5978cc95b3a6a2a2921fb0d207072496

Sharing

Copy URL Twitter E-mail

General

Target

5978cc95b3a6a2a2921fb0d207072496
Size

556KB
MD5

5978cc95b3a6a2a2921fb0d207072496
SHA1

c4e4163ee938693269782dffa86d994485c489f6
SHA256

7a6667ec1e0a4cd6b983eac6cf6ff83acc32047856e6b8b5d0b5308bd0d1b58a
SHA512

cc409422b113a6f840e4c07cca95fbda4117e8a8b01a9cdeadf392be7a7a8ea0c39f31660b8382f723627c9f326f93e4975ff2ddff75d9aa0e3407af6771da36
SSDEEP

12288:K498ofo/cCiu4c/pXDYvPabldiJUeOdhJ9wHpo:dOoccVu4cXmyeOdhJ9wJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5978cc95b3a6a2a2921fb0d207072496

Files

5978cc95b3a6a2a2921fb0d207072496
.exe windows:4 windows x86 arch:x86

9c07f40a0137f0deb7e0904008d6d745

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragLeave
ImageList_Draw
InitCommonControlsEx

comdlg32

ChooseColorW
ReplaceTextA
GetSaveFileNameW
FindTextW

kernel32

GetEnvironmentStringsW
RtlUnwind
FreeLibraryAndExitThread
TlsAlloc
GetCPInfo
TlsFree
TlsGetValue
CompareStringA
FlushInstructionCache
LCMapStringW
VirtualFree
LocalSize
HeapCreate
GetCommandLineA
InterlockedDecrement
LeaveCriticalSection
InitializeCriticalSection
CloseHandle
MultiByteToWideChar
TryEnterCriticalSection
FreeEnvironmentStringsA
SetHandleCount
GetVersion
LCMapStringA
TerminateProcess
CopyFileA
lstrcmpiA
SetCriticalSectionSpinCount
InterlockedExchange
GetLastError
WideCharToMultiByte
GetNamedPipeHandleStateW
DeleteCriticalSection
GetLocalTime
UnhandledExceptionFilter
EnterCriticalSection
SetConsoleMode
VirtualAlloc
SetLastError
OpenMutexA
GetProcAddress
LoadLibraryA
HeapReAlloc
GlobalAlloc
GetStdHandle
InterlockedIncrement
GetFileType
HeapAlloc
ExitProcess
SetFilePointer
SetEnvironmentVariableA
GetModuleHandleA
GetOEMCP
lstrcpyA
HeapDestroy
GetCurrentProcessId
EnumResourceTypesA
GetTickCount
GlobalFindAtomW
IsBadWritePtr
GetCurrentProcess
GetStringTypeW
WaitForSingleObjectEx
ReadFile
GetStringTypeA
GetCurrentThread
FlushFileBuffers
GetTimeZoneInformation
VirtualQuery
GetComputerNameW
GetModuleFileNameA
GetACP
EnumResourceNamesA
SetStdHandle
QueryPerformanceCounter
GetLocaleInfoW
FreeEnvironmentStringsW
HeapFree
WriteFile
WriteProfileSectionW
TlsSetValue
GetSystemTimeAsFileTime
GetStartupInfoA
WaitForMultipleObjectsEx
CompareStringW
CreateMutexA
GetEnvironmentStrings
IsValidCodePage
GetSystemTime
GetDriveTypeA
GlobalReAlloc
GetCurrentThreadId
CreateFileMappingA
GetLogicalDriveStringsA

user32

DlgDirListComboBoxA
SetCursor
GetClipboardFormatNameA
BroadcastSystemMessageA
AnyPopup
DialogBoxParamA
GetClipboardOwner
WINNLSEnableIME
LockWindowUpdate
IsDialogMessageW
MessageBoxA
LoadIconA
GetDialogBaseUnits
PostThreadMessageA
RegisterClassExA
ToUnicodeEx
GetWindow
LoadCursorW
LoadCursorFromFileW
SetFocus
IsCharUpperW
ModifyMenuA
GetCursorInfo
EnumPropsA
GetTitleBarInfo
RegisterClassA
OemKeyScan
MsgWaitForMultipleObjects
GetLastActivePopup
SetWindowWord
DefWindowProcA
ClientToScreen
RegisterHotKey
CallMsgFilterA
CreateCaret
RealGetWindowClass
DispatchMessageA
SetDebugErrorLevel
CheckDlgButton
LoadBitmapW
ModifyMenuW
DdeUninitialize
MessageBoxExA
MonitorFromRect
BeginDeferWindowPos
DdeCreateDataHandle
CreateIconFromResource
EnumPropsExA
GetUserObjectInformationA
UnregisterClassA
FlashWindow
IsCharAlphaA
GetWindowInfo
SwitchToThisWindow
InvalidateRgn
DdeGetLastError
DefWindowProcW
TileChildWindows
DdeNameService
LoadImageA
GetDlgItemTextA
SetSysColors
PeekMessageW
FrameRect

advapi32

AbortSystemShutdownA
RegSetValueA
RegQueryMultipleValuesW
DuplicateToken
LogonUserA
RegLoadKeyW
RegQueryInfoKeyW
LookupPrivilegeValueA
RegDeleteKeyA

shell32

SHEmptyRecycleBinA
SheGetDirA
ExtractAssociatedIconA
ShellExecuteExA
ShellAboutA

Sections

.text
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c07f40a0137f0deb7e0904008d6d745

Headers

File Characteristics

Imports

comctl32

comdlg32

kernel32

user32

advapi32

shell32

Sections

.text Size: 144KB - Virtual size: 140KB

.rdata Size: 264KB - Virtual size: 261KB

.data Size: 108KB - Virtual size: 136KB

.rsrc Size: 36KB - Virtual size: 32KB

.text
Size: 144KB - Virtual size: 140KB

.rdata
Size: 264KB - Virtual size: 261KB

.data
Size: 108KB - Virtual size: 136KB

.rsrc
Size: 36KB - Virtual size: 32KB