5254b87f0590d942ab285989db9af13a

Sharing

Copy URL

Twitter E-mail

General

Target

5254b87f0590d942ab285989db9af13a
Size

168KB
MD5

5254b87f0590d942ab285989db9af13a
SHA1

51a610b57fab8c20fa43ed65aae4741c684ff12e
SHA256

d00194037eac86c81e08739ed0f93293dac386921dd18ec660b4c620d0e3b0ad
SHA512

2d86a5a958106ce65f602d7ec201d2d57fab7337e32bc94d0f8780ec5fb45ffc7822b7a0469c15cbc6fd5d6f5f99075f93476ba2cfae6d4f874957923272d116
SSDEEP

3072:0NinkNWkehGKZ9D8zURCu6XFoeLaAQrmK:09WkcGa9UW86eLAm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5254b87f0590d942ab285989db9af13a

Files

5254b87f0590d942ab285989db9af13a
.exe windows:4 windows x86 arch:x86

14796eda1bc61765e14419e91fe9d6e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueA
RegQueryValueExW
RegDeleteKeyA
RegLoadKeyW
RegEnumValueA
RegReplaceKeyA
RegEnumValueW
RegQueryValueExA
RegEnumKeyExW
RegEnumKeyW
RegCreateKeyExA
RegOpenKeyExW
RegQueryInfoKeyA
RegQueryValueW
RegLoadKeyA
RegOpenKeyA
RegReplaceKeyW
RegDeleteValueA
RegCreateKeyExW
RegCreateKeyW
RegQueryValueExA
RegOpenKeyA
RegFlushKey
RegLoadKeyA
RegOpenKeyExW
RegDeleteValueW
RegQueryValueA
RegCreateKeyExA
RegDeleteKeyW
RegQueryValueExW
RegQueryInfoKeyW
RegGetKeySecurity
RegReplaceKeyA
RegEnumKeyExW
RegEnumKeyW
RegCreateKeyW
RegLoadKeyW
RegQueryInfoKeyA
RegQueryValueW
RegDeleteKeyA
RegEnumKeyA
RegEnumKeyExA
RegOpenKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegGetKeySecurity
RegFlushKey
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW
RegEnumValueA
RegOpenKeyExA
RegEnumKeyA
RegQueryInfoKeyA
RegDeleteValueA
RegEnumKeyW
RegLoadKeyA
RegCreateKeyW
RegOpenKeyExW
RegOpenKeyA
RegCreateKeyExA
RegQueryValueW
RegReplaceKeyA
RegLoadKeyW

kernel32

WriteFile
GetCPInfo
GetConsoleMode
ReadConsoleA
FindFirstFileA
GetComputerNameA
GetCommandLineA
Sleep
CreateThread
CreateDirectoryA
OpenFile
ReadFile
GetStdHandle
DeleteFileW
GetLastError
DeleteFileA
GlobalFree
SetLastError
ExitThread
FindAtomA
CopyFileW
CopyFileExA
DeleteAtom

user32

AppendMenuA
DrawTextW
CopyIcon
LoadCursorA
CopyRect
AlignRects
EndDialog
CreateIcon
DialogBoxParamA
GetFocus
DrawIcon
AppendMenuW
CloseWindow
CalcMenuBar
GetMenu
GetDlgItem
GetWindowTextA
IsMenu
LoadMenuA
DialogBoxParamW
CopyRect
IsMenu
DialogBoxParamA
CloseWindow
AppendMenuA
IsWindow
AppendMenuW
LoadCursorA
DrawIconEx
CalcMenuBar
CreateIcon
GetCursor
GetDlgItem
GetWindowTextLengthA
CopyIcon

Sections

.JXUTP
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.aLjHWn
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lYFEjH
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 124KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.LndGOm
Size: 4KB - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SgGhWE
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.QHFlgg
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.JXsYsR
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14796eda1bc61765e14419e91fe9d6e0

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.JXUTP Size: 4KB - Virtual size: 3KB

.aLjHWn Size: 8KB - Virtual size: 4KB

.lYFEjH Size: 8KB - Virtual size: 5KB

.pdata Size: 124KB - Virtual size: 2.2MB

.LndGOm Size: 4KB - Virtual size: 96B

.SgGhWE Size: 4KB - Virtual size: 24B

.QHFlgg Size: 8KB - Virtual size: 4KB

.JXsYsR Size: 4KB - Virtual size: 3KB

.JXUTP
Size: 4KB - Virtual size: 3KB

.aLjHWn
Size: 8KB - Virtual size: 4KB

.lYFEjH
Size: 8KB - Virtual size: 5KB

.pdata
Size: 124KB - Virtual size: 2.2MB

.LndGOm
Size: 4KB - Virtual size: 96B

.SgGhWE
Size: 4KB - Virtual size: 24B

.QHFlgg
Size: 8KB - Virtual size: 4KB

.JXsYsR
Size: 4KB - Virtual size: 3KB