57aac2f421b0827c2cba095b8f65c05b

General

Target

57aac2f421b0827c2cba095b8f65c05b
Size

314KB
MD5

57aac2f421b0827c2cba095b8f65c05b
SHA1

2637663675cf8f8afbf1fb513a46ddfbd06b5393
SHA256

e1e62381ab82070a8545f81edae102901945a152dd51da24ba628c20d0f150f7
SHA512

3ea8610242fd9749ebfb361a0b94e11073711df8fe72e04a53594b2bd1a5f8c225e0a079259287d6dc0d4169fa82838be982e28fda471ecc85acebd58c424aca
SSDEEP

6144:uG/BRusgA9ZStl4cwP8NgwZcfx7dvL99Xz84hge2I:ppRBZZSD4lP8NZcDL9Rpf2I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57aac2f421b0827c2cba095b8f65c05b

Files

57aac2f421b0827c2cba095b8f65c05b
.exe windows:4 windows x86 arch:x86

e520ce0e8daf3daafb0d7c9b4948882a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegQueryValueExA
RegSetValueA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegCloseKey
RegOpenKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegDeleteValueA
RegSetValueExA

user32

wsprintfA
TrackPopupMenuEx
GetParent
MessageBoxA
IsWindowVisible
GetWindowTextA
TranslateAcceleratorA
LoadCursorA
EndDialog
EnumWindowStationsW
SetRectEmpty
LoadStringA
RegisterClassA
FindWindowA
ClientToScreen
CharNextW
GetWindowTextLengthA
DialogBoxParamA
GetClientRect
CreateWindowExA
EnableMenuItem
SendMessageA
CreateDialogIndirectParamA
GetWindowLongA
CharPrevW
InvalidateRect

ole32

CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
CreateOleAdviseHolder

kernel32

lstrcpyA
IsBadWritePtr
GetCurrentThreadId
WideCharToMultiByte
FlushFileBuffers
LoadResource
FindResourceA
EnterCriticalSection
HeapAlloc
lstrcatA
ExitProcess
lstrlenW
LockResource
LeaveCriticalSection
HeapFree
GetProcessHeap
lstrlenA
HeapReAlloc

secur32

GetUserNameExW

Sections

.text
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.venue
Size: 5KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e520ce0e8daf3daafb0d7c9b4948882a

Headers

File Characteristics

Imports

advapi32

user32

ole32

kernel32

secur32

Sections

.text Size: 206KB - Virtual size: 205KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 100KB - Virtual size: 100KB

.venue Size: 5KB - Virtual size: 78KB

.text
Size: 206KB - Virtual size: 205KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 100KB - Virtual size: 100KB

.venue
Size: 5KB - Virtual size: 78KB