504e2e6df539889699b91804b79edfda

Sharing

Copy URL Twitter E-mail

General

Target

504e2e6df539889699b91804b79edfda
Size

488KB
MD5

504e2e6df539889699b91804b79edfda
SHA1

3522d3d4c3c592d8708ca8adee396a8b15642135
SHA256

7722714a7851bdcbddea77ead3978ce8d536d52f410d83db8d80ab4124360abc
SHA512

951b69e68763ded3fc568fe70647d29295bc222ae079f9cf5efa74c1453b6dbd66c5e4805de039c33e344c46a79fb5c05072f5b4520d5cc28b0e8c77462e9ba5
SSDEEP

6144:OndHz/+WbBqbLUKT0fAV2lwB8RbHuk0b7L8kzAyqOW0HfkxdMH3OtcFViP:OnldIbJgaMO3b7L8k0Un/kxdek

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
504e2e6df539889699b91804b79edfda

Files

504e2e6df539889699b91804b79edfda
.exe windows:4 windows x86 arch:x86

c73e616a2080ac63d2b1c452d88ab5c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragFinish
SHFileOperation
RealShellExecuteA
ExtractIconExA

comdlg32

PageSetupDlgA
GetFileTitleA
FindTextW

user32

DestroyWindow
SendNotifyMessageA
RemoveMenu
TranslateMDISysAccel
GetMenuState
MapVirtualKeyW
CreateWindowExA
IsDialogMessageA
DdeQueryConvInfo
CloseWindowStation
GetUpdateRect
ShowWindow
UnhookWindowsHook
ChildWindowFromPoint
CreateIconIndirect
DefWindowProcA
UnionRect
MapDialogRect
IsWindowUnicode
GetQueueStatus
RegisterDeviceNotificationW
SetWindowContextHelpId
LoadIconA
GetScrollRange
AnimateWindow
RegisterClassA
EnumClipboardFormats
GetActiveWindow
DdePostAdvise
MenuItemFromPoint
DdeSetUserHandle
RegisterClassExA
ReleaseDC
CharUpperBuffA
CharToOemA
DefMDIChildProcA
MessageBoxW
FlashWindowEx
DdeCreateStringHandleW
wsprintfW
UnhookWindowsHookEx
ShowCaret
DdeKeepStringHandle
GetMessageTime
DestroyMenu
SetScrollRange
BroadcastSystemMessageW
DdeImpersonateClient
CascadeWindows
DefFrameProcA
ChangeDisplaySettingsExW
SetShellWindow
ImpersonateDdeClientWindow
SwitchDesktop
NotifyWinEvent
SendIMEMessageExA

gdi32

GetWorldTransform
SetLayout
GetSystemPaletteUse
ScaleViewportExtEx
PlayMetaFile
PtVisible
GetStretchBltMode
SetPixelV
MaskBlt

kernel32

WriteConsoleA
HeapDestroy
GetSystemTimeAsFileTime
LCMapStringA
GetCurrentProcess
HeapReAlloc
HeapFree
GetModuleFileNameA
FreeLibrary
GetConsoleOutputCP
ExitProcess
GetModuleHandleW
LoadModule
InterlockedIncrement
TerminateProcess
CreateMutexA
HeapCreate
SetHandleCount
GetACP
EnumSystemLocalesA
ReadConsoleOutputA
TlsGetValue
TerminateThread
TlsSetValue
GetStartupInfoA
DeleteCriticalSection
SetEnvironmentVariableA
GetProcAddress
GetLocaleInfoW
GetUserDefaultLCID
VirtualFree
GetTickCount
GetTimeFormatA
Sleep
IsValidCodePage
OpenMutexA
LoadLibraryA
GetLastError
GetTimeZoneInformation
GetConsoleCP
InitializeCriticalSectionAndSpinCount
GetFileType
GetStringTypeA
HeapAlloc
GetOEMCP
UnhandledExceptionFilter
WideCharToMultiByte
GetCommandLineW
FreeEnvironmentStringsW
WriteFile
FlushFileBuffers
GetLogicalDriveStringsW
GetModuleHandleA
GetStdHandle
TlsFree
VirtualQuery
TlsAlloc
CompareStringW
InterlockedExchange
EnterCriticalSection
SetUnhandledExceptionFilter
GetModuleFileNameW
GetCommandLineA
WriteConsoleW
GetDateFormatA
SetConsoleCtrlHandler
GetCurrentThreadId
MultiByteToWideChar
RtlUnwind
FindNextFileA
IsDebuggerPresent
SetFilePointer
SetLastError
IsValidLocale
GetLogicalDriveStringsA
GetCPInfo
CompareStringA
GetLocaleInfoA
GetStartupInfoW
GetStringTypeW
GetConsoleMode
GetCurrentProcessId
GetEnvironmentStringsW
GetCurrentThread
LeaveCriticalSection
SetStdHandle
CreateFileA
CloseHandle
ReadFile
VirtualAlloc
HeapSize
LCMapStringW
InterlockedExchangeAdd
WriteConsoleOutputCharacterW
InterlockedDecrement
QueryPerformanceCounter

advapi32

RegLoadKeyA
RegQueryValueW
RegSetValueA
RegQueryInfoKeyW
LookupSecurityDescriptorPartsA
CryptSetKeyParam
InitiateSystemShutdownA
LookupPrivilegeNameA
RegCreateKeyExA
LookupSecurityDescriptorPartsW
RegEnumKeyA
RegQueryValueA
RegCloseKey
LookupPrivilegeNameW
RegRestoreKeyW
CryptEnumProviderTypesW
CryptReleaseContext
LookupAccountSidA
RegFlushKey
CryptDuplicateHash
CryptGetUserKey
LookupAccountSidW

comctl32

ImageList_LoadImageW
MakeDragList
ImageList_GetIcon
DrawStatusText
ImageList_AddMasked
ImageList_Merge
CreateToolbar
InitCommonControlsEx
ImageList_GetFlags
ImageList_Copy
ImageList_GetImageRect
ImageList_DragEnter
ImageList_DrawEx
ImageList_Replace
ImageList_GetDragImage
DrawStatusTextW

Sections

.text
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c73e616a2080ac63d2b1c452d88ab5c5

Headers

File Characteristics

Imports

shell32

comdlg32

user32

gdi32

kernel32

advapi32

comctl32

Sections

.text Size: 148KB - Virtual size: 145KB

.rdata Size: 140KB - Virtual size: 136KB

.data Size: 96KB - Virtual size: 111KB

.rsrc Size: 100KB - Virtual size: 97KB

.text
Size: 148KB - Virtual size: 145KB

.rdata
Size: 140KB - Virtual size: 136KB

.data
Size: 96KB - Virtual size: 111KB

.rsrc
Size: 100KB - Virtual size: 97KB