05a35171930fa9a07e7993cab7a3e8ae

Sharing

Copy URL Twitter E-mail

General

Target

05a35171930fa9a07e7993cab7a3e8ae
Size

537KB
MD5

05a35171930fa9a07e7993cab7a3e8ae
SHA1

73f2fe0d63fe50cb60b0f2744e6bbd77088d3d0d
SHA256

e474711f8eece6486ff8dc24ed7a19bc5105691a6e9ab5ba93befe763dba771c
SHA512

afaaf44e140b036e5601da83535717567912a33aa5496d8b0eada72de136361e992d5a6ead05d0f85c05794f84f59f9309c857ecb9cec272cc574b763ab2132c
SSDEEP

12288:eTxIaUEm+jbULiDaEGl8NX8IBWmnv4kg27tisV9u3:ePrv0LiD/lXPo2Ri298

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05a35171930fa9a07e7993cab7a3e8ae

Files

05a35171930fa9a07e7993cab7a3e8ae
.exe windows:4 windows x86 arch:x86

3d5d3008e98f30165ac6545da8daa652

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetFontData
GetDCOrgEx
EnumFontFamiliesA
CreateICA
GetRasterizerCaps
CreateBrushIndirect
PolyDraw
GetNearestPaletteIndex

comctl32

InitCommonControlsEx

wininet

DeleteUrlCacheEntryW
InternetQueryDataAvailable
FtpRenameFileW
GopherGetLocatorTypeA
InternetOpenUrlA
HttpOpenRequestW
DeleteUrlCacheContainerA
InternetAutodialHangup
SetUrlCacheHeaderData

kernel32

GetStdHandle
GetCommandLineA
MultiByteToWideChar
GetModuleFileNameA
CompareStringW
MoveFileExA
TlsSetValue
GetLocaleInfoW
HeapCreate
OpenMutexA
CloseHandle
InitializeCriticalSection
GetLocaleInfoA
SetFilePointer
GetCurrentProcessId
GetSystemInfo
InterlockedExchange
LCMapStringA
MoveFileExW
GetEnvironmentStringsW
WriteFile
LeaveCriticalSection
GetConsoleTitleA
GetFileAttributesA
SetLastError
GetModuleHandleA
GetProcessAffinityMask
GetCurrentDirectoryW
CreateMutexA
GetStringTypeW
HeapDestroy
VirtualQuery
ResetEvent
TlsFree
GetACP
GetStartupInfoW
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
CompareStringA
IsBadWritePtr
PulseEvent
HeapFree
GetPrivateProfileStringA
HeapAlloc
GetTimeFormatA
FlushFileBuffers
TryEnterCriticalSection
SetHandleCount
GetStartupInfoA
GetTickCount
ReadFile
GetTimeZoneInformation
IsValidCodePage
GetProcAddress
LoadLibraryA
CreateDirectoryExW
GetOEMCP
EnumSystemLocalesA
TlsAlloc
GetVersionExA
GetCurrentThread
GetCPInfo
QueryPerformanceCounter
GlobalFindAtomW
HeapSize
SetCriticalSectionSpinCount
GetEnvironmentStrings
VirtualAlloc
TlsGetValue
InterlockedExchangeAdd
WaitNamedPipeA
TerminateProcess
SetEnvironmentVariableA
IsValidLocale
GetCurrentThreadId
GetDateFormatA
VirtualProtect
LocalLock
GetFileType
DeleteCriticalSection
GetTempPathA
RtlUnwind
LCMapStringW
FreeEnvironmentStringsW
GetLastError
GetUserDefaultLCID
SetStdHandle
GetCommandLineW
GetModuleFileNameW
GetCurrentProcess
CreateProcessA
LockResource
EnterCriticalSection
GetShortPathNameA
GetFileAttributesExA
GetSystemTimeAsFileTime
HeapReAlloc
ExitProcess
GetStringTypeA
FreeEnvironmentStringsA
VirtualFree
ReadConsoleOutputAttribute
UnhandledExceptionFilter

user32

RegisterClassExA
CloseWindow
GetClassInfoExW
GetDlgItemInt
CreateDialogIndirectParamW
DlgDirListA
GetMessageA
SetWindowsHookExW
SetClassLongA
RegisterClassW
SetForegroundWindow
RegisterClassA
GetMonitorInfoW
OpenWindowStationW
ReuseDDElParam
AnimateWindow
DialogBoxIndirectParamW
InvalidateRgn
SetWindowTextA

shell32

DragFinish
SHBrowseForFolderA
DuplicateIcon
SHGetPathFromIDListW
InternalExtractIconListA

comdlg32

FindTextA
GetOpenFileNameW
GetSaveFileNameA

Sections

.text
Size: 205KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d5d3008e98f30165ac6545da8daa652

Headers

File Characteristics

Imports

gdi32

comctl32

wininet

kernel32

user32

shell32

comdlg32

Sections

.text Size: 205KB - Virtual size: 204KB

.rdata Size: 9KB - Virtual size: 26KB

.data Size: 317KB - Virtual size: 316KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 205KB - Virtual size: 204KB

.rdata
Size: 9KB - Virtual size: 26KB

.data
Size: 317KB - Virtual size: 316KB

.rsrc
Size: 5KB - Virtual size: 5KB