54da98a3538e2733d6f97e22adc1fe5c

Sharing

Copy URL Twitter E-mail

General

Target

54da98a3538e2733d6f97e22adc1fe5c
Size

54KB
MD5

54da98a3538e2733d6f97e22adc1fe5c
SHA1

cb76adf8dfd2d19cfa9013fe18799d133ce0651b
SHA256

1c930dd31412c9dc0f9874fd1600d6a143d10a733f8e7599bcef43b8b5d8114c
SHA512

f3caddec7b95f39fdb5f3a4ab75bb7d9f6a6b478bf30d2c0617d2cacfe8e3f8b4ec2f01d451b1157b30c046878424b04e76414cb1376fe8b4392cfbffb3c03f1
SSDEEP

768:pm/6fXhvSRM4TFTfg6uX91lSAcmXuGh54wiZfbM/iEtryYmX7:4/69UMCgRX9HSARX5VMw/FyY6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54da98a3538e2733d6f97e22adc1fe5c

Files

54da98a3538e2733d6f97e22adc1fe5c
.exe windows:5 windows x86 arch:x86

3b749332ac59474b4d8ccf299ba525c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
VirtualProtect
GetCurrentProcess
lstrcmpiW
ReadFile
LocalFree
GetCurrentProcess
ReadFile
CreateThread
DeleteCriticalSection
QueryPerformanceCounter
InterlockedCompareExchange
lstrcmpiW
GetProcessHeap
LeaveCriticalSection
DisableThreadLibraryCalls
GetCurrentThreadId
LoadLibraryA
GetVersionExA
CreateThread
HeapFree
HeapFree
CloseHandle
LeaveCriticalSection
HeapFree
GetModuleHandleA
CreateThread
CloseHandle
EnterCriticalSection
SetLastError
GetVersionExA
GetModuleFileNameA
GetLastError
LocalAlloc
MultiByteToWideChar
GetCurrentProcess
SetLastError
InterlockedExchange
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
CreateFileW
VirtualProtect
HeapFree
GetVersionExA
GetVersionExA
UnhandledExceptionFilter
ReadFile
CloseHandle
VirtualProtect
lstrlenA
InterlockedIncrement
HeapAlloc
FreeLibrary
FreeLibrary
DeleteCriticalSection
GetProcAddress
GetLastError
GetModuleFileNameA
VirtualProtect
GetCurrentThreadId
GetSystemTimeAsFileTime
VirtualProtect
GetCurrentProcess

user32

PeekMessageW
SendDlgItemMessageW
LoadCursorW
SetTimer
GetDlgItem
SetFocus
ShowWindow
BeginPaint
DialogBoxParamW
SetWindowLongW
EnableWindow
SetWindowTextW
PostMessageW
DispatchMessageW
wsprintfA
KillTimer
ReleaseDC
PeekMessageW
CharNextW
DialogBoxParamW
SetDlgItemTextW
CreateWindowExW
wsprintfA
IsWindow
SetTimer
SetCursor
SetDlgItemTextW
EndPaint
SetForegroundWindow
SendMessageW
SetTimer
SendDlgItemMessageW
PostMessageW
DispatchMessageW
DialogBoxParamW
SetWindowLongW
GetDC
CharNextW
ShowWindow
GetParent
IsWindow
SetWindowLongW
LoadStringW
SetForegroundWindow
SetWindowPos
GetSysColor
GetFocus
InvalidateRect
SetWindowLongW
SendDlgItemMessageW
SetTimer
SendDlgItemMessageW
GetWindowLongW
SetFocus
wsprintfA
CreateWindowExW
LoadStringW
SetForegroundWindow
ReleaseDC
MessageBoxW
GetParent
DispatchMessageW
CharNextW
GetDC
GetFocus
PeekMessageW
SetFocus

Sections

.text
Size: 48KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b749332ac59474b4d8ccf299ba525c0

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 48KB - Virtual size: 60KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 4KB

.pdata Size: 512B - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 48KB - Virtual size: 60KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 4KB

.pdata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB