522b032e73154d59cf02075bffc89d9c

Sharing

Copy URL Twitter E-mail

General

Target

522b032e73154d59cf02075bffc89d9c
Size

116KB
MD5

522b032e73154d59cf02075bffc89d9c
SHA1

94616fa17a20641fee35efdb9081885912bd926c
SHA256

96137f82caff96b335dfd8ff20105970e481dacadfb2d9fd70cce6f344a8e665
SHA512

aa75d8dec40f0cf8b7070464159e8bc3ea9ca51e7d09ef9265434aaff364d35635f4b43f5b6c7c9065fde7b733063449040d163de1611fce781a7cea2e42b875
SSDEEP

1536:T0k+dRxdKSAhbH8N+spiYi0UozC2r4PVzMWSD:TV+dRaSANcDXxCu4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
522b032e73154d59cf02075bffc89d9c

Files

522b032e73154d59cf02075bffc89d9c
.exe windows:4 windows x86 arch:x86

6f40d00e0ad0c7ca9ef8537fa06eebd3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegDeleteValueA
RegEnumValueW
RegCreateKeyExA
RegReplaceKeyA
RegQueryValueExA
RegEnumKeyW
RegLoadKeyA
RegOpenKeyW
RegCreateKeyExW
RegReplaceKeyW
RegGetKeySecurity
RegDeleteKeyA
RegDeleteValueW
RegQueryValueExA
RegQueryValueA
RegLoadKeyA
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegLoadKeyW
RegEnumKeyExA
RegCreateKeyExW
RegOpenKeyExA
RegCreateKeyExA
RegReplaceKeyA
RegFlushKey
RegOpenKeyA
RegLoadKeyA
RegReplaceKeyW
RegCreateKeyW
RegEnumKeyExW
RegDeleteKeyA
RegQueryInfoKeyW
RegLoadKeyW
RegEnumKeyExA
RegOpenKeyExA
RegQueryInfoKeyA
RegGetKeySecurity
RegQueryValueA
RegReplaceKeyA
RegLoadKeyA
RegDeleteKeyW
RegQueryValueW
RegOpenKeyExW
RegEnumValueA
RegEnumValueW
RegQueryInfoKeyW
RegEnumKeyA
RegEnumKeyW
RegReplaceKeyA
RegReplaceKeyW
RegCreateKeyExA
RegOpenKeyA
RegLoadKeyW
RegQueryValueA
RegQueryInfoKeyW
RegEnumValueW
RegOpenKeyW
RegDeleteKeyA
RegEnumValueA
RegEnumKeyW
RegEnumKeyA
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumKeyExW
RegOpenKeyExW
RegEnumValueA
RegOpenKeyW
RegDeleteKeyA
RegQueryValueA
RegDeleteKeyW
RegReplaceKeyA
RegDeleteValueW
RegReplaceKeyW
RegOpenKeyExA
RegEnumValueW
RegGetKeySecurity
RegQueryValueExW
RegEnumKeyExA
RegLoadKeyW

gdi32

ClearBrushAttributes
SetTextColor
RestoreDC
CreateSolidBrush
CloseMetaFile
CopyMetaFileA
ExtTextOutA
CloseFigure
ClearBitmapAttributes
BeginPath
GetDCOrgEx
AddFontMemResourceEx
CancelDC
CreateSolidBrush
AbortPath
BitBlt
AddFontResourceA
GetClipBox
GetCurrentPositionEx
GetPixel
AddFontResourceExW
CloseMetaFile
BeginPath
ExtTextOutA
GetPixel
ClearBitmapAttributes
GetClipBox
ClearBitmapAttributes
ExtTextOutA
DeleteDC
AddFontResourceW
CloseFigure
AddFontResourceTracking
AddFontMemResourceEx
GetPixel
CopyMetaFileA
CloseMetaFile
CreateSolidBrush

kernel32

FindAtomA
CopyFileExW
CopyFileExA
GetStdHandle
WriteFile
SetLastError
OpenFileMappingA
DeleteAtom
DeleteFileW
GetFileSize
GetCPInfo
GlobalFree
CreateDirectoryA
ReadConsoleA
Sleep
CreateProcessA

comctl32

ImageList_DragLeave
ImageList_BeginDrag
ImageList_DragShowNolock
ImageList_GetImageInfo
ImageList_GetDragImage
ImageList_LoadImageA
ImageList_Replace
ImageList_DrawIndirect
ImageList_GetIcon
ImageList_LoadImageW
ImageList_Draw
ImageList_DragMove
ImageList_GetImageRect
ImageList_LoadImage
ImageList_GetImageCount
ImageList_Remove
ImageList_DragEnter

user32

CopyRect
LoadCursorA
GetWindowTextLengthA
IsMenu
CreateIcon
CalcMenuBar
EndDialog
DrawTextA
GetCursor
AppendMenuA
GetMenu
DrawIconEx
GetDC
DialogBoxParamW
CopyImage
GetFocus
DrawTextW
AlignRects
LoadMenuA

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bbs
Size: - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 66B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f40d00e0ad0c7ca9ef8537fa06eebd3

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

comctl32

user32

Sections

.text Size: 25KB - Virtual size: 25KB

.data Size: 81KB - Virtual size: 81KB

.bbs Size: - Virtual size: 83KB

.idata Size: 6KB - Virtual size: 5KB

.tls Size: - Virtual size: 66B

.rdata Size: 512B - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 516B

.text
Size: 25KB - Virtual size: 25KB

.data
Size: 81KB - Virtual size: 81KB

.bbs
Size: - Virtual size: 83KB

.idata
Size: 6KB - Virtual size: 5KB

.tls
Size: - Virtual size: 66B

.rdata
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 516B