5abc0c41883bf44f3b01d99a4c80ea70

Sharing

Copy URL

Twitter E-mail

General

Target

5abc0c41883bf44f3b01d99a4c80ea70
Size

142KB
MD5

5abc0c41883bf44f3b01d99a4c80ea70
SHA1

87c8e775a69842116cfa9d01caebe66a3d974013
SHA256

e9460a82a52898543f20c0df0eeddcaf03f1a18a681d3c97752b6506429e264c
SHA512

59d1c1243de5b6ad5848921fcfcb0d46a9c2bf01377123de22063aad0512066a37c4638582fd16a1255477554cbdee095614d69b3ccb7918b97d229689778834
SSDEEP

1536:4zrnvSdVgW91vtbAIfq0Vl4CzUfflKX1zKGqAaSIJmUH4K37/cPqNAlg9BVVIkD2:IrnvqvHhLxVgKoGM4IB7UU1VIknNA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5abc0c41883bf44f3b01d99a4c80ea70

Files

5abc0c41883bf44f3b01d99a4c80ea70
.exe windows:4 windows x86 arch:x86

2a386b523cff954bec3e00d91c48e20e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
SystemTimeToFileTime
GetEnvironmentStringsW
GetStartupInfoA
FormatMessageA
lstrcmpiA
GetTempFileNameA
GlobalFree
GetModuleHandleA
GetModuleFileNameA
lstrlenA
SetLastError

msvcrt

_pipe
putchar
_acmdln
towlower
_except_handler3
__set_app_type
__setusermatherr
fopen
exit
_unlock
wcsncmp
log
wcsstr
free
_initterm
vsprintf
_wcslwr
__getmainargs
__p__commode
ctime
_adjust_fdiv
_XcptFilter
__p__fmode

user32

DispatchMessageA
SetWindowPos
DeleteMenu
EndDialog
ClientToScreen
GetClientRect
InsertMenuItemA
GetMessageA
SetTimer
GetCursorPos
DestroyWindow
GetDesktopWindow

version

VerInstallFileW
VerQueryValueW
VerLanguageNameA
VerFindFileW
GetFileVersionInfoW
VerInstallFileA
GetFileVersionInfoA

gdi32

GetTextExtentPoint32A
GetWindowOrgEx
GetEnhMetaFileHeader
CreateICA
SetEnhMetaFileBits
CreateDIBitmap
LineTo
StartDocW
CreateBitmap

advapi32

RegEnumKeyExA
SetSecurityDescriptorOwner
AddAccessAllowedAce
RegEnumValueA
RegOpenKeyExW
RegCreateKeyA
OpenProcessToken
FreeSid

comctl32

CreateStatusWindowA
ImageList_AddMasked
InitCommonControlsEx
ImageList_DragLeave
ImageList_SetBkColor
ImageList_GetIconSize
ImageList_LoadImageA
CreateToolbarEx
ImageList_DragEnter
ImageList_Draw
ImageList_BeginDrag

oleaut32

GetErrorInfo
SysStringByteLen
SetErrorInfo
VariantClear
SafeArrayUnaccessData
SafeArrayPtrOfIndex
SysReAllocStringLen
VariantInit
SysAllocStringByteLen

shell32

DragFinish
SHGetDiskFreeSpaceExW
DragQueryFile

ole32

StringFromGUID2
RegisterDragDrop
IsAccelerator
CoRegisterClassObject

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a386b523cff954bec3e00d91c48e20e

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

version

gdi32

advapi32

comctl32

oleaut32

shell32

ole32

Sections

.text Size: 63KB - Virtual size: 62KB

.data Size: 48KB - Virtual size: 48KB

.rsrc Size: 30KB - Virtual size: 29KB

.text
Size: 63KB - Virtual size: 62KB

.data
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 30KB - Virtual size: 29KB