50226fd2aa85f618de8e8e23cf59c0ac

Sharing

Copy URL Twitter E-mail

General

Target

50226fd2aa85f618de8e8e23cf59c0ac
Size

298KB
MD5

50226fd2aa85f618de8e8e23cf59c0ac
SHA1

7bb8f1203ee1ab867c621552e8cbb3b4d4c63934
SHA256

fbf707a3cf89b80d95c347fda8a1171b7e3d7568ab267d1d061fc59e33a6200c
SHA512

99e9b7a0a0dc4f1ad4aa929b4f1d31dea7a25296c31a970ced198f02ff724d56573455877002fd01158342556c735fa6e78c95721def7799a86d83f170a20537
SSDEEP

6144:Datb3xOU1UQkJPOvJrPmWtMuJb5WphYN18F:DatXWQ4OvpPmBuRIYNc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50226fd2aa85f618de8e8e23cf59c0ac

Files

50226fd2aa85f618de8e8e23cf59c0ac
.exe windows:4 windows x86 arch:x86

b3082620fcaaff56ea0144da2aed839e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
GetModuleFileNameA
FreeLibrary
ExitProcess
LocalAlloc
LocalFree
CreateFileA
SetFilePointer
CloseHandle
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
WriteFile
DeleteFileA
CreateDirectoryA
GetTempPathA
GetSystemDirectoryA
GetWindowsDirectoryA
WinExec
lstrcpyA
lstrcpynA
lstrcatA
lstrlenA

user32

MessageBoxA

shell32

ShellExecuteA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Sections

CODE
Size: 1KB - Virtual size: 644KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 20B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 35B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mmym520
Size: - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pe
Size: - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.XH999
Size: - Virtual size: 32B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

520mm
Size: - Virtual size: 177B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mmym
Size: - Virtual size: 50B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shoooo
Size: - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MaskPE
Size: - Virtual size: 497B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MaskPE
Size: - Virtual size: 315B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MaskPE
Size: - Virtual size: 354B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MaskPE
Size: - Virtual size: 270B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MaskPE
Size: - Virtual size: 416B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MaskPE
Size: - Virtual size: 414B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MaskPE
Size: - Virtual size: 348B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MaskPE
Size: - Virtual size: 443B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MaskPE
Size: - Virtual size: 385B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shoooo
Size: 273KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MaskPE
Size: 512B - Virtual size: 348B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 350B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 388B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 381B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 413B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 272B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 397B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 251B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 228B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 348B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 355B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 247B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 344B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 239B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 361B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 223B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 441B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 442B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 299B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 302B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 207B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 417B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 327B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 502B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 375B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 264B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 329B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 174B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 272B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: 512B - Virtual size: 339B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.yygw
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b3082620fcaaff56ea0144da2aed839e

