53d93263154c1760d052bec0c48ee164

Sharing

Copy URL Twitter E-mail

General

Target

53d93263154c1760d052bec0c48ee164
Size

433KB
MD5

53d93263154c1760d052bec0c48ee164
SHA1

3a948fa970645c39ce1279dce2e807b059c8930c
SHA256

6c908eabbd938a1f92c9fa2ff27a68a0172682791bacf4e4f23dd78646bd5d2c
SHA512

065c92b7a9a8627d2201507a5cdd049cfb51302688d878b6015cfa249a4b26ad5bb8a824b647ec41f96b934e8ebf61f41fd468862778267c37be61319f76e2cc
SSDEEP

12288:XtMC00sNS/2ocNqTsAjqL8t1fKzCQdPovNVP:y0w6lfCNPov3P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53d93263154c1760d052bec0c48ee164

Files

53d93263154c1760d052bec0c48ee164
.exe windows:4 windows x86 arch:x86

905e551791e663a8391e7a5e05405f3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClipboardFormatA
InvertRect
DdeQueryNextServer
GetUpdateRgn
GetUserObjectInformationW
CreateDialogIndirectParamA
GetClassLongA
DialogBoxIndirectParamA
CascadeChildWindows
KillTimer
EnumDisplayMonitors
GetClipboardViewer
RegisterDeviceNotificationA
RegisterClassA
DrawAnimatedRects
RegisterClassExA
GetTabbedTextExtentA
DdeConnect
GetForegroundWindow
DlgDirListComboBoxA
ShowWindowAsync

advapi32

CryptDestroyKey
RegQueryValueExW
StartServiceA
RegQueryValueExA
RegSetKeySecurity
InitiateSystemShutdownA
RegEnumValueA
CryptImportKey

comctl32

InitCommonControlsEx

wininet

FtpOpenFileW
UnlockUrlCacheEntryFile
SetUrlCacheConfigInfoA
SetUrlCacheEntryInfoW

kernel32

IsValidCodePage
EnumSystemLocalesA
GetSystemInfo
GetSystemTimeAsFileTime
VirtualAlloc
ReadFile
RtlUnwind
CloseHandle
lstrcmpW
MoveFileW
HeapDestroy
GetCurrentProcess
GetCPInfo
GetEnvironmentStrings
VirtualFree
MultiByteToWideChar
HeapCreate
GetStartupInfoA
ReadConsoleA
InterlockedIncrement
MapViewOfFileEx
GetStartupInfoW
GetConsoleCursorInfo
GetDateFormatA
GetTickCount
GetTimeZoneInformation
TlsSetValue
InitializeCriticalSection
EnterCriticalSection
TerminateProcess
GetOEMCP
GetLocaleInfoW
MapViewOfFile
GetProcAddress
WideCharToMultiByte
GlobalFindAtomA
GetStdHandle
GetProcessAffinityMask
CompareStringW
InterlockedExchange
GetVersionExA
SetEnvironmentVariableA
GetACP
CreateMutexA
HeapAlloc
TlsAlloc
GetCurrentThread
LeaveCriticalSection
GetEnvironmentStringsW
GetUserDefaultLCID
GetTimeFormatA
CompareStringA
GetCommandLineA
SetLastError
HeapSize
GlobalFix
SetFilePointer
GetModuleHandleA
LCMapStringA
WriteFile
IsValidLocale
IsBadWritePtr
FlushFileBuffers
GlobalDeleteAtom
LocalHandle
HeapFree
VirtualQuery
GetModuleFileNameW
TlsGetValue
DeleteCriticalSection
OpenMutexA
LCMapStringW
TlsFree
EnumResourceNamesW
EnumDateFormatsExW
GetCurrentThreadId
FreeEnvironmentStringsA
QueryPerformanceCounter
GetLocaleInfoA
GetModuleFileNameA
FindAtomW
GetCurrentProcessId
VirtualProtect
LoadLibraryA
GetCommandLineW
SetHandleCount
SetStdHandle
GetStringTypeW
FreeEnvironmentStringsW
GetLastError
SetConsoleCursorInfo
ExitProcess
HeapReAlloc
lstrcmpi
FindResourceExW
UnhandledExceptionFilter
SetConsoleMode
GetFileType
GetStringTypeA

Sections

.text
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

905e551791e663a8391e7a5e05405f3a

Headers

File Characteristics

Imports

user32

advapi32

comctl32

wininet

kernel32

Sections

.text Size: 210KB - Virtual size: 210KB

.rdata Size: 8KB - Virtual size: 32KB

.data Size: 208KB - Virtual size: 208KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 210KB - Virtual size: 210KB

.rdata
Size: 8KB - Virtual size: 32KB

.data
Size: 208KB - Virtual size: 208KB

.rsrc
Size: 5KB - Virtual size: 4KB