575c82abc1e6bf27cf67e7d26176b3ec

Sharing

Copy URL Twitter E-mail

General

Target

575c82abc1e6bf27cf67e7d26176b3ec
Size

539KB
MD5

575c82abc1e6bf27cf67e7d26176b3ec
SHA1

1d547323d73d1cf59dc2709d7d16ccdd66f6b29a
SHA256

756b8c8aa0c4dd137d7fee05e5653b604ff85bb17fcf01557839365c1c47971d
SHA512

071f4e0af7dffc94068a346e75b3a8d7418c75ef56f914f0e911a09daf297334b21fb36cafd271473a89280f72df872077e41c9741d5076027140142da5201c5
SSDEEP

12288:1UryDU3fObGQIvRwnWEda5mljckschXpcn49ZuW8JW:GakQj8wljcWhXeguW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
575c82abc1e6bf27cf67e7d26176b3ec

Files

575c82abc1e6bf27cf67e7d26176b3ec
.exe windows:4 windows x86 arch:x86

ef9a9c5558936c13e9457a59b4b5ad8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CommConfigDialogW
SetEnvironmentVariableA
MultiByteToWideChar
HeapCreate
VirtualUnlock
GetLocaleInfoA
TlsAlloc
VirtualQuery
GetFileTime
CompareStringA
EnumDateFormatsW
GetComputerNameW
GetFileType
LCMapStringW
LoadLibraryExA
GetModuleFileNameW
IsValidLocale
GetEnvironmentStringsW
SetThreadLocale
EnumSystemLocalesA
GetStartupInfoA
OpenMutexA
TlsGetValue
VirtualFree
GetACP
GetVersionExA
GetStringTypeA
GetTimeZoneInformation
HeapAlloc
SetFilePointer
GetCalendarInfoA
VirtualProtect
WriteFile
QueryPerformanceCounter
GetLastError
RtlMoveMemory
CloseHandle
LeaveCriticalSection
TlsFree
FreeEnvironmentStringsA
GetModuleFileNameA
GetDateFormatA
GetTimeFormatA
TlsSetValue
WriteConsoleOutputAttribute
FreeEnvironmentStringsW
EnterCriticalSection
HeapFree
GetCurrentProcess
GetStdHandle
GetStartupInfoW
DeleteCriticalSection
TerminateProcess
GetCPInfo
GetModuleHandleA
GetTickCount
GetCurrentThread
CompareStringW
LCMapStringA
CopyFileExA
InitializeCriticalSection
WideCharToMultiByte
CreateMutexA
HeapReAlloc
FileTimeToDosDateTime
GetCurrentProcessId
HeapSize
InterlockedExchange
ReleaseSemaphore
IsValidCodePage
GetCommandLineA
IsBadWritePtr
GetProcAddress
FlushFileBuffers
GetCommandLineW
SetLastError
GetStringTypeW
ReadFile
SetStdHandle
ResumeThread
GetOEMCP
GlobalDeleteAtom
GetSystemInfo
CreateFileA
RtlUnwind
GetUserDefaultLCID
ExitProcess
HeapDestroy
GetEnvironmentStrings
GetCurrentThreadId
GetLocaleInfoW
SetHandleCount
VirtualAlloc
LoadLibraryA
lstrcmp
GetSystemTimeAsFileTime
AddAtomW
GetCurrencyFormatW
UnhandledExceptionFilter
GetSystemDefaultLCID

user32

PaintDesktop
CreateMDIWindowW
DestroyCaret
IsDialogMessageW
BroadcastSystemMessageA
UpdateWindow
RemoveMenu
InSendMessage
CharToOemW
RegisterClassA
MapWindowPoints
GetKBCodePage
EndDeferWindowPos
DlgDirSelectComboBoxExA
GetWindowTextA
BeginDeferWindowPos
LoadKeyboardLayoutA
LoadCursorA
SetWindowsHookA
GetThreadDesktop
DdeInitializeW
LoadBitmapW
IntersectRect
RegisterClassExA
PostMessageW
EnableWindow
GetMessageA

shell32

SHGetFileInfoW

comctl32

InitCommonControlsEx

Sections

.text
Size: 379KB - Virtual size: 378KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef9a9c5558936c13e9457a59b4b5ad8a

Headers

File Characteristics

Imports

kernel32

user32

shell32

comctl32

Sections

.text Size: 379KB - Virtual size: 378KB

.rdata Size: 41KB - Virtual size: 50KB

.data Size: 107KB - Virtual size: 107KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 379KB - Virtual size: 378KB

.rdata
Size: 41KB - Virtual size: 50KB

.data
Size: 107KB - Virtual size: 107KB

.rsrc
Size: 11KB - Virtual size: 10KB