59cdfe7b09bda7d7b570766611825abe

Sharing

Copy URL Twitter E-mail

General

Target

59cdfe7b09bda7d7b570766611825abe
Size

818KB
MD5

59cdfe7b09bda7d7b570766611825abe
SHA1

ba58c7afecdf919d230043886fe0fb8563b1c556
SHA256

e4c7c6ce5d31457a7600ef4d487e4aa0d823956b48d997b06479bf86d90f73e1
SHA512

34397802895e922b2521fccfcec975217c16e6c618dc23135743c5cd2840c65c95502b2b5d4a00ccf2be9535291f905d4fd52282c5cf84f6f221959e7646aa1b
SSDEEP

6144:slruaxCtzFW1ZJBsB6f5r7o2AIBMdldFZOhoLb3FfO5o6Lz3Bcasw2b061Y405i:B5krsB6fhZw7FB8R33Bcasp1YZ8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59cdfe7b09bda7d7b570766611825abe

Files

59cdfe7b09bda7d7b570766611825abe
.exe windows:4 windows x86 arch:x86

14c43471ab039add605775c4733a9917

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
CreateToolbarEx

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

GetCurrentDirectoryA
DeleteFileA
GetModuleFileNameA
GetSystemDirectoryA
QueryPerformanceFrequency
CreateProcessA
GetCommandLineA
ExpandEnvironmentStringsA
GetFileAttributesA
GetVersion
GetTickCount
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcatA
HeapFree
lstrlenA
lstrcpyA
HeapAlloc
GetProcessHeap
ReadProcessMemory
OpenProcess
Sleep
GetVersionExA
GetUserDefaultLangID
HeapSize
SetEndOfFile
ReadFile
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
InitializeCriticalSection
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
GetCurrentProcessId
SetStdHandle
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileType
SetHandleCount
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetCurrentThreadId
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetStdHandle
ExitProcess
HeapCreate
HeapDestroy
HeapReAlloc
VirtualAlloc
VirtualFree
DeleteCriticalSection
RtlUnwind
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
WriteFile
LeaveCriticalSection
EnterCriticalSection
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
CreateThread
ResumeThread
ExitThread
CreateEventA
GetLogicalDrives
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
DosDateTimeToFileTime
GetTimeFormatA
SetEvent
FreeLibrary
WaitForSingleObject
WaitForMultipleObjects
DeviceIoControl
FormatMessageA
LocalAlloc
LoadLibraryA
LocalFree
GetModuleHandleA
GetProcAddress
SetLastError
CreateFileA
FindResourceA
LoadResource
SizeofResource
LockResource
GetCurrentProcess
GetLastError
CloseHandle
FlushFileBuffers

user32

GetSysColor
GetSysColorBrush
LoadCursorA
IsIconic
IsZoomed
SetWindowLongA
ChildWindowFromPoint
GetClientRect
CallWindowProcA
SetCapture
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
InvalidateRect
SetCursor
DrawIconEx
RegisterClassA
DrawTextA
GetSystemMetrics
SetTimer
ClientToScreen
ScreenToClient
GetDlgItemTextA
IsWindowEnabled
SetDlgItemTextA
CheckDlgButton
EnableWindow
IsDlgButtonChecked
CheckRadioButton
RegisterWindowMessageA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
IsWindow
IsDialogMessageA
TranslateMessage
DispatchMessageA
CreateWindowExA
ShowWindow
UpdateWindow
LoadIconA
GetFocus
DialogBoxParamA
GetMenu
EnableMenuItem
CreateMenu
InsertMenuA
GetCursorPos
LoadMenuA
GetSubMenu
TrackPopupMenu
DestroyMenu
LoadStringA
GetDC
ReleaseDC
SetFocus
BeginPaint
EndPaint
WinHelpA
SetWindowPos
InvalidateRgn
ReleaseCapture
PostMessageA
DefWindowProcA
DestroyWindow
CheckMenuItem
MessageBoxA
PostQuitMessage
DialogBoxIndirectParamA
SetWindowTextA
InflateRect
SendMessageA
EndDialog
GetParent
GetWindowRect
MoveWindow
GetDlgItem

gdi32

EndDoc
GetStockObject
EndPage
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject
StartPage
StartDocA
SetMapMode
GetDeviceCaps
DeleteObject
CreateCompatibleDC
GetTextMetricsA
CreateSolidBrush
SetBkColor
GetTextExtentPoint32A
ExtTextOutA
GetObjectA

comdlg32

ChooseFontA
GetOpenFileNameA
GetSaveFileNameA
ChooseColorA
FindTextA
PrintDlgA

advapi32

LookupPrivilegeValueA
OpenProcessToken
RegOpenKeyA
GetTokenInformation
LookupAccountSidA
RegQueryValueExA
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegDeleteKeyA
AdjustTokenPrivileges

shell32

ShellExecuteExA
ShellExecuteA
SHGetFileInfoA

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 580KB - Virtual size: 580KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14c43471ab039add605775c4733a9917

Headers

File Characteristics

Imports

comctl32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 120KB - Virtual size: 118KB

.data Size: 8KB - Virtual size: 109KB

.rsrc Size: 580KB - Virtual size: 580KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 120KB - Virtual size: 118KB

.data
Size: 8KB - Virtual size: 109KB

.rsrc
Size: 580KB - Virtual size: 580KB