50ca5c42aaa7c0c093f2d0288b140b62

Sharing

Copy URL

Twitter E-mail

General

Target

50ca5c42aaa7c0c093f2d0288b140b62
Size

25KB
MD5

50ca5c42aaa7c0c093f2d0288b140b62
SHA1

f61d86285591765394c5cae459f36af51c36f5e4
SHA256

800d5ffd368a455fea9d199e5b3a8f8b1b1e9aeec7e586320dda66746307432a
SHA512

c3d0b048c8d1c817bc1e1de3b4147120440dac4ef5e68cd865277d686c0b154d967569636492482474abf5fa1f4a0bfeca3ba8b1d718c93e9d583a0d46a4f908
SSDEEP

384:oGx4bTmc4O7/fPj4VfQQIAV44PALmR1BftY2qRMlNxOvYhykbXX5lSPl:oP4Ojfr4Vf/I6I2aCBOQ4kbXX5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50ca5c42aaa7c0c093f2d0288b140b62

Files

50ca5c42aaa7c0c093f2d0288b140b62
.exe windows:4 windows x86 arch:x86

0fad2f281cd7fa2f117f89fe1aa50103

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

getenv
wcscmp
_wcsnicoll
_getch
_creat
towlower
fscanf
wcsstr
_wrmdir
_wtempnam
_ismbckata
_ismbbkprint
_wfullpath
_spawnl
wcspbrk
_wgetcwd
_mbctohira
_mbcjmstojis
_pgmptr
_atodbl
vprintf
ftell
asctime
__threadhandle
log10
_eof
freopen
__CxxFrameHandler
_wsplitpath
_daylight
wctomb
_wcsdup
gmtime
_errno

user32

GetTitleBarInfo
GetCapture
SetRectEmpty
DrawTextW
EnumDisplaySettingsA
DestroyCursor
ShowWindow
CloseClipboard
InternalGetWindowText
GetKeyboardState
GetTabbedTextExtentA
GetWindowLongW
EnumThreadWindows
MapVirtualKeyW
CascadeWindows
ClipCursor
PostThreadMessageA
DdeUnaccessData
PaintDesktop
LookupIconIdFromDirectory
keybd_event
GetMenu
GetSysColorBrush
UnregisterHotKey
SendIMEMessageExA
SubtractRect
EnumDisplayMonitors
TrackPopupMenu
PackDDElParam
GetUserObjectInformationA
TileChildWindows
ScreenToClient

advapi32

CryptGetUserKey
RegCloseKey
RegCreateKeyExW
CryptSetProviderExW
QueryServiceConfigA
CloseEventLog
RegDeleteKeyA
RegQueryValueW
RegConnectRegistryW
CryptExportKey
EqualPrefixSid
DuplicateToken
SetSecurityInfo
BuildExplicitAccessWithNameA
CryptGetDefaultProviderW
GetUserNameW
CryptSetKeyParam
GetMultipleTrusteeA

kernel32

VirtualFree
GetStartupInfoW
GetLocalTime
Sleep
VirtualAllocEx
SetErrorMode
lstrlenW
GetProfileIntA
LoadLibraryW
GetModuleFileNameW
CopyFileExW
GetCommState
GetCommandLineW
CreateToolhelp32Snapshot
SetCommBreak
GetStdHandle
AreFileApisANSI
lstrcmpW
UnmapViewOfFile
MapViewOfFileEx
GlobalAddAtomA
GetModuleHandleW
lstrcmpiW
SetLastError
lstrcmpA
lstrcmpiA
GetModuleHandleA
GetCurrencyFormatW
GetLastError
GetProcessHeap
GetACP
LocalCompact
Process32First
GetStartupInfoA
lstrlenA
ExitProcess

gdi32

MoveToEx
GetCurrentObject
GetICMProfileW
SetPixelV
ExtCreatePen
PaintRgn
SetLayout
UpdateICMRegKeyW
Chord
CancelDC
GetMiterLimit
SetLayout
GetArcDirection
GetROP2
PolyTextOutW
GetTextCharset
GetObjectType
GetTextMetricsA
GetObjectA
SetPixel
GetCurrentPositionEx
GetDeviceCaps

Sections

.text
Size: 14KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vuxn
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gzt
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shk
Size: 3KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fad2f281cd7fa2f117f89fe1aa50103

Headers

File Characteristics

Imports

msvcrt

user32

advapi32

kernel32

gdi32

Sections

.text Size: 14KB - Virtual size: 15KB

.vuxn Size: 4KB - Virtual size: 10KB

.gzt Size: 2KB - Virtual size: 8KB

.shk Size: 3KB - Virtual size: 22KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 15KB

.vuxn
Size: 4KB - Virtual size: 10KB

.gzt
Size: 2KB - Virtual size: 8KB

.shk
Size: 3KB - Virtual size: 22KB

.reloc
Size: 1024B - Virtual size: 1KB