5553685fd188f5a2eea8abc7d720a316

Sharing

Copy URL Twitter E-mail

General

Target

5553685fd188f5a2eea8abc7d720a316
Size

291KB
MD5

5553685fd188f5a2eea8abc7d720a316
SHA1

176e907df1199f327d9a0d5b7aba65b03cf17041
SHA256

771389aa19a5de81d4c294155f78a7759b44e0d16d6c18d3f8b692b7a8c8f912
SHA512

52423b14fe4f34eba394a42c241549bf7c1a43e137c35785d94850d2a17f53b8667113d431e223bfd4057af426b19cf665c6b2efe00ddf6ad4596ae57ddecec0
SSDEEP

6144:PVH4lmO1DZ2nstB/aC2tkuhNdob2AoYLyUJrmXJj8aBhMSbXBr2iPnK:Pd4lmO1DZ2nstBSC2tkuhNdob2AoYLyr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5553685fd188f5a2eea8abc7d720a316

Files

5553685fd188f5a2eea8abc7d720a316
.exe windows:4 windows x86 arch:x86

937f8fb2b519e9d2a91982cb8380973e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyA
DuplicateToken
LookupPrivilegeValueA
RegLoadKeyW
RegCreateKeyExW
LogonUserW
CryptDeriveKey

wininet

SetUrlCacheEntryGroup

gdi32

EnumObjects
GetEnhMetaFileBits
StartPage
GdiFlush
RestoreDC
GetWinMetaFileBits
ExtTextOutW
DeleteMetaFile
GetTextCharsetInfo
SetDIBColorTable
GetTextExtentExPointA
GetTextMetricsA

shell32

SHEmptyRecycleBinW
DragQueryFileAorW
SHGetSpecialFolderPathA
SHGetNewLinkInfo
SHGetDesktopFolder
SHGetSpecialFolderLocation
ShellExecuteExA
SHFileOperationA
SHAppBarMessage
SHGetDiskFreeSpaceA
SHBrowseForFolder
SHGetDataFromIDListA
DragAcceptFiles
ExtractAssociatedIconW
SheGetDirA
SHUpdateRecycleBinIcon
ShellHookProc
ShellExecuteExW
SHEmptyRecycleBinA
SHGetPathFromIDListA
ExtractIconExA
ExtractAssociatedIconExA

kernel32

ExitProcess
GetCurrentThreadId
HeapReAlloc
lstrcpyW
QueryPerformanceCounter
GetThreadLocale
TerminateProcess
GetModuleFileNameA
LoadLibraryA
InterlockedExchange
HeapAlloc
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
HeapFree
RtlUnwind
VirtualQuery
GetModuleHandleA
GlobalHandle
GetTickCount
VirtualAlloc
GetProcAddress
SetTimeZoneInformation
InterlockedCompareExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
lstrcmpA
SetCurrentDirectoryA
WaitForSingleObject

user32

IsRectEmpty
ChildWindowFromPoint
IsDialogMessage
DefWindowProcW
CallWindowProcW
PackDDElParam
CreateDialogParamA
FindWindowW
DlgDirSelectComboBoxExW
IsChild
GetTabbedTextExtentW
EqualRect

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

937f8fb2b519e9d2a91982cb8380973e

Headers

File Characteristics

Imports

advapi32

wininet

gdi32

shell32

kernel32

user32

Sections

.text Size: 119KB - Virtual size: 119KB

.data Size: 162KB - Virtual size: 161KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 119KB - Virtual size: 119KB

.data
Size: 162KB - Virtual size: 161KB

.rsrc
Size: 9KB - Virtual size: 8KB