045c2fd427526dc632432d8f416f4554

Sharing

Copy URL Twitter E-mail

General

Target

045c2fd427526dc632432d8f416f4554
Size

58KB
MD5

045c2fd427526dc632432d8f416f4554
SHA1

c635367c9833f3303eadc320c00e21300eb2f0fb
SHA256

2f1151891fd2ff3220b57df7bc614f0de0d9c7e1909c3091c53163828ee00fdb
SHA512

9946d6d68108c0910fd69cb3219ca9b2fca38bf370f240435da843fe9e27f4d7560f085d1570bf325e1df5657e7765bf21d31ad763728fc71fdad6e7aefedd50
SSDEEP

1536:mYOx5jou0sWztkYSCds1NAcvThOaWqZBAoXIDpAO:0x5j3WztF+1Gcv17WwiF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
045c2fd427526dc632432d8f416f4554

Files

045c2fd427526dc632432d8f416f4554
.exe windows:4 windows x86 arch:x86

aa359fb05d0421e559f7f443e7220fd6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
IsWindow
FindWindowA
GetMenu
GetWindowTextA
wsprintfA
BlockInput
SetForegroundWindow
SetFocus
ShowWindow
keybd_event
VkKeyScanA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
CharLowerA
FindWindowExA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysFreeString
SysAllocString
VariantClear
VariantChangeType
VariantCopy
VariantInit

kernel32

GetStartupInfoA
lstrcatA
WideCharToMultiByte
GetFileAttributesA
GetLogicalDriveStringsA
SetFileAttributesA
TerminateThread
GetDriveTypeA
FindFirstFileA
SetCurrentDirectoryA
GetFullPathNameA
FindNextFileA
FindClose
lstrcpyA
lstrcmpA
lstrcpynA
CreateDirectoryA
CopyFileA
GetFileSize
SetFilePointer
CreateFileMappingA
MapViewOfFile
lstrlenA
UnmapViewOfFile
ExitThread
Sleep
CreateThread
GetTempPathA
CloseHandle
WriteFile
CreateFileA
GetSystemDirectoryA
GetLastError
ExitProcess
lstrcmpiA
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForSingleObject
CreateProcessA
GlobalUnlock
GlobalLock
GlobalAlloc
ExpandEnvironmentStringsA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
LoadLibraryA
ReleaseMutex
CreateMutexA
GetLocaleInfoA
GetVersionExA
GetWindowsDirectoryA
InterlockedDecrement
GlobalFree

msvcrt

toupper
_snprintf
strtok
fread
strncat
wcslen
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
_strdup
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_strlwr
strncpy
strstr
strcpy
rand
strlen
fopen
strcat
strcmp
sprintf
strchr
srand
memset
memcpy
atoi
free
malloc
__CxxFrameHandler
_EH_prolog
memcmp
_vsnprintf
??2@YAPAXI@Z

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
GetUserNameA

ws2_32

socket
sendto
htons
closesocket
setsockopt
WSACleanup
WSASocketA
WSAStartup
connect
ioctlsocket

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa359fb05d0421e559f7f443e7220fd6

Headers

File Characteristics

Imports

user32

ole32

oleaut32

kernel32

msvcrt

advapi32

ws2_32

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 279KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 279KB

.rsrc
Size: 4KB - Virtual size: 4KB