54e4957fcdc84208635dce17e5e57333

Sharing

Copy URL Twitter E-mail

General

Target

54e4957fcdc84208635dce17e5e57333
Size

64KB
MD5

54e4957fcdc84208635dce17e5e57333
SHA1

57fba4d10135c316676b9ad6c0c01c36dc63203a
SHA256

2f48f18f16dbf91d75785d6b90fcb4c0c0c743ed0adc0af096ac71e6fdf5d306
SHA512

0c957008cf8270da1b8c4b5d379341acf9a30c2df918f24caf97a0fb863df1ab02bf090f6b688162a424233a5f3a94980098a84449efa3d3cdd8081ef6905585
SSDEEP

768:N7rvJqHYXMEyabMDOYwTyXuRn+MnxU7eqkdIcR7843VS8n2nBujQSU7HLfIeeer:W9aEOreXon+MxUSdb984lfveeer

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54e4957fcdc84208635dce17e5e57333

Files

54e4957fcdc84208635dce17e5e57333
.exe windows:4 windows x86 arch:x86

4d55b38abbba33bbdd62ec05e91f4445

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
CreateFileA
GetVolumeInformationA
GetProcAddress
LoadLibraryA
SetFileAttributesA
MultiByteToWideChar
lstrlenA
DeleteFileA
WriteFile
lstrcmpA
WaitForSingleObject
ResetEvent
GetTickCount
CreateEventA
ReadFile
WideCharToMultiByte
lstrlenW
GetModuleFileNameA
ExpandEnvironmentStringsA
CreateProcessA
Sleep
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetWindowsDirectoryA
CreateMutexA
GetStartupInfoA
GetModuleHandleA
CloseHandle
FindFirstFileA
FindNextFileA
lstrcmpiA
FindClose

user32

GetForegroundWindow
SetForegroundWindow

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA

shell32

StrStrA

shlwapi

PathFileExistsA
StrPBrkA
SHDeleteKeyA

ole32

CLSIDFromProgID
CoInitialize
CoCreateInstance

iphlpapi

GetAdaptersInfo

msvcp60

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

oleaut32

SysAllocStringLen
SysStringLen
VariantClear
SysAllocString
SysFreeString

msvcrt

??2@YAPAXI@Z
_wcsupr
_strdup
_stricmp
_strupr
_strlwr
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
wcsstr
strncmp
__CxxFrameHandler
sprintf
memset
strcat
strcmp
strncat
strncpy
strlen
strcpy
free
strstr
malloc
sscanf
memcpy
atoi
strchr
fclose
fgets
fopen
fprintf
wcslen
time
strtok
exit
fwrite
fputs
rand
swprintf
fread
ftell
fseek

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4d55b38abbba33bbdd62ec05e91f4445

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

ole32

iphlpapi

msvcp60

oleaut32

msvcrt

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 7KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 7KB