3.3MB

.text
Size: 481KB - Virtual size: 480KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 429KB - Virtual size: 429KB

.edata
Size: 27KB - Virtual size: 3.3MB