05c7f55aa303bcd1548c1e37c486c7da

Sharing

Copy URL Twitter E-mail

General

Target

05c7f55aa303bcd1548c1e37c486c7da
Size

564KB
MD5

05c7f55aa303bcd1548c1e37c486c7da
SHA1

69d595c20289441730dad335ac360c11dc357759
SHA256

c2d751d997768478dee24349ac58b06885cab3034bf912443a244edf53dcfbee
SHA512

fac7cc942fc4ce7e46f27feeaa96a32a31e1ff422589eed90e50a241b69f4a1bb0e966ce9a107af1796c4105f9c465457d7f4110b7457fa98a233f42b4cba437
SSDEEP

12288:ce3LIstoTe7GnzMpANGC5Ds/6xsbyWTllyqcdfB8oe:j3LIsqTe7GnzMpxC5vsbPBlEZB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05c7f55aa303bcd1548c1e37c486c7da

Files

05c7f55aa303bcd1548c1e37c486c7da
.exe windows:4 windows x86 arch:x86

a372534733ad6f71441371d4274f2fc9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetSaveFileNameW
PrintDlgA

kernel32

TlsSetValue
FreeEnvironmentStringsW
LCMapStringA
GetTickCount
WaitCommEvent
EnumResourceNamesW
CreateFileA
lstrcpynW
GetStringTypeExW
LeaveCriticalSection
GetProcAddress
ExitProcess
FlushFileBuffers
lstrcmpi
FindFirstFileA
lstrcatA
GetLogicalDrives
CreateMailslotW
FindResourceExW
lstrcatW
MoveFileA
GlobalReAlloc
DebugActiveProcess
GetEnvironmentStrings
TlsAlloc
OpenMutexA
QueryPerformanceCounter
RtlFillMemory
TerminateProcess
UnlockFile
CloseHandle
VirtualFree
WideCharToMultiByte
GetMailslotInfo
GetCommandLineW
GetProfileStringA
LocalSize
ConnectNamedPipe
WritePrivateProfileStructW
GetStringTypeW
GetShortPathNameA
GetFileSize
LoadLibraryA
GetModuleFileNameW
SetConsoleCP
lstrcpyn
ReadConsoleW
HeapDestroy
GetStartupInfoW
GetModuleHandleA
OpenSemaphoreA
GetCurrentThreadId
GetPrivateProfileStructW
GetTimeFormatW
MoveFileExA
TlsGetValue
LCMapStringW
WaitForMultipleObjectsEx
GetVersion
GetTimeZoneInformation
WriteConsoleOutputW
GetStringTypeA
OutputDebugStringA
InterlockedIncrement
GetStdHandle
UnhandledExceptionFilter
SetFileAttributesW
SetStdHandle
InitializeCriticalSection
GetProfileIntW
FoldStringW
GetSystemDirectoryA
SetFilePointer
FileTimeToDosDateTime
VirtualQuery
GetCurrentThread
HeapAlloc
GetLastError
CreateDirectoryA
GlobalCompact
TransmitCommChar
GetCurrentProcessId
SetConsoleCtrlHandler
GetLocalTime
InitializeCriticalSectionAndSpinCount
TlsFree
IsBadWritePtr
CreateMailslotA
GetCompressedFileSizeW
LoadLibraryExA
HeapSize
InterlockedExchange
GetCurrentProcess
GetCommandLineA
EnumSystemCodePagesW
GetModuleFileNameA
GetEnvironmentStringsW
SetLastError
LoadLibraryExW
WriteConsoleOutputA
SetHandleCount
EnterCriticalSection
CompareStringA
ExitThread
lstrcpynA
InterlockedExchangeAdd
CreateMutexA
WritePrivateProfileStructA
DeleteAtom
InterlockedDecrement
HeapCreate
HeapFree
GetSystemTime
RtlUnwind
HeapReAlloc
GetProfileSectionA
WriteFile
ReadFile
GetStartupInfoA
lstrcmpW
VirtualUnlock
MultiByteToWideChar
DeleteCriticalSection
CreatePipe
SetThreadContext
FindNextFileA
SetVolumeLabelW
GetConsoleMode
FreeEnvironmentStringsA
SetFileTime
SetEnvironmentVariableA
VirtualAlloc
LockFile
CompareStringW
GetCPInfo
HeapLock
GetSystemTimeAsFileTime
SetConsoleTitleW
GetFileType

comctl32

CreatePropertySheetPageW
InitCommonControlsEx
ImageList_DragEnter
ImageList_GetImageInfo
ImageList_Remove
ImageList_ReplaceIcon
ImageList_Create
CreateUpDownControl
ImageList_SetImageCount
ImageList_Add
DrawStatusText
CreatePropertySheetPageA
ImageList_LoadImageA

user32

SetWindowsHookExW
NotifyWinEvent
SendInput
DdeInitializeA
TranslateAccelerator
wvsprintfA
DestroyWindow
MessageBoxA
ShowCaret
CloseDesktop
DdeQueryNextServer
BlockInput
BroadcastSystemMessageA
ArrangeIconicWindows
GetThreadDesktop
RegisterClassExA
DdeReconnect
GetMenuItemID
EnumWindowStationsA
ReleaseCapture
DrawIconEx
FindWindowExA
IsChild
CharLowerBuffW
GetMenuStringA
PostMessageW
EnumClipboardFormats
RealChildWindowFromPoint
DrawAnimatedRects
DefWindowProcA
SetCaretBlinkTime
GetClipboardSequenceNumber
ShowWindow
ImpersonateDdeClientWindow
CreateWindowExW
RegisterClassA

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a372534733ad6f71441371d4274f2fc9

Headers

File Characteristics

Imports

comdlg32

kernel32

comctl32

user32

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 252KB - Virtual size: 249KB

.data Size: 116KB - Virtual size: 138KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 252KB - Virtual size: 249KB

.data
Size: 116KB - Virtual size: 138KB

.rsrc
Size: 20KB - Virtual size: 16KB