53c6973cc13825f202b3ec2ef6df35b2

Sharing

Copy URL Twitter E-mail

General

Target

53c6973cc13825f202b3ec2ef6df35b2
Size

59KB
MD5

53c6973cc13825f202b3ec2ef6df35b2
SHA1

779ee60156b8c5ab0b177309cc4737bed49b10e2
SHA256

513bfc5640401c1fe3318efc42e8b3cd4add9664f769e1321fa8b5533b244004
SHA512

a70a36b549ae251e5a0664e6df1ae79ebad27486520d7e132ab39a85ff6a1028e46578981e06fe5e038afc20186c100d5a0530e4b52d4e77d1389462881a892b
SSDEEP

1536:Xnt+jA0f373dAKwQP0tclIJq3b4OxmLY0N7YVDBN:Xt+s0/baVJq3XH0N7+DBN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53c6973cc13825f202b3ec2ef6df35b2

Files

53c6973cc13825f202b3ec2ef6df35b2
.exe windows:4 windows x86 arch:x86

7d9502fe26e3d8c5dfdd4ae0e91bc72c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA
StrCSpnA
PathRemoveBlanksA
SHRegCreateUSKeyA
StrSpnA
StrFormatByteSize64A
SHRegEnumUSKeyA
SHDeleteValueA
UrlIsOpaqueA
PathQuoteSpacesA
SHIsLowMemoryMachine
SHAutoComplete
PathCommonPrefixA
PathGetDriveNumberA
HashData
PathAppendA
StrRChrIA
ColorHLSToRGB
StrToIntExA
SHCreateStreamWrapper
SHRegOpenUSKeyA
PathIsRelativeA
StrChrIA
PathIsUNCA
SHRegWriteUSValueA
PathStripToRootA
PathFindOnPathA
AssocQueryStringA
StrIsIntlEqualA

kernel32

lstrcmpi
SetTapeParameters
LoadModule
GetSystemDirectoryA
FileTimeToLocalFileTime
GetCommModemStatus
GetPrivateProfileSectionNamesA
CallNamedPipeA
EnumCalendarInfoA
AddAtomA
VirtualAlloc
Heap32First
SetFilePointer
LocalFileTimeToFileTime
CommConfigDialogA
GetStdHandle
WriteFileGather
GetWindowsDirectoryA
SetConsoleWindowInfo
DeleteAtom
GetTempPathA
DebugActiveProcess
SetTimeZoneInformation
GetCommConfig
WriteConsoleInputA
Beep
CreateFiber
SetFileApisToOEM
FlushInstructionCache
GetLocalTime
ReadConsoleOutputA
ReleaseSemaphore
WinExec
_lclose
SetVolumeLabelA
GlobalLock
HeapDestroy
GetTapeStatus
GetNumberOfConsoleMouseButtons
ReadFileEx
IsBadReadPtr
WaitForSingleObject
CreateProcessA
FatalExit
FreeLibrary
lstrcmp
GetLongPathNameA
FlushConsoleInputBuffer
GlobalFindAtomA
GetNamedPipeHandleStateA
SetDefaultCommConfigA
MulDiv
BackupSeek
PrepareTape
GetProcessHeaps
GetSystemPowerStatus
HeapUnlock
lstrlen
PurgeComm
WaitNamedPipeA
FindAtomA

advapi32

InitializeAcl

Sections

.uji
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ufehs
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vqpu
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nqdm
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d9502fe26e3d8c5dfdd4ae0e91bc72c

Headers

File Characteristics

Imports

shlwapi

kernel32

advapi32

Sections

.uji Size: 22KB - Virtual size: 45KB

.ufehs Size: 5KB - Virtual size: 10KB

.vqpu Size: 1024B - Virtual size: 1KB

.nqdm Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.uji
Size: 22KB - Virtual size: 45KB

.ufehs
Size: 5KB - Virtual size: 10KB

.vqpu
Size: 1024B - Virtual size: 1KB

.nqdm
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB