575b7ca48fc1fdbd3f0d84f5354b88c8

Sharing

Copy URL Twitter E-mail

General

Target

575b7ca48fc1fdbd3f0d84f5354b88c8
Size

189KB
MD5

575b7ca48fc1fdbd3f0d84f5354b88c8
SHA1

57144e5aad6f279a7d2bb386def23d6856f01325
SHA256

22af402474f4aedc93acc2578d1a6d6861081e617558600b921662b1efa0498f
SHA512

82c6b4fc3ba587d6e53b17f48b7f0d27769d5eb3ef550ac83735354ac8af6b3a8beb3a06c7849d0eb41f67de312c56914874810beaad3a6f592c6f6aecba2f99
SSDEEP

3072:5iEogn6hQZTQpGmlWdUfU7rueNV+3lTK4z06wIgpt/xGf6G8jv6P:5i1gn0QZ8pGmlC7qeeTQhIgpt/0vc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
575b7ca48fc1fdbd3f0d84f5354b88c8

Files

575b7ca48fc1fdbd3f0d84f5354b88c8
.exe windows:4 windows x86 arch:x86

d59d779fec7371194352821416690e35

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathAppendW

gdi32

GetBkColor
RectVisible
GetMapMode
DeleteDC
ExtTextOutW
ScaleViewportExtEx
OffsetViewportOrgEx
Escape
ScaleWindowExtEx
GetDeviceCaps
SetWindowExtEx
PtVisible
ExtSelectClipRgn
SetViewportOrgEx
GetStockObject
TextOutW
GetTextColor
SelectObject
GetRgnBox

user32

GetPropW
CreateWindowExW
CharNextW
GetClassInfoExW
InvalidateRect
CopyAcceleratorTableW
GetNextDlgTabItem
IsRectEmpty
SendDlgItemMessageA
GetNextDlgGroupItem
SetPropW
GetClassLongW
RegisterWindowMessageW
RemovePropW
MessageBeep
WinHelpW
CharUpperW
SetRect
InvalidateRgn
DestroyMenu

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoTaskMemAlloc
CoRegisterMessageFilter
OleFlushClipboard
StgCreateDocfileOnILockBytes
CoRevokeClassObject
CoRetireServer
StgOpenStorageOnILockBytes
CoFreeUnusedLibraries
CoInitialize
CLSIDFromProgID
OleUninitialize
OleIsCurrentClipboard
CoGetClassObject
CreateILockBytesOnHGlobal
CoUninitialize
CoCreateInstance
OleInitialize
CoTaskMemFree
CLSIDFromString

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

kernel32

ReadFile
WideCharToMultiByte
FindFirstFileW
FindClose
GetCalendarInfoW
GetCurrentProcessId
LocalFileTimeToFileTime
CreateDirectoryW
EnumResourceLanguagesW
SetFilePointer
RemoveDirectoryW
GetCurrentDirectoryW
SetFileTime
MoveFileW
WriteFile
lstrcpyW
GetModuleFileNameW
EnumResourceNamesA
SystemTimeToFileTime
CreateFileW
GetVersion
DeleteFileW
ExitProcess
GetSystemDefaultLangID
MultiByteToWideChar
GetLocaleInfoW
FindNextFileW
LoadLibraryW
InterlockedDecrement
GetFileAttributesW
ConvertDefaultLocale
GetProcAddress

advapi32

RegQueryValueW
RegOpenKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
RegEnumKeyW
RegDeleteKeyW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d59d779fec7371194352821416690e35

Headers

File Characteristics

Imports

shlwapi

gdi32

user32

oleacc

ole32

shell32

kernel32

advapi32

Sections

.text Size: 106KB - Virtual size: 106KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 77KB - Virtual size: 77KB

.edata Size: 1024B - Virtual size: 68KB

.text
Size: 106KB - Virtual size: 106KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 77KB - Virtual size: 77KB

.edata
Size: 1024B - Virtual size: 68KB