5229d84fc3ee49e3b9d803e1126662e2

Sharing

Copy URL Twitter E-mail

General

Target

5229d84fc3ee49e3b9d803e1126662e2
Size

664KB
MD5

5229d84fc3ee49e3b9d803e1126662e2
SHA1

96955a10ba463bafc5e901fde07b4a5b10acabe4
SHA256

b549a196a7ae6ee91d33a75c7d306cf832416de9ac42d57da181e10388ed9541
SHA512

1c3bbaa331f2ba259c2783f30d33ba0502bf059147fd467d93a72a0f3ce2e98fb18e4c4062a1be38abc382c5278b3bc78a1521cde450f4d427f8ffbac014bdf7
SSDEEP

12288:8fFUT3hTHcRJRo9tSfq+1qrfAA5tsChvRtOFsgLRJLw+jpFnoMeWD:8NUzC+tSfq+CfZbvRAFx1pFoZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5229d84fc3ee49e3b9d803e1126662e2

Files

5229d84fc3ee49e3b9d803e1126662e2
.exe windows:4 windows x86 arch:x86

a5200c39fd54b70e7b070e3c43b312f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractAssociatedIconExW

comctl32

InitCommonControlsEx

user32

DdeAccessData
UnhookWinEvent
InvertRect
RegisterClassA
DdeNameService
SetCursorPos
RegisterClassExA
GetUserObjectInformationA
DdeDisconnect
LoadAcceleratorsW
MessageBoxIndirectW
DdeGetData
SendMessageTimeoutA
GetKeyboardLayoutList

wininet

FindFirstUrlCacheContainerA
SetUrlCacheConfigInfoA

kernel32

GetLastError
WriteConsoleW
GetStringTypeA
GetCommandLineW
lstrlenA
GetStringTypeW
ExitProcess
QueryPerformanceCounter
DeleteCriticalSection
GetConsoleMode
FreeEnvironmentStringsA
SetFilePointer
TlsFree
MultiByteToWideChar
IsValidLocale
InitializeCriticalSection
GetModuleHandleA
GetCurrentThread
RaiseException
GetTimeZoneInformation
FlushFileBuffers
EnumSystemLocalesA
TerminateProcess
CompareStringA
GetModuleHandleW
WriteConsoleA
OutputDebugStringW
GetEnvironmentStrings
WideCharToMultiByte
WriteFile
GetModuleFileNameW
GetCurrentProcessId
IsValidCodePage
OpenMutexA
SetEnvironmentVariableA
GetStdHandle
HeapValidate
LoadLibraryA
GetTickCount
GlobalHandle
GetConsoleCP
IsBadReadPtr
EnumResourceTypesA
GetEnvironmentStringsW
HeapAlloc
GetSystemTimeAsFileTime
InterlockedDecrement
SetVolumeLabelA
SetLastError
CompareStringW
Sleep
GetTimeFormatA
SetConsoleCtrlHandler
GetLocaleInfoA
GetCPInfo
GetACP
WaitNamedPipeW
IsDebuggerPresent
GetProcessHeap
LoadLibraryW
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
CreateFileA
OutputDebugStringA
VirtualFree
TlsSetValue
TlsGetValue
CreateDirectoryExW
GetUserDefaultLCID
SetStdHandle
GetOEMCP
GetCurrentThreadId
GetStartupInfoA
GetLocaleInfoW
GetDateFormatA
HeapCreate
LCMapStringA
CloseHandle
SetHandleCount
HeapDestroy
VirtualAlloc
DebugBreak
CreateWaitableTimerA
GetVersionExA
CreateMutexA
GetConsoleOutputCP
ReadFile
GetModuleFileNameA
HeapReAlloc
InterlockedExchange
FreeLibrary
GetCurrentProcess
TlsAlloc
RtlUnwind
LeaveCriticalSection
VirtualQuery
HeapFree
GetStartupInfoW
GetFileType
FileTimeToSystemTime
InterlockedIncrement
LCMapStringW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
EnterCriticalSection

Sections

.text
Size: 448KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 90KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5200c39fd54b70e7b070e3c43b312f6

Headers

File Characteristics

Imports

shell32

comctl32

user32

wininet

kernel32

Sections

.text Size: 448KB - Virtual size: 448KB

.rdata Size: 90KB - Virtual size: 119KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 448KB - Virtual size: 448KB

.rdata
Size: 90KB - Virtual size: 119KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 19KB - Virtual size: 18KB