0503cf91168ba62ca1b45b8e56bd0adc

Sharing

Copy URL

Twitter E-mail

General

Target

0503cf91168ba62ca1b45b8e56bd0adc
Size

150KB
MD5

0503cf91168ba62ca1b45b8e56bd0adc
SHA1

002111bdee58e3dc5614406629ec525df1e73f20
SHA256

a21244c0068375b65ff80f50805035da9530605946ed258f274b6a8ba71548a8
SHA512

1b49f1cdfb448e3012bdf2d7cdcd46cfa9e880f75b9a86649b6d40b8d525526f6081dc954606fd25c4227e4297ded271752eaa8a926968f342cabbd0c2ece3e2
SSDEEP

3072:KgYopRWCh+MQ9WjxUSQYjosMyYMAWwjpytscjct6:KgYOBjxU3PYmWwjUOcjc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0503cf91168ba62ca1b45b8e56bd0adc

Files

0503cf91168ba62ca1b45b8e56bd0adc
.exe windows:4 windows x86 arch:x86

1c1e5dbb9b9cbd3b6e24d761a450952c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
CopyFileA
CreateEventA
CreateEventW
CreateFileA
CreateMutexA
CreateProcessW
CreateThread
DeleteCriticalSection
DeleteFileW
DuplicateHandle
FindResourceA
FormatMessageA
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileSize
GetFileType
GetLastError
GetLocaleInfoW
GetModuleFileNameW
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeExA
GetStringTypeW
GetSystemDirectoryA
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathW
GetUserDefaultLCID
GetVersion
GetVersionExW
GetWindowsDirectoryA
GlobalDeleteAtom
GlobalHandle
GlobalLock
GlobalUnlock
HeapCreate
HeapFree
HeapReAlloc
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
IsBadCodePtr
IsBadWritePtr
IsDBCSLeadByte
IsDebuggerPresent
LCMapStringW
LoadLibraryA
LoadLibraryExW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
MultiByteToWideChar
OutputDebugStringA
ReleaseMutex
RemoveDirectoryA
RtlUnwind
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetThreadLocale
Sleep
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsFree
TlsSetValue
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualQuery
WritePrivateProfileStringA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA
lstrlenW

user32

BeginPaint
CallNextHookEx
CheckMenuItem
CloseClipboard
CreateMenu
CreatePopupMenu
DestroyCursor
DestroyMenu
DestroyWindow
DrawEdge
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
EnableMenuItem
EnableWindow
EqualRect
FrameRect
GetDCEx
GetDesktopWindow
GetDlgItem
GetForegroundWindow
GetKeyState
GetMessageA
GetMessagePos
GetScrollPos
GetScrollRange
GetSubMenu
GetSystemMetrics
GetWindow
GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowThreadProcessId
InsertMenuItemA
InvalidateRect
IsChild
IsDialogMessageA
IsWindowEnabled
IsWindowVisible
KillTimer
LoadIconA
LoadStringA
MapWindowPoints
MessageBoxA
OpenClipboard
PeekMessageA
PtInRect
ReleaseCapture
ReleaseDC
SendDlgItemMessageA
SendMessageA
SetActiveWindow
SetCapture
SetMenu
SetPropA
SetScrollInfo
SetScrollPos
SetWindowPlacement
SetWindowPos
SetWindowsHookExA
ShowCursor
TranslateMessage
UpdateWindow
WinHelpA
WindowFromPoint

