506d421ae148a8596c9b10f0c89a83a1

Sharing

Copy URL Twitter E-mail

General

Target

506d421ae148a8596c9b10f0c89a83a1
Size

84KB
MD5

506d421ae148a8596c9b10f0c89a83a1
SHA1

07660c0ba3993be38a7ac1829f699777de499e5d
SHA256

c8afe2bd7ee3987dfb345c52cc33e4c521e001c4db35ad9462029dc197e82702
SHA512

45ff28f9efaa67cedeaebefc7d32866120cd7f66a8717a9dd0c462f10f233ddca0dcfd783b60cc5bb44cdc9be6b65fb16e1625f1aed6945b15da72e6050ab662
SSDEEP

1536:33AfzIEB5zDyVPDgilTtLQSaqkVO61x94jlrRdB/hJfT6h:33ALxtyZHLQSaqkH4B9dB72

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
506d421ae148a8596c9b10f0c89a83a1

Files

506d421ae148a8596c9b10f0c89a83a1
.exe windows:4 windows x86 arch:x86

5e42eebaa2d529556a7137b90bb78c85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
lstrcmpiA
GetLastError
GetModuleHandleA
GlobalAlloc
GetModuleFileNameA
GetStdHandle
lstrcpyA
GetFileAttributesA
Sleep
GlobalFree
lstrlenA
GetFileSize
SetLastError
HeapAlloc
GetCommandLineA
GetStringTypeA
DeleteFileA
GetStringTypeW

user32

DialogBoxParamW
DialogBoxParamA
LoadCursorA
GetFocus
IsMenu
AppendMenuW
DrawTextA
GetMenu
BlockInput
DrawTextW
IsWindow
CopyRect
InsertMenuA
GetWindowTextA
CloseWindow
LoadMenuA
GetCursor
CreateIcon

comctl32

ImageList_AddIcon
ImageList_Remove
ImageList_Draw
ImageList_DrawEx
InitCommonControls
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_AddMasked
ImageList_DragLeave
ImageList_DragMove
ImageList_EndDrag
ImageList_Destroy
ImageList_BeginDrag
ImageList_GetImageRect
ImageList_DragShowNolock
ImageList_Replace
ImageList_LoadImage
ImageList_Merge
ImageList_DrawIndirect
ImageList_GetImageInfo

gdi32

AddFontResourceTracking
ClearBitmapAttributes
BeginPath
AddFontResourceExA
BitBlt
CreateSolidBrush
AddFontResourceW
ClearBrushAttributes
GetDCOrgEx
RestoreDC
AbortPath
GetBitmapBits
DeleteObject
CloseMetaFile
ExcludeClipRect
AddFontMemResourceEx
GetPixel
GetClipBox

advapi32

RegEnumKeyExW
RegDeleteValueW
RegEnumValueW
RegEnumKeyA
RegCreateKeyExA
RegDeleteKeyW
RegGetKeySecurity
RegDeleteValueA
RegQueryValueW
RegLoadKeyW
RegDeleteKeyA
RegOpenKeyW
RegCreateKeyW
RegFlushKey
RegQueryValueA
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyW

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e42eebaa2d529556a7137b90bb78c85

Headers

File Characteristics

Imports

kernel32

user32

comctl32

gdi32

advapi32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 64KB - Virtual size: 139KB

.reloc Size: - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 64KB - Virtual size: 139KB

.reloc
Size: - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 2KB