5544bc6aeb38585ccb030fe1d0f010ab

Sharing

Copy URL

Twitter E-mail

General

Target

5544bc6aeb38585ccb030fe1d0f010ab
Size

414KB
MD5

5544bc6aeb38585ccb030fe1d0f010ab
SHA1

69ef60962b8dfeb86a97b8772e7e7e00f4503a91
SHA256

be2cd478b320b6a57d1bb8cb5b38b25de9d2db5f24b5751f0dd83856f82a5afc
SHA512

177a66971a2e34d011c4d1fdcfcd6bbe3e8dafd6fd14ba4f04a2ee1ad50eb9863c7c2895903316c9e60929151c7ebbb7a9a352bfba57b178a8c706ee5e468a93
SSDEEP

6144:Y6txRZahN42sBfvSHPPpAcavVAnFIMbgnjO3xMMG9szOSPMyU8Mo+p:pC42sBnG3atA+Msny3K3KzxU9foI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5544bc6aeb38585ccb030fe1d0f010ab

Files

5544bc6aeb38585ccb030fe1d0f010ab
.exe windows:4 windows x86 arch:x86

d58435320847895f715e8d174073e366

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
WriteFile
EnterCriticalSection
FreeEnvironmentStringsW
TlsFree
GetEnvironmentStrings
HeapAlloc
LoadLibraryA
GetOEMCP
LeaveCriticalSection
GetACP
EnumTimeFormatsA
GetCurrentThread
GetVersion
InterlockedExchange
GetTickCount
GetStringTypeA
UnhandledExceptionFilter
VirtualFree
GetCPInfo
LCMapStringW
IsBadWritePtr
WideCharToMultiByte
LCMapStringA
CreateFileA
GetCurrentThreadId
SetLastError
TlsSetValue
GetProcAddress
GetFileType
TlsGetValue
HeapFree
FreeEnvironmentStringsA
InitializeCriticalSection
SuspendThread
HeapDestroy
VirtualQuery
GetStartupInfoA
SetHandleCount
GetSystemTimeAsFileTime
GetStringTypeW
GetCurrentProcessId
GetLastError
TlsAlloc
HeapReAlloc
RtlUnwind
ExitProcess
GetEnvironmentStringsW
GetCommandLineA
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
HeapCreate
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameA
DeleteCriticalSection

comdlg32

PrintDlgW
GetFileTitleW
GetOpenFileNameA
ReplaceTextW
ChooseFontW
GetFileTitleA
GetSaveFileNameA
PageSetupDlgW
PrintDlgA

gdi32

SetRectRgn
UpdateICMRegKeyW
OffsetWindowOrgEx
GetGraphicsMode
LPtoDP
GetViewportOrgEx
SetColorAdjustment
CreateFontA
RemoveFontResourceA
SelectObject
SetFontEnumeration
DPtoLP
CreatePatternBrush
ModifyWorldTransform
Polyline
EnumFontsW
CreatePolyPolygonRgn
GetObjectW
CopyMetaFileW
GetTextExtentPoint32W
TranslateCharsetInfo
PolylineTo
DrawEscape
SetLayout
SetTextColor

advapi32

ReportEventW
RegQueryInfoKeyA
CryptDecrypt
RegCreateKeyExA
LookupAccountNameA
CryptGetDefaultProviderA

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 271KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d58435320847895f715e8d174073e366

Headers

File Characteristics

Imports

kernel32

comdlg32

gdi32

advapi32

Sections

.text Size: 136KB - Virtual size: 136KB

.data Size: 271KB - Virtual size: 270KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 136KB - Virtual size: 136KB

.data
Size: 271KB - Virtual size: 270KB

.rsrc
Size: 6KB - Virtual size: 5KB