51763cf3f82808e49562d167f73a27b4

Sharing

Copy URL Twitter E-mail

General

Target

51763cf3f82808e49562d167f73a27b4
Size

143KB
MD5

51763cf3f82808e49562d167f73a27b4
SHA1

0e2a4e548a0827d34a8c7a32cf625595373ddbcc
SHA256

bf2ba0174af5c8a6b60214d62c0981bbfd26118beeda8a895d5911c2258ef762
SHA512

e489799926e3d8b1ceef6b6279f381bda7386d12e94079243ae6a57911302407bf70bcf6a9a38cef1b2718e3173875d964ca32cbc82e3e83096e48a082b11f35
SSDEEP

3072:ueWyWNzZUmdSyHoTRRYgFnTgq3io9M+o+2l/4AhJ6Wag9:u/yWNzZZiRRYgF8CiZ+zi/4YJL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51763cf3f82808e49562d167f73a27b4

Files

51763cf3f82808e49562d167f73a27b4
.exe windows:4 windows x86 arch:x86

85fe11753d0349cb6d3778e0538aa465

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_Getdays
iswalnum
_searchenv
_adj_fdivr_m64
modf
_toupper
atoi
__RTDynamicCast
__iscsymf
_adj_fdivr_m32
_ismbcupper
_wgetcwd
_popen
clearerr
_creat
_ismbcalnum
fputws
_CxxThrowException
_timezone
fwprintf
ldexp
_ismbcl2
_inpw
vfprintf
_XcptFilter
_itow
_scalb

gdi32

GetTextCharacterExtra
ResetDCW
SetWorldTransform
GetBkColor
CreateRoundRectRgn
GetGlyphOutlineW
MoveToEx
GetViewportOrgEx
GetStockObject
SetSystemPaletteUse
GetSystemPaletteUse
InvertRgn
StretchBlt
CreatePenIndirect
FrameRgn
GetMetaRgn
SetBitmapBits
CreatePolyPolygonRgn
GetKerningPairs
GetStretchBltMode
GetTextCharset
PlayEnhMetaFileRecord

comdlg32

ChooseColorA

kernel32

GetCurrentThreadId
RegisterWaitForInputIdle
InterlockedCompareExchange
VirtualAlloc
GetTickCount
GetTapePosition
FindClose
LCMapStringW
SetTapePosition
GlobalUnfix
CreateJobObjectA
GetThreadPriority
VirtualAllocEx
HeapFree
FatalAppExitW
LCMapStringA
WaitNamedPipeW
GetModuleHandleA
DuplicateConsoleHandle
GetPrivateProfileStringA
GetPrivateProfileStringW
GetWindowsDirectoryA
GetCurrencyFormatA
ExitProcess
QueryPerformanceCounter
EnumCalendarInfoA
GetCommandLineW
GetStartupInfoA
Sleep
ScrollConsoleScreenBufferW
GetFileAttributesA
SetConsoleTitleA
VirtualFree
GetVDMCurrentDirectories
VirtualAlloc
GetCompressedFileSizeW
FillConsoleOutputCharacterW
UpdateResourceW
GetNumberOfConsoleInputEvents
lstrcmpA
ClearCommError
SetProcessWorkingSetSize

ole32

CoReleaseMarshalData
OleRegGetMiscStatus
CreateGenericComposite
OleRun
OleDestroyMenuDescriptor
StgSetTimes
CoRegisterMallocSpy
CreateAntiMoniker
OleCreateMenuDescriptor
OleUninitialize
MkParseDisplayName
CoFileTimeNow
CoGetCurrentProcess

user32

DdeCreateStringHandleA
CharUpperW
DialogBoxIndirectParamW
GetClientRect
EnumDisplaySettingsA
AnyPopup
EditWndProc
ChildWindowFromPointEx
CreatePopupMenu

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.yao
Size: 84KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gxgp
Size: 329KB - Virtual size: 599KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85fe11753d0349cb6d3778e0538aa465

Headers

File Characteristics

Imports

msvcrt

gdi32

comdlg32

kernel32

ole32

user32

Sections

.text Size: 7KB - Virtual size: 8KB

.yao Size: 84KB - Virtual size: 358KB

.gxgp Size: 329KB - Virtual size: 599KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 8KB

.yao
Size: 84KB - Virtual size: 358KB

.gxgp
Size: 329KB - Virtual size: 599KB

.reloc
Size: 1024B - Virtual size: 1KB