519d8d4fe58b0dc241f520ea4c31b516

Sharing

Copy URL Twitter E-mail

General

Target

519d8d4fe58b0dc241f520ea4c31b516
Size

528KB
MD5

519d8d4fe58b0dc241f520ea4c31b516
SHA1

bc0ac321699451933fe38c4b14b5ee265becf9e6
SHA256

5a104eef60ca14594d127a8c40f4092b3c0663e1a4fae3e5150c4b546cf7e9bc
SHA512

9ff3d0c9a7301135dcefde497cd670042b6a90728d69285e18649a221596d011a0f2549f3f921ba15b770c5da63c6ef637ee4df4dc7828b6c68818a15ac578db
SSDEEP

6144:j3dgGTjXh5Tdk3bVshcilJr/lmrnXBjDKLh0y0LWNF+R2XMQLbA0ytiRxcr76:rjxwVQcAzlgnXB/yjQMTLbNEki6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
519d8d4fe58b0dc241f520ea4c31b516

Files

519d8d4fe58b0dc241f520ea4c31b516
.exe windows:4 windows x86 arch:x86

d5f23266cba0bebfbc0028f4ff32cfd8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

comdlg32

ChooseFontA

user32

BroadcastSystemMessageA
ShowWindow
RegisterClassA
GetWindowThreadProcessId
GetMenuStringW
RegisterClassExA
CreatePopupMenu
ValidateRect
GetMessageExtraInfo
SetScrollRange
EnableScrollBar
AnyPopup
DdeReconnect
GrayStringW
UnregisterHotKey
ShowScrollBar
MessageBoxIndirectW
IsCharAlphaA
IsChild

kernel32

FreeEnvironmentStringsA
SetFilePointer
CloseHandle
CreateMutexA
HeapDestroy
CompareStringW
LoadLibraryW
WriteFile
UnhandledExceptionFilter
GetConsoleOutputCP
TlsSetValue
GetStringTypeW
VirtualFree
GetModuleHandleA
LCMapStringA
GetExitCodeProcess
InterlockedDecrement
GetACP
GetLocaleInfoW
QueryPerformanceCounter
DeleteCriticalSection
GetDateFormatA
GetNamedPipeInfo
GetSystemTimeAsFileTime
LeaveCriticalSection
GetLastError
SetFileTime
FindResourceW
TlsAlloc
GetDiskFreeSpaceA
GetProcessAffinityMask
GetLocaleInfoA
GetEnvironmentStringsW
GetCurrentProcessId
IsValidLocale
GetStdHandle
GetTimeZoneInformation
ReadFile
HeapFree
CompareStringA
GetTickCount
WriteConsoleW
GetThreadPriority
GetTimeFormatA
VirtualQuery
IsDebuggerPresent
GetCommandLineA
GetStringTypeA
InterlockedIncrement
FreeLibrary
GetOEMCP
Sleep
GetFileType
EnumSystemLocalesA
OpenFile
InitializeCriticalSection
MultiByteToWideChar
DebugActiveProcess
GetCurrentThreadId
InterlockedExchange
TlsGetValue
LocalShrink
LoadLibraryA
GetEnvironmentStrings
GetConsoleTitleA
RemoveDirectoryA
FlushFileBuffers
TerminateProcess
SetEnvironmentVariableA
GetConsoleCP
GetConsoleMode
TransactNamedPipe
GetCurrentProcess
SetConsoleCtrlHandler
SetHandleCount
FindNextFileW
HeapCreate
HeapReAlloc
EnumTimeFormatsW
SetStdHandle
TlsFree
GetVersionExA
ExitProcess
OpenProcess
GetUserDefaultLCID
CreateProcessA
EnterCriticalSection
GetCurrentThread
GetStartupInfoA
RtlUnwind
SetLastError
IsValidCodePage
CreateFileA
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
GetModuleFileNameA
GetProcAddress
OpenMutexA
HeapAlloc
LCMapStringW
GetCPInfo
GetPrivateProfileStringA
GetProfileStringW
VirtualAlloc
GetProcessHeap
HeapSize
WideCharToMultiByte
WriteConsoleA

Sections

.text
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5f23266cba0bebfbc0028f4ff32cfd8

Headers

File Characteristics

Imports

comctl32

comdlg32

user32

kernel32

Sections

.text Size: 195KB - Virtual size: 194KB

.rdata Size: 10KB - Virtual size: 24KB

.data Size: 315KB - Virtual size: 315KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 195KB - Virtual size: 194KB

.rdata
Size: 10KB - Virtual size: 24KB

.data
Size: 315KB - Virtual size: 315KB

.rsrc
Size: 7KB - Virtual size: 6KB