Headers

File Characteristics

Imports

kernel32

user32

shell32

advapi32

Sections

CODE Size: 1KB - Virtual size: 644KB

DATA Size: - Virtual size: 10KB

BSS Size: - Virtual size: 7KB

.idata Size: - Virtual size: 12KB

.tls Size: - Virtual size: 20B

.rdata Size: - Virtual size: 35B

.reloc Size: - Virtual size: 40KB

.rsrc Size: - Virtual size: 32KB

mmym520 Size: - Virtual size: 100B

.pe Size: - Virtual size: 100B

.XH999 Size: - Virtual size: 32B

520mm Size: - Virtual size: 177B

mmym Size: - Virtual size: 50B

.shoooo Size: - Virtual size: 268KB

.MaskPE Size: - Virtual size: 497B

.MaskPE Size: - Virtual size: 315B

.MaskPE Size: - Virtual size: 354B

.MaskPE Size: - Virtual size: 270B

.MaskPE Size: - Virtual size: 416B

.MaskPE Size: - Virtual size: 414B

.MaskPE Size: - Virtual size: 348B

.MaskPE Size: - Virtual size: 443B

.MaskPE Size: - Virtual size: 385B

.shoooo Size: 273KB - Virtual size: 276KB

.MaskPE Size: 512B - Virtual size: 348B

.MaskPE Size: 512B - Virtual size: 350B

.MaskPE Size: 512B - Virtual size: 388B

.MaskPE Size: 512B - Virtual size: 381B

.MaskPE Size: 512B - Virtual size: 413B

.MaskPE Size: 512B - Virtual size: 272B

.MaskPE Size: 512B - Virtual size: 397B

.MaskPE Size: 512B - Virtual size: 251B

.MaskPE Size: 512B - Virtual size: 228B

.MaskPE Size: 512B - Virtual size: 348B

.MaskPE Size: 512B - Virtual size: 355B

.MaskPE Size: 512B - Virtual size: 247B

.MaskPE Size: 512B - Virtual size: 344B

.MaskPE Size: 512B - Virtual size: 239B

.MaskPE Size: 512B - Virtual size: 361B

.MaskPE Size: 512B - Virtual size: 223B

.MaskPE Size: 512B - Virtual size: 441B

.MaskPE Size: 512B - Virtual size: 442B

.MaskPE Size: 512B - Virtual size: 299B

.MaskPE Size: 512B - Virtual size: 302B

.MaskPE Size: 512B - Virtual size: 207B

.MaskPE Size: 512B - Virtual size: 417B

.MaskPE Size: 512B - Virtual size: 327B

.MaskPE Size: 512B - Virtual size: 502B

.MaskPE Size: 512B - Virtual size: 375B

.MaskPE Size: 512B - Virtual size: 264B

.MaskPE Size: 512B - Virtual size: 329B

.MaskPE Size: 512B - Virtual size: 174B

.MaskPE Size: 512B - Virtual size: 272B

.MaskPE Size: 512B - Virtual size: 339B

.yygw Size: 6KB - Virtual size: 8KB

CODE
Size: 1KB - Virtual size: 644KB

DATA
Size: - Virtual size: 10KB

BSS
Size: - Virtual size: 7KB

.idata
Size: - Virtual size: 12KB

.tls
Size: - Virtual size: 20B

.rdata
Size: - Virtual size: 35B

.reloc
Size: - Virtual size: 40KB

.rsrc
Size: - Virtual size: 32KB

mmym520
Size: - Virtual size: 100B

.pe
Size: - Virtual size: 100B

.XH999
Size: - Virtual size: 32B

520mm
Size: - Virtual size: 177B

mmym
Size: - Virtual size: 50B

.shoooo
Size: - Virtual size: 268KB

.MaskPE
Size: - Virtual size: 497B

.MaskPE
Size: - Virtual size: 315B

.MaskPE
Size: - Virtual size: 354B

.MaskPE
Size: - Virtual size: 270B

.MaskPE
Size: - Virtual size: 416B

.MaskPE
Size: - Virtual size: 414B

.MaskPE
Size: - Virtual size: 348B

.MaskPE
Size: - Virtual size: 443B

.MaskPE
Size: - Virtual size: 385B

.shoooo
Size: 273KB - Virtual size: 276KB

.MaskPE
Size: 512B - Virtual size: 348B

.MaskPE
Size: 512B - Virtual size: 350B

.MaskPE
Size: 512B - Virtual size: 388B

.MaskPE
Size: 512B - Virtual size: 381B

.MaskPE
Size: 512B - Virtual size: 413B

.MaskPE
Size: 512B - Virtual size: 272B

.MaskPE
Size: 512B - Virtual size: 397B

.MaskPE
Size: 512B - Virtual size: 251B

.MaskPE
Size: 512B - Virtual size: 228B

.MaskPE
Size: 512B - Virtual size: 348B

.MaskPE
Size: 512B - Virtual size: 355B

.MaskPE
Size: 512B - Virtual size: 247B

.MaskPE
Size: 512B - Virtual size: 344B

.MaskPE
Size: 512B - Virtual size: 239B

.MaskPE
Size: 512B - Virtual size: 361B

.MaskPE
Size: 512B - Virtual size: 223B

.MaskPE
Size: 512B - Virtual size: 441B

.MaskPE
Size: 512B - Virtual size: 442B

.MaskPE
Size: 512B - Virtual size: 299B

.MaskPE
Size: 512B - Virtual size: 302B

.MaskPE
Size: 512B - Virtual size: 207B

.MaskPE
Size: 512B - Virtual size: 417B

.MaskPE
Size: 512B - Virtual size: 327B

.MaskPE
Size: 512B - Virtual size: 502B

.MaskPE
Size: 512B - Virtual size: 375B

.MaskPE
Size: 512B - Virtual size: 264B

.MaskPE
Size: 512B - Virtual size: 329B

.MaskPE
Size: 512B - Virtual size: 174B

.MaskPE
Size: 512B - Virtual size: 272B

.MaskPE
Size: 512B - Virtual size: 339B

.yygw
Size: 6KB - Virtual size: 8KB