53a130f302dd4f002495dafdad37ae11

Sharing

Copy URL Twitter E-mail

General

Target

53a130f302dd4f002495dafdad37ae11
Size

424KB
MD5

53a130f302dd4f002495dafdad37ae11
SHA1

69b877dd82987992ed9965e15eac444bf0da1210
SHA256

74bfa822890cb53e69229dcdd68e0a7b5125aa95bc4d466a875e69a6691e1f7e
SHA512

5c07feb5cc45a91e428b2b2c774756b6a1fad5ce5822241c2393ce4044795bcbd57dd4edac59a6b6aacfcca8432fadff7a3135fb2865d99f265408bedcc0f639
SSDEEP

12288:pWNziYgBAV/XmbDoNAJwzGMy2ka0ONXdA1606:mziYga/2beIwzGtONK4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53a130f302dd4f002495dafdad37ae11

Files

53a130f302dd4f002495dafdad37ae11
.exe windows:4 windows x86 arch:x86

590581bd31a391b99bc8a23237fed448

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleCreateEmbeddingHelper
OleCreateStaticFromData
WriteOleStg
CoCreateFreeThreadedMarshaler
GetDocumentBitStg
GetHGlobalFromILockBytes
CoFreeLibrary
CreatePointerMoniker

msvcrt

_CIacos
isalpha
iswgraph
_beginthread
_wspawnl
rename
_cprintf
_adj_fdivr_m32i
_ismbcspace
fabs
_statusfp
fmod
_XcptFilter
memcmp
_CItan
memset
vswprintf
_putws
_j1
isspace
__p__wenviron
_waccess
_setmode
_getdllprocaddr
_strdup
mktime
_mbbtype
_ismbcl0
_wsopen
_putenv
_getch
wcsncat
_strtime
_wexecve
strcoll
_wspawnve

gdi32

GetPolyFillMode
GdiComment
CreateDCW
GetMiterLimit
SetViewportOrgEx
CreateSolidBrush
UnrealizeObject
GetTextCharsetInfo
StrokeAndFillPath
GetMapMode
GetBkMode
GetTextExtentPointW
GetRandomRgn
FixBrushOrgEx
CopyEnhMetaFileW
StretchBlt
PlayMetaFile
PolyTextOutW
SetFontEnumeration
CreatePolygonRgn
GetGraphicsMode
RemoveFontResourceW
GetBitmapDimensionEx
CloseFigure
FloodFill

kernel32

GlobalUnfix
WaitNamedPipeW
DeleteCriticalSection
lstrcpynW
CreateNamedPipeA
QueryPerformanceFrequency
FindResourceA
GetLocalTime
GetStartupInfoA
GetConsoleAliasExesW
CreateProcessA
SetStdHandle
_lwrite
SuspendThread
GenerateConsoleCtrlEvent
GetTempFileNameA
GetCurrentThread
SetHandleInformation
lstrcmpW
EscapeCommFunction
GetCommandLineW
DeleteFiber
lstrcmpiW
Sleep
WriteConsoleInputVDMA
VirtualAlloc
OpenFile
GetCurrentThreadId
RaiseException
GlobalGetAtomNameA
GetFileAttributesExW
LockFile
GlobalGetAtomNameW
ExitProcess
GetPrivateProfileIntA
SetVolumeLabelA
InterlockedExchange
VirtualLock
GetFileAttributesExA
GetModuleHandleA
CallNamedPipeW
GetStartupInfoW
CommConfigDialogW
GetDiskFreeSpaceW
IsBadWritePtr
SetSystemPowerState
GetTimeZoneInformation
GetConsoleKeyboardLayoutNameW
SetPriorityClass
InitAtomTable
VirtualFree

user32

CreateDesktopA
DlgDirListW
ClientToScreen
DdeGetLastError
CreateWindowStationW
DdeCreateStringHandleW
FindWindowExA
FrameRect
DdeQueryStringW
CreateIcon
GetDlgCtrlID
GetClassNameA
GetCaretBlinkTime
DrawAnimatedRects

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lci
Size: 129KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ekygy
Size: 285KB - Virtual size: 672KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

590581bd31a391b99bc8a23237fed448

Headers

File Characteristics

Imports

ole32

msvcrt

gdi32

kernel32

user32

Sections

.text Size: 8KB - Virtual size: 8KB

.lci Size: 129KB - Virtual size: 284KB

.ekygy Size: 285KB - Virtual size: 672KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 8KB

.lci
Size: 129KB - Virtual size: 284KB

.ekygy
Size: 285KB - Virtual size: 672KB

.reloc
Size: 1024B - Virtual size: 1KB