5997e52e478f1c28edda94b196f03e55

Sharing

Copy URL Twitter E-mail

General

Target

5997e52e478f1c28edda94b196f03e55
Size

206KB
MD5

5997e52e478f1c28edda94b196f03e55
SHA1

7cc3d2b53f13da8d4b39d20b4eab5a0094ce207d
SHA256

5ef35ce4f9431752668ff3ec151f92db63543133d189aca86a11ade84fe0a6af
SHA512

f0da92f3c8124780b121dbcaff9d8d0ca251fe5afc8839c30ca36cd31502e7e10ae497a4e689cbf5e89db0a0613866148f2f46f478272d78ca725eb20a58ca18
SSDEEP

6144:zHYuuQXSAlj5gRbzbgVfRTf2tTrXbMaEou:z4sCA95gS2BG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5997e52e478f1c28edda94b196f03e55

Files

5997e52e478f1c28edda94b196f03e55
.exe windows:4 windows x86 arch:x86

ad3d0135b4afa99e20ce19249ec7c697

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetAtomNameA
GetFileType
WriteFile
lstrcmpi
EndUpdateResourceW
SystemTimeToFileTime
GetNamedPipeInfo
GetACP
GetEnvironmentStringsA
CreateFileA
GetModuleHandleA
CompareStringW
GetVersionExA
GetStartupInfoW
SetComputerNameW
GetLocalTime
GetExpandedNameA
GetEnvironmentStringsW
FlushFileBuffers
LoadResource
RemoveDirectoryW
GetLogicalDrives
GetVolumeInformationW
lstrcpyA
OpenMutexW
GetProcAddress

user32

keybd_event
GetCapture
DefWindowProcA
WinHelpA
GetTopWindow
FrameRect
MonitorFromWindow
LoadCursorW
GetSubMenu
DefDlgProcW
GetDC
MessageBoxIndirectA
GetMenu
CreateMenu
SetParent

gdi32

RemoveFontResourceW
GetBitmapBits
GetNearestPaletteIndex
CreateScalableFontResourceW
AbortPath
ArcTo
ExtFloodFill
DeleteEnhMetaFile
GetRandomRgn
CreateFontIndirectW

advapi32

RegFlushKey
RegOpenKeyExW
RegCreateKeyExW

winmm

midiInGetNumDevs
mmioRenameW
midiOutPrepareHeader
midiInStop
midiInPrepareHeader

wsock32

AcceptEx
sendto
getsockopt
GetServiceW
EnumProtocolsW

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MFzL
Size: 1KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YX
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tuD
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MgkBf
Size: 2KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TSOMkb
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rkXu
Size: 1KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Y
Size: 2KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad3d0135b4afa99e20ce19249ec7c697

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

winmm

wsock32

Sections

.text Size: 12KB - Virtual size: 12KB

.MFzL Size: 1KB - Virtual size: 46KB

.YX Size: 2KB - Virtual size: 5KB

.tuD Size: 2KB - Virtual size: 20KB

.MgkBf Size: 2KB - Virtual size: 35KB

.TSOMkb Size: 2KB - Virtual size: 4KB

.data Size: 10KB - Virtual size: 9KB

.rkXu Size: 1KB - Virtual size: 21KB

.Y Size: 2KB - Virtual size: 225KB

.rsrc Size: 168KB - Virtual size: 168KB

.reloc Size: 1024B - Virtual size: 952B

.text
Size: 12KB - Virtual size: 12KB

.MFzL
Size: 1KB - Virtual size: 46KB

.YX
Size: 2KB - Virtual size: 5KB

.tuD
Size: 2KB - Virtual size: 20KB

.MgkBf
Size: 2KB - Virtual size: 35KB

.TSOMkb
Size: 2KB - Virtual size: 4KB

.data
Size: 10KB - Virtual size: 9KB

.rkXu
Size: 1KB - Virtual size: 21KB

.Y
Size: 2KB - Virtual size: 225KB

.rsrc
Size: 168KB - Virtual size: 168KB

.reloc
Size: 1024B - Virtual size: 952B