045ec814d404666fa2b21259e3a81e92

Sharing

Copy URL Twitter E-mail

General

Target

045ec814d404666fa2b21259e3a81e92
Size

563KB
MD5

045ec814d404666fa2b21259e3a81e92
SHA1

bd19e7a84227e2d2ad55b103900fd11cfb699ecc
SHA256

9f2b4bdede8872f4ab382572c7579927de8ae241f4fa9ab8835573fa4560049f
SHA512

f7956e6b354bc6857d54cc7abfd92af697c0908c6369d2edabeb6ea30774bad779f0904929c4c31dc94aefa0f0c7855e09bdb79178cfb468d574f1ff227ae839
SSDEEP

12288:CeRdwS5iOg+pCNMbNuCQbQ2LtnUNy6VigZq3f0W:CeDtj7pRQ3VZ64gU3s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
045ec814d404666fa2b21259e3a81e92

Files

045ec814d404666fa2b21259e3a81e92
.exe windows:4 windows x86 arch:x86

d86bbf9520e2179a58015a5741bc6f0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
CompareStringW
GetProcAddress
GetProcessHeap
OutputDebugStringW
EnumSystemLocalesW
EnumDateFormatsW
GetCommandLineW
HeapAlloc
GetLocaleInfoA
VirtualAlloc
ExitProcess
CompareStringA
lstrlenA
TlsFree
GetEnvironmentStringsW
CommConfigDialogW
VirtualQuery
HeapReAlloc
GetTimeZoneInformation
FlushFileBuffers
GetStartupInfoW
LoadLibraryA
RaiseException
GetModuleHandleA
SetHandleCount
GetConsoleMode
LCMapStringA
GetCurrentThread
GetConsoleOutputCP
GetModuleFileNameW
IsValidCodePage
CreatePipe
QueryPerformanceCounter
IsBadReadPtr
SetStdHandle
OpenMutexA
GetModuleFileNameA
EnterCriticalSection
SetFilePointer
InterlockedDecrement
SetEnvironmentVariableA
GetStdHandle
GetTimeFormatA
DebugBreak
CloseHandle
LoadLibraryW
InitializeCriticalSectionAndSpinCount
GetACP
CreateFileA
HeapFree
SetConsoleTitleW
FreeEnvironmentStringsW
WriteFile
EnumDateFormatsExW
GetStartupInfoA
LCMapStringW
SetUnhandledExceptionFilter
GetLastError
VirtualFree
SetConsoleCtrlHandler
WideCharToMultiByte
GetCurrentProcessId
GetCurrentProcess
GetFileType
CreateMutexA
GetDateFormatA
GetVersionExW
GetModuleHandleW
RtlUnwind
CreateDirectoryExW
DeleteCriticalSection
HeapCreate
InitializeCriticalSection
GetLocaleInfoW
FindFirstFileExA
GetConsoleCP
GetStringTypeA
TlsGetValue
InterlockedExchange
WriteConsoleW
GetTickCount
WriteConsoleA
MultiByteToWideChar
EnumSystemLocalesA
HeapDestroy
GetStringTypeW
lstrcatA
IsValidLocale
GetShortPathNameA
LeaveCriticalSection
CreateRemoteThread
TlsSetValue
ReadFile
GetCurrentThreadId
TerminateProcess
FreeLibrary
GetCommandLineA
SetLastError
GetOEMCP
HeapValidate
Sleep
CreateFileW
UnhandledExceptionFilter
HeapSize
IsDebuggerPresent
GetUserDefaultLCID
OutputDebugStringA
GetSystemTimeAsFileTime
TlsAlloc
GetCPInfo

comdlg32

ChooseColorW
GetOpenFileNameA
GetFileTitleW
ChooseFontW

comctl32

InitCommonControlsEx

user32

wsprintfW
RegisterClassA
SendMessageTimeoutW
DeferWindowPos
AdjustWindowRect
RegisterClassExA

Sections

.text
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d86bbf9520e2179a58015a5741bc6f0c

Headers

File Characteristics

Imports

kernel32

comdlg32

comctl32

user32

Sections

.text Size: 332KB - Virtual size: 332KB

.rdata Size: 48KB - Virtual size: 73KB

.data Size: 178KB - Virtual size: 178KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 332KB - Virtual size: 332KB

.rdata
Size: 48KB - Virtual size: 73KB

.data
Size: 178KB - Virtual size: 178KB

.rsrc
Size: 3KB - Virtual size: 2KB