gdi32

CreateDIBPatternBrushPt
CreateEnhMetaFileA
CreateFontA
CreateICW
CreateMetaFileW
CreatePalette
CreatePen
CreateRectRgn
CreateRoundRectRgn
DPtoLP
DeleteObject
Ellipse
EndPage
EnumFontFamiliesExW
EnumFontsA
ExcludeClipRect
ExtEscape
ExtSelectClipRgn
ExtTextOutW
FillPath
GetBitmapBits
GetBrushOrgEx
GetCharacterPlacementA
GetClipRgn
GetCurrentObject
GetCurrentPositionEx
GetDIBits
GetDeviceCaps
GetNearestColor
GetNearestPaletteIndex
GetObjectType
GetOutlineTextMetricsA
GetPixel
GetROP2
GetRegionData
GetSystemPaletteEntries
GetTextExtentPoint32A
GetTextFaceA
GetTextMetricsW
GetViewportExtEx
InvertRgn
LPtoDP
PlayMetaFile
PlayMetaFileRecord
PolyBezierTo
Polygon
Polyline
RectVisible
RestoreDC
ScaleViewportExtEx
SelectObject
SetBrushOrgEx
SetMetaFileBitsEx
SetRectRgn
SetTextAlign
SetTextCharacterExtra
SetTextColor
SetWinMetaFileBits
SetWindowOrgEx
SetWorldTransform

shell32

CommandLineToArgvW
DoEnvironmentSubstW
DragQueryFile
DragQueryPoint
ExtractAssociatedIconW
ExtractIconExW
ExtractIconW
SHAppBarMessage
SHBindToParent
SHBrowseForFolder
SHBrowseForFolderA
SHBrowseForFolderW
SHChangeNotify
SHCreateDirectoryExA
SHFileOperationA
SHFileOperationW
SHGetDiskFreeSpaceExW
SHGetFileInfoA
SHGetFileInfoW
SHGetPathFromIDList
SHGetPathFromIDListW
SHGetSettings
SHGetSpecialFolderPathW
ShellExecuteEx
ShellExecuteExA
ShellExecuteExW
ShellExecuteW
Shell_NotifyIconA
Shell_NotifyIconW

comctl32

CreateStatusWindowA
CreateToolbarEx
DestroyPropertySheetPage
ImageList_Add
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragLeave
ImageList_Draw
ImageList_DrawEx
ImageList_GetDragImage
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_SetOverlayImage
ImageList_Write
InitCommonControls
InitCommonControlsEx
InitializeFlatSB
PropertySheetA
PropertySheetW

advapi32

AddAccessAllowedAce
AdjustTokenPrivileges
CheckTokenMembership
ConvertStringSecurityDescriptorToSecurityDescriptorW
CopySid
CryptAcquireContextA
CryptCreateHash
CryptGenRandom
CryptHashData
CryptReleaseContext
DeregisterEventSource
EqualSid
FreeSid
GetLengthSid
GetTokenInformation
GetUserNameA
InitializeSecurityDescriptor
InitiateSystemShutdownA
OpenProcessToken
OpenServiceW
QueryServiceStatus
RegCloseKey
RegDeleteValueA
RegEnumKeyA
RegEnumKeyW
RegEnumValueW
RegFlushKey
RegOpenKeyA
RegOpenKeyExA
RegOpenKeyExW
RegOpenKeyW
RegQueryInfoKeyW
RegQueryValueA
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
RegSetValueExW
SetSecurityDescriptorOwner

msvcrt

_CIasin
_CIcosh
_CIsin
_Getdays
__mb_cur_max
__p___initenv
__wgetmainargs
__winitenv
_acmdln
_errno
_findfirst
_flsbuf
_fmode
_fpclass
_ftol
_mbsnextc
_mbsstr
_mktemp
_open_osfhandle
_purecall
_stricoll
_tzset
clock
freopen
ftell
fwprintf
getc
isdigit
isprint
iswascii
iswxdigit
mktime
strftime
strstr
time
towlower
vswprintf
wcstok
wcsxfrm

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c1e5dbb9b9cbd3b6e24d761a450952c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

advapi32

msvcrt

Sections

.text Size: 38KB - Virtual size: 37KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 85KB - Virtual size: 85KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 38KB - Virtual size: 37KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 85KB - Virtual size: 85KB

.rsrc
Size: 16KB - Virtual size: 16KB