05837f0a630354b8b27d15db1fcfc808

Sharing

Copy URL Twitter E-mail

General

Target

05837f0a630354b8b27d15db1fcfc808
Size

521KB
MD5

05837f0a630354b8b27d15db1fcfc808
SHA1

4d8dda083b9d4188edbdba397bd6821a39ecf48c
SHA256

962a4590b3587573ecf49f9dddfc63b3d05ab9af1c2a865d36ed5543f8f9da89
SHA512

1379d96525903a2a85f06332d6557d805884ed1246c244c9b0178700ea2ab8a5af3ad6523176c5a8a58d504576a553d7954331ed7d453992d95719d2e8a0a35d
SSDEEP

6144:2voRx6cnLQlQzAcB0vM3VfVWCgGoC4Ki9Asyubun8pnL0hdQYT4Nwj6Fv9MBRrZN:CsyQKGotKPxubw8pnYh14A6y/tJhAct

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05837f0a630354b8b27d15db1fcfc808

Files

05837f0a630354b8b27d15db1fcfc808
.exe windows:4 windows x86 arch:x86

6e2e8a5291174f88781128cab154b617

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleA
PrintDlgA
ChooseFontA
GetFileTitleW
GetOpenFileNameW
FindTextA
PageSetupDlgW
ChooseFontW
ReplaceTextA

