50838e27e9c1737bbaa4d9021d47d36f

Sharing

Copy URL Twitter E-mail

General

Target

50838e27e9c1737bbaa4d9021d47d36f
Size

59KB
MD5

50838e27e9c1737bbaa4d9021d47d36f
SHA1

1ed9d08980ad1f9b7b81c8beb9187f137daa94d1
SHA256

50cba8a31db76a7b17ad83ca770e03fc7898eb7bf4094534425722f2c02147ec
SHA512

57b57a67ff9cb8674303e068e34e44977275bfc1d2601ed373b720829e6b051b7561f100a93bf547223ac146a958af4ab62f17bab83705cc7fb43e7f3a830339
SSDEEP

1536:n0+AyOm+m7Rr4ulYAbjZE6u1kFFI+8kD6:n0+AyH7Cqt2qL1D6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50838e27e9c1737bbaa4d9021d47d36f

Files

50838e27e9c1737bbaa4d9021d47d36f
.exe windows:4 windows x86 arch:x86

1afd3c4761e69dd81d4a38310766d964

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFindAtomA
GetModuleFileNameA
GetProfileStringA
InterlockedCompareExchange
GetComputerNameA
ContinueDebugEvent
GetExitCodeThread
EnumDateFormatsA
EnumResourceTypesA
SizeofResource
GetFullPathNameA
GlobalFlags
ReleaseSemaphore
IsValidCodePage
ReadConsoleOutputA
GetNumberFormatA
GetSystemDirectoryA
WaitCommEvent
InterlockedExchange
Heap32ListNext
ReadConsoleA
GetCurrentProcessId
GetStringTypeExA
FreeLibrary
SetProcessAffinityMask
FindFirstFileA
ReadProcessMemory
GetProcessHeaps
TransactNamedPipe
CreateNamedPipeA
CreateProcessA
SystemTimeToTzSpecificLocalTime
DebugActiveProcess
DisconnectNamedPipe
EnumSystemLocalesA
WaitForMultipleObjects
GetLogicalDriveStringsA
CompareStringA
VirtualAlloc
CancelIo
GetVersionExA
GetSystemPowerStatus
GlobalAddAtomA
GetPrivateProfileStructA
DeleteAtom
GetLongPathNameA
GetCommandLineA
SetSystemTime
WritePrivateProfileStringA
SetFilePointer
GetOverlappedResult
CloseHandle
TlsSetValue
ResumeThread
SetLocalTime
GetConsoleOutputCP
OpenSemaphoreA
TerminateThread
RequestDeviceWakeup
CommConfigDialogA

shlwapi

UrlGetLocationA
PathMakePrettyA
SHRegCreateUSKeyA
StrRChrIA
SHCreateStreamWrapper
PathCommonPrefixA
AssocQueryStringA
StrToIntExA
StrSpnA
StrCSpnA
StrIsIntlEqualA
PathIsUNCA
PathStripToRootA
SHAutoComplete
PathGetDriveNumberA
SHRegOpenUSKeyA
UrlIsOpaqueA
HashData
ColorHLSToRGB
SHIsLowMemoryMachine
PathQuoteSpacesA
UrlCombineA
SHDeleteValueA
PathFindOnPathA
PathRemoveBlanksA
StrFormatByteSize64A
PathFileExistsA
PathIsRelativeA
PathAppendA
StrChrIA

user32

GetTopWindow

Sections

.pkdkb
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vargz
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xyzg
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vqxuf
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1afd3c4761e69dd81d4a38310766d964

Headers

File Characteristics

Imports

kernel32

shlwapi

user32

Sections

.pkdkb Size: 22KB - Virtual size: 45KB

.vargz Size: 5KB - Virtual size: 10KB

.xyzg Size: 1024B - Virtual size: 1KB

.vqxuf Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.pkdkb
Size: 22KB - Virtual size: 45KB

.vargz
Size: 5KB - Virtual size: 10KB

.xyzg
Size: 1024B - Virtual size: 1KB

.vqxuf
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB