50ed386635a6cd4023f0f36a368f9cd9

Sharing

Copy URL Twitter E-mail

General

Target

50ed386635a6cd4023f0f36a368f9cd9
Size

552KB
MD5

50ed386635a6cd4023f0f36a368f9cd9
SHA1

9fff52b1b42f3a3a6dd1f37869cdeeb1e1c451fb
SHA256

45fb9d9d54706b480a645f1a6432b95f709588673b667bfa6cc1ea73e6d0e10f
SHA512

d4155d0e5af5837167f40f243c7fbb09701606fb263734837997f09da81eda444820d46862d2f62e132360df1157be506b816c9a2adf45924957d5f4dfba5f21
SSDEEP

6144:WBwA6UZo/MUJr51aVtax3QG8FB3qyhr+nGFM8jf0adBmtxv761JFwbopsqi/bUNb:VA6D5raX6cFB6yhyn22aBSBoGV4TB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50ed386635a6cd4023f0f36a368f9cd9

Files

50ed386635a6cd4023f0f36a368f9cd9
.exe windows:4 windows x86 arch:x86

34a618fd61067b4ca16246dd345b2852

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemCodePagesA
FileTimeToSystemTime
SetLocaleInfoA
GetFileAttributesExA
lstrlenW
lstrcmp
GetLocalTime
InitializeCriticalSection
MultiByteToWideChar
GetModuleFileNameA
CloseHandle
FillConsoleOutputAttribute
FreeEnvironmentStringsW
GetTickCount
LCMapStringA
EnumResourceTypesA
GetStringTypeA
ReadConsoleOutputCharacterW
FreeLibrary
GetOEMCP
SetFilePointer
TlsSetValue
GetCurrentThreadId
CreateFileW
OpenEventA
OpenMutexA
GetCurrentProcessId
GetCurrentThread
CommConfigDialogA
FillConsoleOutputCharacterA
ReadFile
TransmitCommChar
GetComputerNameA
LCMapStringW
SetEnvironmentVariableA
GetSystemTimeAsFileTime
GetLastError
GetThreadContext
UnlockFileEx
GlobalDeleteAtom
SetConsoleCtrlHandler
IsBadWritePtr
DeleteFileW
HeapAlloc
FreeEnvironmentStringsA
SetConsoleCursorPosition
EnumResourceLanguagesA
GetDiskFreeSpaceA
WaitNamedPipeW
ReadConsoleInputA
VirtualFree
SetFileAttributesW
VirtualQuery
DeleteCriticalSection
InterlockedExchange
CreateMutexA
GetCommandLineA
SetLastError
GetStringTypeW
FlushViewOfFile
DebugActiveProcess
SetCurrentDirectoryW
GetStdHandle
GetTempFileNameW
TlsAlloc
FlushFileBuffers
CompareStringA
GetVersion
InterlockedCompareExchange
GetSystemTime
GetTimeZoneInformation
InterlockedDecrement
GetFileType
EnumResourceNamesA
RtlUnwind
LocalFree
UnhandledExceptionFilter
ExitProcess
TransactNamedPipe
TerminateProcess
GetStartupInfoA
HeapReAlloc
EnumCalendarInfoA
GetProcAddress
SystemTimeToTzSpecificLocalTime
WideCharToMultiByte
GetEnvironmentStrings
GetProcessHeap
SetStdHandle
ReleaseMutex
WriteFile
lstrcmpi
HeapDestroy
GetCurrencyFormatA
GetVersionExW
HeapFree
GlobalFindAtomA
VirtualAlloc
CompareStringW
LoadLibraryA
WritePrivateProfileStructW
GetCurrentProcess
HeapCreate
QueryPerformanceCounter
WriteConsoleW
UnlockFile
LoadModule
LeaveCriticalSection
WriteProfileSectionA
GetEnvironmentStringsA
GetSystemDirectoryA
GetEnvironmentStringsW
GetCPInfo
WriteProfileStringA
GetNumberFormatW
InterlockedIncrement
EnterCriticalSection
OpenFileMappingW
TlsGetValue
GlobalLock
TlsFree
DuplicateHandle
GetModuleHandleA
WaitForMultipleObjectsEx
SetHandleCount
WriteConsoleInputW
GetACP
GetThreadPriority

gdi32

DeleteDC
GetDeviceCaps
Polyline
GetTextCharacterExtra
CreateRectRgn
SetWorldTransform
InvertRgn
GetObjectA
CreateDCW
GetTextFaceA
CreateDIBPatternBrush
ExtTextOutW

comctl32

ImageList_SetFlags
ImageList_SetIconSize
DrawStatusTextA
ImageList_LoadImageW
InitCommonControlsEx

user32

LoadIconW
GetActiveWindow
DlgDirSelectExW
GetWindowContextHelpId
InvalidateRgn
SetShellWindow
EnableWindow
DialogBoxIndirectParamW
GetMenuDefaultItem
CreateWindowExA
SetScrollInfo
MessageBoxW
DestroyWindow
DestroyCursor
BringWindowToTop
DrawMenuBar
RegisterClassA
SetWindowLongA
LoadCursorFromFileA
ChangeMenuA
PeekMessageW
SetCapture
GetGuiResources
CascadeChildWindows
EnumPropsExA
DdeConnect
GetWindowModuleFileNameW
GetComboBoxInfo
FlashWindowEx
DefWindowProcW
ShowWindow
FindWindowA
SetMenu
WinHelpW
SetWindowTextW
SetActiveWindow
SendInput
EmptyClipboard
OemToCharW
GetListBoxInfo
GetMonitorInfoA
ChangeDisplaySettingsW
RegisterClassExA
DestroyMenu

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34a618fd61067b4ca16246dd345b2852

Headers

File Characteristics

Imports

kernel32

gdi32

comctl32

user32

Sections

.text Size: 136KB - Virtual size: 135KB

.rdata Size: 252KB - Virtual size: 250KB

.data Size: 108KB - Virtual size: 115KB

.rsrc Size: 52KB - Virtual size: 50KB

.text
Size: 136KB - Virtual size: 135KB

.rdata
Size: 252KB - Virtual size: 250KB

.data
Size: 108KB - Virtual size: 115KB

.rsrc
Size: 52KB - Virtual size: 50KB