5492e7a3cf13fd0f3d37451c1b57b8f6

Sharing

Copy URL Twitter E-mail

General

Target

5492e7a3cf13fd0f3d37451c1b57b8f6
Size

84KB
MD5

5492e7a3cf13fd0f3d37451c1b57b8f6
SHA1

43d9f5c108b89f6257bb9ec3623852df9c4e0192
SHA256

704338da5c0c0d262467b2bd4a6a6a71e7820282215f0b848be377cc22c4d5a9
SHA512

02f64dd8ebdcf1f66afc5a0556024c671db501b6b35ebed41bd60722c672ca8a149a8200c5ccae73d25020a53d71500a9a7ce33ceec01e4893490038ddab48b9
SSDEEP

1536:XjwlxlUDSIzckAQNCwmLF1dKSlnVS1Lm6x7YbnGX2bS4sZF:X8kStkAQQjdKmV1c7D2O5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5492e7a3cf13fd0f3d37451c1b57b8f6

Files

5492e7a3cf13fd0f3d37451c1b57b8f6
.exe windows:5 windows x86 arch:x86

3dab7154449eb7ed318080a78ee84244

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetPrivateProfileSectionA
WritePrivateProfileStructA
InterlockedExchange
EnterCriticalSection
GetFileSize
GetModuleHandleW
SetProcessWorkingSetSize
GetModuleHandleA
BeginUpdateResourceA
UnlockFileEx
GetDriveTypeA
WritePrivateProfileStringW
GetFileTime
OpenJobObjectA
RegisterWaitForSingleObjectEx
GetTempPathW
VirtualProtect
GetProcessHeap
CreateMailslotA
LoadLibraryA
GetCompressedFileSizeW
VirtualAlloc
IsValidLanguageGroup
VirtualFree
PulseEvent
ExitProcess
GetSystemTimeAsFileTime

msvcrt

sinh
_setmaxstdio
rand
?set_new_handler@@YAP6AXXZP6AXXZ@Z
??_Gbad_typeid@@UAEPAXI@Z
_CIpow
abs
_chkesp
_Gettnames
freopen
getenv
_mbctombb
memcpy
_dup2
_adj_fdivr_m16i
_wasctime
rename
_mbctoupper
__p__pwctype
_finite
is_wctype
_execvp
_yn
labs

comdlg32

PrintDlgExA
dwOKSubclass
GetSaveFileNameA
PrintDlgExW
ChooseFontW
dwLBSubclass
PrintDlgW
ReplaceTextW
GetOpenFileNameA
ChooseColorA
CommDlgExtendedError
PageSetupDlgA
FindTextA
PageSetupDlgW
GetFileTitleW
LoadAlterBitmap
Ssync_ANSI_UNICODE_Struct_For_WOW
GetFileTitleA
ChooseFontA
ReplaceTextA

winmm

waveInStop
mmioOpenW
timeKillEvent
waveInAddBuffer
mmsystemGetVersion
mmTaskYield
joy32Message

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3dab7154449eb7ed318080a78ee84244

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

comdlg32

winmm

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 19KB - Virtual size: 18KB

.rsrc Size: 39KB - Virtual size: 38KB

.reloc Size: 512B - Virtual size: 62B

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 19KB - Virtual size: 18KB

.rsrc
Size: 39KB - Virtual size: 38KB

.reloc
Size: 512B - Virtual size: 62B