5593c2451285eea406460e478450b782

Sharing

Copy URL Twitter E-mail

General

Target

5593c2451285eea406460e478450b782
Size

39KB
MD5

5593c2451285eea406460e478450b782
SHA1

38f00300e0ea0558956c5b52097045f3e0deb823
SHA256

3fcb37c606761aca890fc59e360ce5af2daa57308918211ddb8e8de75416c099
SHA512

9eaf605dd05540f9643c705b168854301b07c4acaa65e75184bd89216301f2519e18398009ff35ec8a4eb1bd02ef51d064fd92c5a31504828e21f359d29a7573
SSDEEP

768:9yGs3Ig/J/KGmOFiFa8yTmuxP2sXxctmj9UPdUktZFuxSJF9wKQRzaHQckiIRSC9:0z19EWqa8SzesXxCmj9u3tHuxS9wnRz1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5593c2451285eea406460e478450b782

Files

5593c2451285eea406460e478450b782
.exe windows:5 windows x86 arch:x86

d808d8e664e0ff7aaab9bf158d352b52

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAGetLastError

kernel32

GetVersion
GlobalFree
GetModuleHandleA
GetEnvironmentVariableW
SizeofResource
VirtualAlloc
GlobalAddAtomW
GetCurrentThreadId
GlobalAlloc
FindResourceW
LoadResource
GetProcAddress
LeaveCriticalSection
lstrcmpiW
GlobalDeleteAtom
lstrcmpW
GetWindowsDirectoryW
GetProfileStringW
lstrlenW
InitializeCriticalSection
GetSystemDirectoryW
GetModuleFileNameW

adsldpc

ADsFreeColumn

user32

MapWindowPoints
EndPaint
GetFocus
CharPrevW
CharNextW
GetWindowDC
DefDlgProcW
DrawFocusRect
InvalidateRect
ReleaseDC
IntersectRect
GetWindowRect
GetClientRect
GetParent
RemovePropW
UnhookWindowsHookEx
SetPropW
IsWindowUnicode
DrawTextW
SetWindowLongA
CallWindowProcW
ClientToScreen
HideCaret
ScreenToClient
CallNextHookEx
InflateRect
SendMessageW
ShowCaret
ExcludeUpdateRgn
OffsetRect
GetWindow
GetClassInfoW
MessageBoxA
SetWindowsHookExW
ValidateRect
DefWindowProcW
GetWindowTextW
GetWindowLongW
GetDC
GetWindowTextLengthW
SetWindowLongW
IsIconic
GetSysColor
GetSystemMetrics
GetClassNameW
BeginPaint
GetPropW
IsWindowEnabled

gdi32

SetTextColor
CreateCompatibleDC
SelectObject
GetDeviceCaps
PatBlt
GetTextExtentPointW
SetBkMode
CreateSolidBrush
ExtTextOutW
BitBlt
SetBkColor
CreateDIBitmap
DeleteObject
DeleteDC
IntersectClipRect

ntdll

NtFindAtom

Sections

.textbss
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d808d8e664e0ff7aaab9bf158d352b52

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

adsldpc

user32

gdi32

ntdll

Sections

.textbss Size: - Virtual size: 1.2MB

.text Size: 512B - Virtual size: 444B

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 1024B - Virtual size: 816B

.idata Size: 79KB - Virtual size: 78KB

.textbss
Size: - Virtual size: 1.2MB

.text
Size: 512B - Virtual size: 444B

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 1024B - Virtual size: 816B

.idata
Size: 79KB - Virtual size: 78KB