kernel32

ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
EnumDateFormatsA
SetThreadContext
TlsAlloc
AddAtomW
GlobalAddAtomW
WritePrivateProfileStringA
GetLocaleInfoW
IsValidCodePage
GetSystemTime
CreateNamedPipeA
OpenWaitableTimerA
EnumSystemCodePagesA
OpenEventW
GetDriveTypeW
GetUserDefaultLangID
LoadLibraryW
lstrlenA
GetLastError
GetWriteWatch
GlobalReAlloc
DeviceIoControl
EnumDateFormatsW
LocalReAlloc
EnumResourceNamesA
EnumTimeFormatsW
FlushFileBuffers
GetNumberOfConsoleInputEvents
FindFirstChangeNotificationA
FreeEnvironmentStringsA
ReadDirectoryChangesW
CreateProcessW
GetConsoleCursorInfo
GetComputerNameA
EnumResourceNamesW
GetSystemDirectoryW
MultiByteToWideChar
BeginUpdateResourceW
GetCommandLineW
LockFile
WriteConsoleInputW
HeapValidate
InterlockedDecrement
SetHandleCount
SetEnvironmentVariableA
SetLocaleInfoW
GetEnvironmentStringsW
WideCharToMultiByte
LockFileEx
InterlockedIncrement
OpenMutexA
SetCurrentDirectoryW
GlobalGetAtomNameA
GetConsoleCP
GetAtomNameA
GlobalGetAtomNameW
lstrlen
FindResourceA
GetFileAttributesW
SystemTimeToFileTime
WriteProfileSectionW
UpdateResourceW
CreateFileW
Thread32First
FillConsoleOutputAttribute
GetFileTime
FindAtomA
Heap32Next
FileTimeToSystemTime
GetWindowsDirectoryW
MoveFileW
SetConsoleCP
CreateSemaphoreA
GetCommandLineA
WaitForSingleObject
SetThreadPriorityBoost
Thread32Next
GetNumberOfConsoleMouseButtons
GetLongPathNameW
MapViewOfFileEx
HeapUnlock
GetLocalTime
FormatMessageA
WriteProcessMemory
GlobalAddAtomA
FoldStringA
ReadConsoleOutputCharacterW
SearchPathA
lstrcmpiA
CreateMutexA
OpenMutexW
LocalUnlock
GetVolumeInformationA
TlsGetValue
SetComputerNameW
PulseEvent
SetTimeZoneInformation
WritePrivateProfileStructA
GetSystemInfo
GetCalendarInfoA
FillConsoleOutputCharacterW
WriteProfileStringW
OpenFileMappingA
CreateMutexW
WaitForMultipleObjectsEx
ExitThread
GetDateFormatA
CreateDirectoryW
SetWaitableTimer
CreateEventW
CreateToolhelp32Snapshot
WriteProfileStringA
GetEnvironmentVariableA
FindNextChangeNotification
ReadConsoleOutputW
ReadProcessMemory
SetConsoleCursorPosition
SetCriticalSectionSpinCount
EnumSystemLocalesW
CompareStringA
WaitForMultipleObjects
TlsSetValue
GetFullPathNameA
GetWindowsDirectoryA
HeapCompact
FreeResource
OpenWaitableTimerW
GetStringTypeExA
lstrcmpi
GetCompressedFileSizeA
GetProfileSectionW
ReadConsoleW
SetCurrentDirectoryA
GetStringTypeW
LocalHandle
ReleaseSemaphore
AllocConsole
SetEnvironmentVariableW
FindFirstChangeNotificationW
GlobalMemoryStatus
Module32First
FreeLibraryAndExitThread
SetConsoleCursorInfo
MoveFileExA
IsDebuggerPresent
GetModuleHandleW
GetDiskFreeSpaceA
lstrcpynA
GetConsoleTitleW
DefineDosDeviceA
lstrcat
PeekConsoleInputW
FindClose
LocalLock
OpenSemaphoreW
CreateDirectoryExA
lstrcatA
RemoveDirectoryA
GetFileAttributesExW
GetNumberFormatW
OutputDebugStringW
GetStdHandle
FindFirstFileA
GetSystemPowerStatus
DeleteFiber
LoadResource
GlobalCompact
CommConfigDialogA
FindFirstFileExW
GetTempPathW
GetUserDefaultLCID
EnumResourceTypesW
ExpandEnvironmentStringsW
lstrcpynW
UnmapViewOfFile
BeginUpdateResourceA
GetDiskFreeSpaceExW
GetDiskFreeSpaceExA
UnlockFile
HeapDestroy
VirtualProtect
SetConsoleMode
GetProcessHeap
GetCompressedFileSizeW
LocalCompact
GetDateFormatW
LoadLibraryExA
SleepEx
DebugActiveProcess
GetVersion
GetProcessTimes
OpenSemaphoreA
WritePrivateProfileStructW
InterlockedExchangeAdd
SetLocaleInfoA
ConvertDefaultLocale
WriteFileEx
ReadConsoleOutputA
GetExitCodeThread
SetConsoleTextAttribute
GetMailslotInfo
WinExec
GetPrivateProfileSectionA
EscapeCommFunction
LocalAlloc
TransmitCommChar
GetProcessHeaps
Process32Next
GlobalLock
SetThreadExecutionState
ReadConsoleInputA
GetVersionExW
lstrcpyn
ReadConsoleInputW
GetCurrencyFormatA
FreeEnvironmentStringsW
PeekConsoleInputA
CommConfigDialogW
Sleep
GetSystemTimeAdjustment
GetThreadContext
VirtualQueryEx
SetEvent
LocalFileTimeToFileTime
Module32Next
DeleteFileW
IsValidLocale
EnumSystemLocalesA
GetCurrentDirectoryA
lstrcpy
LockResource
GlobalWire
CloseHandle
GetProcessShutdownParameters
GetProcAddress
DeleteCriticalSection
GetTempPathA
MoveFileExW
UnhandledExceptionFilter
GetLocaleInfoA
EnumTimeFormatsA
GlobalHandle
WritePrivateProfileSectionA
GetFileAttributesA
SetVolumeLabelA
GetConsoleTitleA
GetFileAttributesExA
GetNamedPipeHandleStateA
SetConsoleScreenBufferSize
GetTimeFormatA
DebugBreak
GetProfileIntA
CreateFileMappingA
HeapLock
GetPrivateProfileStructW
GetDriveTypeA
GetSystemDirectoryA
LocalFlags
VirtualAllocEx
ContinueDebugEvent
GlobalFindAtomA
SetConsoleTitleW
WaitForDebugEvent
PeekNamedPipe
CreateThread
CreateMailslotW
GetCurrentThread

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 241KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6e2e8a5291174f88781128cab154b617

Headers

File Characteristics

Imports

comdlg32

kernel32

Sections

.text Size: 105KB - Virtual size: 105KB

.sdata Size: 76KB - Virtual size: 76KB

.bss Size: 241KB - Virtual size: 240KB

.idata Size: 97KB - Virtual size: 97KB

.text
Size: 105KB - Virtual size: 105KB

.sdata
Size: 76KB - Virtual size: 76KB

.bss
Size: 241KB - Virtual size: 240KB

.idata
Size: 97KB - Virtual size: 97KB