54729ac04413500325daa92255c34c52

Sharing

Copy URL Twitter E-mail

General

Target

54729ac04413500325daa92255c34c52
Size

103KB
MD5

54729ac04413500325daa92255c34c52
SHA1

cb4b9b614a50f65d231faf5218d86dfe54d3967f
SHA256

fc1480209db83eb37b01de553521953e0601f72488d4170655e00c7d8394fade
SHA512

970e80380e80c3caad3b3465db7b91ec7fecf62e01bb6939e4a21bdfc6f1be0d45bb5bba21da7c0b5ba853ee604ef437c28ec96fa4ab7ae93b35da58337fec70
SSDEEP

3072:IvDuF7E2iONojfswRNEC7kupLNsVC8+y0:qDuF2EwRNEC7hRWo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54729ac04413500325daa92255c34c52

Files

54729ac04413500325daa92255c34c52
.exe windows:5 windows x86 arch:x86

7d5e6c07856a8581dd51634a6a64c5a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
_except_handler3
__set_app_type
__p__fmode
sqrt
_initterm
memset
_dup2
_exit
__p__commode
_osver
_mbscmp
_flsbuf
_XcptFilter
swprintf
_snwprintf
__setusermatherr
exit
_acmdln
__getmainargs
_filelengthi64

kernel32

GetModuleHandleA
WideCharToMultiByte
IsValidCodePage
IsDebuggerPresent
GetEnvironmentVariableA
GetTempFileNameA
MulDiv
ExpandEnvironmentStringsA
VirtualProtect
WritePrivateProfileStringA
Sleep
SetCurrentDirectoryA
UnhandledExceptionFilter
GetStartupInfoA
GetShortPathNameA
GetCommandLineA
GetFileTime
lstrcmpiA
GetACP
GetModuleFileNameW
FreeEnvironmentStringsW
GetLastError
CopyFileA

user32

GetMenuState
DialogBoxParamA
GetDlgItem
CreateWindowExA
GetWindowTextA
PtInRect
GetForegroundWindow
SetClipboardData
GetTopWindow
DrawEdge
PostMessageA
GetScrollPos
SendDlgItemMessageA
FillRect
LoadStringA
GetSysColorBrush
GetIconInfo
IsWindowEnabled

advapi32

OpenServiceA
ControlService
RegSetValueExW
QueryServiceStatus
RegOpenKeyA
RegEnumValueA
RegEnumKeyA
RegEnumKeyExW
CryptAcquireContextA
InitiateSystemShutdownA
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
LookupPrivilegeValueW
IsValidSid
SetSecurityDescriptorDacl
CryptGenRandom

oleaut32

SafeArrayPutElement
CreateErrorInfo
VariantClear
SafeArrayRedim
SafeArrayGetElement
VariantCopy
GetActiveObject
SysStringLen
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayCreate
SysStringByteLen
SetErrorInfo
VariantInit
GetErrorInfo
SysReAllocStringLen
LoadTypeLib
SafeArrayUnaccessData

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d5e6c07856a8581dd51634a6a64c5a3

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

oleaut32

Sections

.text Size: 57KB - Virtual size: 57KB

.data Size: 17KB - Virtual size: 16KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 57KB - Virtual size: 57KB

.data
Size: 17KB - Virtual size: 16KB

.rsrc
Size: 28KB - Virtual size: 27KB