5623f4710d03dbcefa7c9a63ea868811

Sharing

Copy URL Twitter E-mail

General

Target

5623f4710d03dbcefa7c9a63ea868811
Size

721KB
MD5

5623f4710d03dbcefa7c9a63ea868811
SHA1

2764be8ab09b89905c50baa583ed0629f9e1cd25
SHA256

6e08352b4f200602b34429cdebff5f3cf32ce8c075ae5d40707f301571c7ec43
SHA512

60f888b15433868af691d4786d2ccc66de075175d05608d77f41acc91684b88053870df9eebcde636d543f276b89cc7661e41b63ca1df407b5fb089fd576e714
SSDEEP

12288:cBbmZ57G8cdJdCdfwpdhE+5l1+QP9pv6DkarXv752UEWYmGoYq3FeCEI55BjwOY5:cBq57Ge2pw+7mr/1pqmYkFhL/syYb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5623f4710d03dbcefa7c9a63ea868811

Files

5623f4710d03dbcefa7c9a63ea868811
.exe windows:4 windows x86 arch:x86

005fd681cea8d9f07a067d64036862c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteDC
DeleteObject
GetStockObject
SetTextColor
SetBkColor
SetBkMode

kernel32

GetCurrentThreadId
ExitProcess
HeapAlloc
GetProcessHeap
Sleep
VirtualFree
WriteFile
UnmapViewOfFile
TlsGetValue
CreateProcessA
SizeofResource
GetModuleHandleW
GlobalLock
GetACP
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
HeapSize
WideCharToMultiByte
LockResource
GetEnvironmentStrings
GlobalAlloc
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GlobalFree
lstrlenA
GetSystemInfo
HeapCreate
LCMapStringW
InterlockedIncrement
CreateFileA
CreateEventA
GetTimeZoneInformation
GetProcAddress
FindFirstFileW
CreateFileMappingA
CompareStringA
CompareStringW
WaitForMultipleObjects
DeleteFileA
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
QueryPerformanceCounter
GetOEMCP
GetVersionExW
lstrcmpiA
SetHandleCount
EnterCriticalSection
LeaveCriticalSection
SetEndOfFile
GetModuleHandleA
TerminateProcess
CreateThread
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
GetModuleFileNameA
FlushFileBuffers
IsDebuggerPresent
GetModuleFileNameW
InitializeCriticalSection
SetLastError
InterlockedDecrement
LoadResource
GetEnvironmentVariableA
LocalFree
FreeLibrary
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
InterlockedExchange
GetStringTypeA
LoadLibraryW
GetCPInfo
SetErrorMode
lstrcatA
LocalAlloc
GetLocaleInfoA
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
HeapFree
HeapDestroy
SetEvent
GetFileAttributesA
GetConsoleOutputCP
GetStdHandle
GetLastError
GetTickCount
GetCommandLineA
GetCurrentProcessId
GetCurrentThread
GetVersion
VirtualQuery

user32

SetWindowLongA
GetWindowRect
GetSystemMetrics
DefWindowProcA
BeginPaint
MapWindowPoints
FillRect
CreateWindowExA
GetWindowLongA
RegisterClassA
IsWindowEnabled
EnableWindow
ShowWindow
UpdateWindow
GetClientRect
IsWindow
PostQuitMessage
TrackPopupMenu
GetCursorPos
SetDlgItemTextA
GetSysColor
InvalidateRect
SendMessageA
GetDlgItem

advapi32

RegCloseKey
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
GetTokenInformation
OpenProcessToken

Sections

.text
Size: 670KB - Virtual size: 996KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

005fd681cea8d9f07a067d64036862c3

Headers

File Characteristics

Imports

gdi32

kernel32

user32

advapi32

Sections

.text Size: 670KB - Virtual size: 996KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 26KB - Virtual size: 25KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 670KB - Virtual size: 996KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 26KB - Virtual size: 25KB

.rsrc
Size: 18KB - Virtual size: 18KB