548659567abdbd0a9b05e6ed8be00d1d

Sharing

Copy URL Twitter E-mail

General

Target

548659567abdbd0a9b05e6ed8be00d1d
Size

419KB
MD5

548659567abdbd0a9b05e6ed8be00d1d
SHA1

81b60f58e6b4879e03226a468a493fa7a7cef86a
SHA256

bd79a9a0256bef7ec06ecf9111b97767590367a8feaba3cb04057a1e4932d8b6
SHA512

4e2ee44486e386420edd61b2874fb83252f1a68a80442cd6e280c944c5bde0bcc5cdfd622f6d0bdcf919393db2fc36ce5daa079ad4668502fec75a889fe50294
SSDEEP

12288:cvBtneuwmgfJVml/E7HbhyG0KrRAaRwohbELP0AQRv6RW1TuwC+4Ebyq:6rgPmlFGfNwycNQYRfU4Ap

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
548659567abdbd0a9b05e6ed8be00d1d

Files

548659567abdbd0a9b05e6ed8be00d1d
.exe windows:4 windows x86 arch:x86

dd638e775c330f9588ff9042559b315b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSettings
ExtractAssociatedIconA
SHFileOperation
SheSetCurDrive
ShellExecuteExW

comdlg32

GetFileTitleA
ChooseFontW
PrintDlgW

kernel32

WaitForMultipleObjectsEx
InterlockedExchange
GetUserDefaultLCID
VirtualQuery
GetEnvironmentStringsW
GetEnvironmentStrings
GetOEMCP
GetLocalTime
GetCurrentThread
GetCurrentProcess
GetModuleFileNameA
EnumSystemLocalesA
HeapReAlloc
WideCharToMultiByte
GetCPInfo
VirtualProtectEx
UnhandledExceptionFilter
SetLastError
SuspendThread
GetDateFormatA
HeapCreate
VirtualProtect
LCMapStringW
GetAtomNameA
CreateNamedPipeW
DeleteCriticalSection
RtlUnwind
TlsAlloc
TlsSetValue
GetThreadLocale
GlobalFindAtomW
GetSystemInfo
GetProcessAffinityMask
IsValidCodePage
lstrlen
GetCommandLineA
HeapAlloc
IsBadWritePtr
ExitProcess
LeaveCriticalSection
lstrlenW
GetSystemDirectoryA
GetTimeFormatA
GetFullPathNameW
GetStringTypeA
GetLocaleInfoA
GetCompressedFileSizeW
GetModuleFileNameW
VirtualAlloc
LCMapStringA
GlobalAddAtomW
GetEnvironmentStringsA
VirtualFree
GetLastError
GetCurrentThreadId
GetACP
TlsFree
LoadLibraryA
GetStringTypeW
CompareStringA
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetVersionExA
SetHandleCount
TlsGetValue
HeapSize
ExitThread
GlobalHandle
SetEnvironmentVariableA
FreeEnvironmentStringsA
CompareStringW
FreeEnvironmentStringsW
HeapDestroy
GetModuleHandleA
MultiByteToWideChar
CreateSemaphoreW
GetTimeZoneInformation
LocalCompact
HeapFree
GetProcAddress
IsValidLocale
InitializeCriticalSection
EnterCriticalSection
GetStdHandle
GetFileType
WriteFile
GetLocaleInfoW
GetTickCount
GetProcessHeaps
GetStartupInfoA
GetCommandLineW

Sections

.text
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 278KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd638e775c330f9588ff9042559b315b

Headers

File Characteristics

Imports

shell32

comdlg32

kernel32

Sections

.text Size: 129KB - Virtual size: 128KB

.rdata Size: 7KB - Virtual size: 29KB

.data Size: 278KB - Virtual size: 277KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 129KB - Virtual size: 128KB

.rdata
Size: 7KB - Virtual size: 29KB

.data
Size: 278KB - Virtual size: 277KB

.rsrc
Size: 3KB - Virtual size: 3KB