5a8989921f6f63c161af0370177c14b7

General

Target

5a8989921f6f63c161af0370177c14b7
Size

2.0MB
MD5

5a8989921f6f63c161af0370177c14b7
SHA1

1793c23a236768fe8da5f56b552d64d03e68b20f
SHA256

77ec676ccb0f7977f207fa780418e7ab2f17c3487d8a3f08b09a4cbd9464f56e
SHA512

e0adac74c982319984331b2618cc414c34c8301b910d60d1d7bda3c5e549290306bbf40863f4bec80ed10e137cb67431fee5fe34a6bf0bcfd92687b5b513e94c
SSDEEP

49152:0PkXblUzzFRmnwO6ku8eFmWH5E1FEOpNqIQ8lEt:0PkLlQzFRmn36PrJK1FNNqILEt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a8989921f6f63c161af0370177c14b7

Files

5a8989921f6f63c161af0370177c14b7
.exe windows:4 windows x86 arch:x86

558c28c487a73bc1efcb789eae5df210

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegReplaceKeyW
IsValidSecurityDescriptor
PrivilegeCheck
SetSecurityDescriptorGroup
RegEnumValueW
CryptDestroyKey
CryptVerifySignatureW
RegEnumValueA
RegOpenKeyA

kernel32

WritePrivateProfileSectionA
CreatePipe
WritePrivateProfileStringW
EndUpdateResourceA
GetDiskFreeSpaceW
SuspendThread
EnumSystemCodePagesW
GetCPInfo
SetThreadPriorityBoost
GetThreadPriority
GetFileType
TlsGetValue
IsValidLocale
GetCommConfig
_lopen
VirtualAlloc
ReadConsoleInputW
PeekNamedPipe
ExitProcess

user32

LoadIconA
GetMonitorInfoW
MessageBeep
MessageBoxA
InsertMenuItemW
ToAscii
EnableScrollBar
MonitorFromPoint
SetWindowRgn
AppendMenuA
EnumWindowStationsA
ScrollDC
LoadMenuA
DrawTextExA
DrawAnimatedRects
GetWindowTextLengthA
ClientToScreen
GetMenuStringA
RemovePropW
CharLowerW
DestroyCaret
MapDialogRect
CreateWindowStationW
GetMenuStringW
SetCaretPos
DialogBoxParamW
SwapMouseButton

comctl32

ImageList_Replace
ImageList_Merge

Sections

.text
Size: 45KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

558c28c487a73bc1efcb789eae5df210

Headers

File Characteristics

Imports

advapi32

kernel32

user32

comctl32

Sections

.text Size: 45KB - Virtual size: 261KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 45KB - Virtual size: 261KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 17KB - Virtual size: 16KB