5757a793cbc20149ce23a54bd3c42dcd

Sharing

Copy URL Twitter E-mail

General

Target

5757a793cbc20149ce23a54bd3c42dcd
Size

465KB
MD5

5757a793cbc20149ce23a54bd3c42dcd
SHA1

7a9a4d2d2aee4b82f3174d4b41060e3682ac5aa6
SHA256

8e32054aa8240b1dd69ade51847f849a481f8645d84bac1f6845b6f44f6b0dd9
SHA512

a48bd844d613247f8088f3355de482e1a7a508e175f04c7327bd26ff31de3dce86ea97efcc269f6364f8483b5a2acec43c01193464eca32d7c3f57d18cbd0832
SSDEEP

12288:U9K3rH2fvdo3O4Ol6BXSPchgzEuzaQwDNDCCeAal7:U9K7H2fvK3O4Ol6BXGchYwDECeP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5757a793cbc20149ce23a54bd3c42dcd

Files

5757a793cbc20149ce23a54bd3c42dcd
.exe windows:4 windows x86 arch:x86

b77ec2c6001bed856ed3676281d30464

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassA
LoadIconW
MessageBoxA
EndDeferWindowPos
CopyAcceleratorTableW
RegisterClassExA
LockWindowUpdate
DdeCreateDataHandle
GetKeyboardLayoutList
GetClassWord
DefMDIChildProcA
EnumDisplaySettingsExW

comctl32

InitCommonControlsEx

kernel32

SetFilePointer
IsValidCodePage
TlsFree
WriteFile
GetTickCount
GetLocalTime
SetStdHandle
RtlMoveMemory
RtlUnwind
InterlockedIncrement
VirtualQuery
QueryPerformanceCounter
GetCurrentThread
GetLastError
CreateMutexA
InterlockedExchange
GetStringTypeA
CompareStringA
LCMapStringW
SetVolumeLabelA
TerminateProcess
LCMapStringA
MultiByteToWideChar
GetStartupInfoA
FlushFileBuffers
TlsSetValue
UnhandledExceptionFilter
CloseHandle
GetFileType
lstrcat
SetEnvironmentVariableA
CompareStringW
EnumResourceNamesW
GetProcAddress
TlsGetValue
HeapReAlloc
GetStdHandle
FindFirstFileExA
OpenMutexA
GetComputerNameA
SetLastError
WideCharToMultiByte
SetHandleCount
GetCurrentThreadId
GetPrivateProfileSectionW
GetStartupInfoW
GetPrivateProfileStringA
VirtualFree
WaitNamedPipeA
IsBadWritePtr
ReadConsoleOutputA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetModuleFileNameA
InitializeCriticalSection
CreateMutexW
HeapFree
ReadFile
ExitProcess
TlsAlloc
GetModuleHandleA
GetPriorityClass
GetTimeZoneInformation
FindNextChangeNotification
GetCurrentProcess
WriteConsoleOutputAttribute
HeapAlloc
GetVersion
GetStringTypeW
InterlockedDecrement
GlobalGetAtomNameA
GetSystemTime
EnumResourceTypesA
LoadLibraryA
DeleteCriticalSection
GetEnvironmentStringsW
GetCommandLineA
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCommandLineW
GetCPInfo
GetCurrentProcessId
GetModuleFileNameW
HeapCreate
VirtualAlloc
FreeEnvironmentStringsA
CreateEventA
HeapDestroy
EnterCriticalSection

gdi32

SetBoundsRect
EndPath
GetCharABCWidthsW
GdiGetBatchLimit
SetMetaRgn
SetFontEnumeration
GetTextExtentExPointA
AnimatePalette
GetKerningPairsW
DPtoLP
CreatePalette
GetDIBits

Sections

.text
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b77ec2c6001bed856ed3676281d30464

Headers

File Characteristics

Imports

user32

comctl32

kernel32

gdi32

Sections

.text Size: 138KB - Virtual size: 137KB

.rdata Size: 4KB - Virtual size: 19KB

.data Size: 312KB - Virtual size: 312KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 138KB - Virtual size: 137KB

.rdata
Size: 4KB - Virtual size: 19KB

.data
Size: 312KB - Virtual size: 312KB

.rsrc
Size: 9KB - Virtual size: 8KB