54eea3aa0fa4de4f404574226562563c

Sharing

Copy URL Twitter E-mail

General

Target

54eea3aa0fa4de4f404574226562563c
Size

439KB
MD5

54eea3aa0fa4de4f404574226562563c
SHA1

6feff7326489d19cb792f06319dd6eb3976cc2ec
SHA256

5b9aa3c3fcaa4df55454849eb193083dbc945711830585a516c9d661948e4436
SHA512

0822f0948e3b30bfeba637cf6d5af0105bfdca673d44b73f36a3dd2c3a515ab23bd126cc338d88127abb821a8f5ef5540a0466a41f7c1d1f63ce63d1d7564e73
SSDEEP

6144:0WOm6zhcZ+F7wWlnM/lhzmDrtpr73CvkjYHqUPggTJq7MQcbI2i609nDjPWiI9Xb:09wZXWlM/PzqJZ7X0qUPtbM6cDjPbs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54eea3aa0fa4de4f404574226562563c

Files

54eea3aa0fa4de4f404574226562563c
.exe windows:5 windows x86 arch:x86

c678c5c3a425ce1f3f09852bd6cc258f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdiplus

GdipImageRotateFlip
GdipGetImageDecoders
GdipGetImageHeight
GdipGetImageRawFormat
GdipGetImageDecodersSize

advapi32

RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW

kernel32

SetFileTime
WaitForSingleObject
FindResourceW
LoadLibraryW
EnterCriticalSection
lstrcatW
LeaveCriticalSection
GetHandleInformation
CompareStringW
GetWindowsDirectoryW
DeleteCriticalSection
WaitForSingleObject
CreateEventA
GetFileAttributesW
LocalFileTimeToFileTime
CreateMutexW
MapViewOfFile
GetProcAddress
Sleep
GetTickCount
SystemTimeToFileTime
SetEvent
FreeLibrary
HeapDestroy
LocalAlloc
ResetEvent
GetCurrentProcessId
FindFirstFileW
MoveFileW
QueryPerformanceCounter
GetTickCount
LoadResource
VirtualAllocEx
DeleteFileW

gdi32

SelectObject
SetTextColor
SetBkColor
MoveToEx
CreateCompatibleBitmap
GetTextExtentPoint32W
Rectangle
SetROP2
CreateDIBSection
GetDeviceCaps
GetTextMetricsW
StretchBlt

shell32

SHGetMalloc
ord16
SHGetFolderPathW
SHChangeNotify
ShellExecuteW
ord748
ord18

user32

SetTimer
GetPropW
SetWindowTextW
DestroyAcceleratorTable
GetWindowRect
BeginPaint
OffsetRect
wsprintfW
GetIconInfo
PostQuitMessage
SetCursor
PtInRect
IsWindow
LoadAcceleratorsW
FillRect
UpdateWindow
SendDlgItemMessageW
BeginDeferWindowPos
MapDialogRect
EndDialog
TranslateMessage
GetMonitorInfoW
IsRectEmpty
EndPaint
MessageBeep
MonitorFromWindow
SetForegroundWindow
PostMessageW
EndDeferWindowPos

ole32

CoUninitialize
CoInitialize
FreePropVariantArray
CreateStreamOnHGlobal
CoTaskMemRealloc

shlwapi

StrTrimW
StrCpyNW
PathFindExtensionW
wnsprintfW
ord437

msvcrt

?terminate@@YAXXZ
_initterm
malloc
realloc
__set_app_type
_c_exit
_exit
__wgetmainargs

Sections

.text
Size: 393KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c678c5c3a425ce1f3f09852bd6cc258f

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

advapi32

kernel32

gdi32

shell32

user32

ole32

shlwapi

msvcrt

Sections

.text Size: 393KB - Virtual size: 393KB

.data Size: 39KB - Virtual size: 38KB

.rsrc Size: 6KB - Virtual size: 336KB

.text
Size: 393KB - Virtual size: 393KB

.data
Size: 39KB - Virtual size: 38KB

.rsrc
Size: 6KB - Virtual size: 336KB