5aea5415410534b50d10762cf946751b

Sharing

Copy URL Twitter E-mail

General

Target

5aea5415410534b50d10762cf946751b
Size

472KB
MD5

5aea5415410534b50d10762cf946751b
SHA1

cac54b2ffe485d0c00a7727ff6f52ccbc27c75c1
SHA256

7d9e7befc9b55b3e763c39b81a54d411199437431194d483618832c2ddc9b53f
SHA512

7da86d264c8bf7cbe52d789c3d0b6923c9a9bbda9b800654030ec2ffa6ed3818f6dcfb016320bbefc11fc59f360a82990e1476bf522e868e5525ee24d04461fe
SSDEEP

6144:oxaL8nKRjLg3Yh+b3cURF+e+ZEsuI6TQlTcCsT98tezDRz+mmZCVnYLVDew2gEaP:oEAnKG3FzXRF5Gv6TQWX98telzeZC0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5aea5415410534b50d10762cf946751b

Files

5aea5415410534b50d10762cf946751b
.exe windows:4 windows x86 arch:x86

ee286d6db57b2b792e82854a1865a5a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PageSetupDlgA
PageSetupDlgW

advapi32

CryptGetKeyParam
RegCreateKeyExA
CryptGetUserKey
RegDeleteKeyW
CryptContextAddRef
RegEnumValueA
RegEnumKeyA
StartServiceA
RegQueryInfoKeyA
RegOpenKeyA
CryptDestroyHash
LogonUserA
GetUserNameW
LookupSecurityDescriptorPartsA
CryptSetProviderExW
RegLoadKeyA
StartServiceW
CryptVerifySignatureW
RegEnumValueW
CryptSetProviderA
RegCreateKeyA
RegEnumKeyExW
RegDeleteValueA

user32

LoadAcceleratorsW
MessageBoxW
GetWindowThreadProcessId
ShowWindow
OemToCharBuffW
ScrollDC
GetProcessDefaultLayout
DrawEdge
CharToOemA
CreateMenu
GetWindowContextHelpId
CreateWindowExW
GetClipboardViewer
CascadeChildWindows
KillTimer
GetActiveWindow
IsDialogMessageA
GetClipboardOwner
GetMessageExtraInfo
DefWindowProcW
MapVirtualKeyExW
RegisterClassA
ToAscii
SendIMEMessageExA
IntersectRect
EndDeferWindowPos
GetWindowLongW
GetWindowWord
RegisterClassExA
SetUserObjectSecurity
DestroyCursor
DestroyWindow
DrawFrame
GetMenuItemID
FindWindowA
DialogBoxIndirectParamW
InvertRect
GetWindowTextA
CharLowerA
EnableMenuItem
UnhookWindowsHook
DdeGetData
DdeUnaccessData
DefWindowProcA
SetScrollPos
DdeClientTransaction
ChangeDisplaySettingsExA
EnumDisplaySettingsA
GetTabbedTextExtentA
CharToOemBuffW
RedrawWindow
VkKeyScanExW
UnionRect
CreateCursor
GetClipCursor
GetClassNameW
InvalidateRgn
EnumDisplaySettingsW
CloseWindowStation
SetProcessWindowStation
GetMenuBarInfo

gdi32

PolyDraw
SelectObject
GetClipRgn
ResetDCW
CreatePatternBrush
OffsetWindowOrgEx
GetTextCharsetInfo
EnumFontFamiliesA
GetTextExtentPoint32W
GetArcDirection
GetMetaFileW
GetSystemPaletteUse
SetMiterLimit
PtInRegion
CreateDCW
Chord

wininet

InternetGetLastResponseInfoW
FtpCreateDirectoryA
InternetReadFileExA

comctl32

ImageList_Read
InitCommonControlsEx

kernel32

GetStartupInfoW
SetThreadLocale
FlushFileBuffers
GetSystemTimeAdjustment
GetTimeZoneInformation
CreateThread
GetSystemDefaultLCID
MultiByteToWideChar
SetHandleCount
GetEnvironmentStrings
GetCommandLineA
GetTempPathA
GetCompressedFileSizeW
GetTickCount
GetProcAddress
EnterCriticalSection
GetVersionExA
HeapReAlloc
GetSystemInfo
TlsFree
WritePrivateProfileStructA
ReadFile
FindFirstFileExA
LCMapStringA
HeapCreate
GetThreadPriorityBoost
OpenMutexA
VirtualQuery
ReadConsoleOutputAttribute
TlsSetValue
GetLastError
GetStartupInfoA
GetFileType
GetCurrentThreadId
GetCurrentProcess
SetEnvironmentVariableA
GetPrivateProfileStringW
GetModuleFileNameA
GetEnvironmentStringsW
HeapSize
IsBadWritePtr
TlsGetValue
GetVersionExW
CloseHandle
InitializeCriticalSection
WideCharToMultiByte
EnumTimeFormatsA
SetFilePointer
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetProcAddress
GetCurrentThread
FindNextChangeNotification
LoadLibraryA
VirtualProtect
lstrcat
IsValidCodePage
HeapFree
SetStdHandle
CompareStringW
lstrlen
TlsAlloc
HeapAlloc
GetLongPathNameA
IsValidLocale
GetLocaleInfoA
OpenFileMappingA
RtlMoveMemory
GetProfileIntA
GetDateFormatA
GetOEMCP
FindNextFileA
TerminateProcess
LeaveCriticalSection
GetStringTypeA
WriteFile
SetThreadIdealProcessor
VirtualAlloc
WriteConsoleA
EnumSystemLocalesA
GetUserDefaultLCID
InterlockedExchange
FlushInstructionCache
WriteConsoleInputW
CreateDirectoryW
GetComputerNameW
QueryPerformanceCounter
GetThreadContext
LocalCompact
CreateSemaphoreW
GetACP
EnumResourceNamesW
GetCPInfo
GetStringTypeW
GetCurrentProcessId
GetStdHandle
ReadConsoleW
GetDiskFreeSpaceExW
WriteProfileSectionW
GetConsoleTitleA
RtlUnwind
HeapDestroy
WaitForSingleObjectEx
WriteConsoleOutputA
EnumTimeFormatsW
SetThreadAffinityMask
DeleteCriticalSection
GlobalDeleteAtom
ReleaseMutex
GetModuleHandleA
UnhandledExceptionFilter
ReadConsoleA
VirtualFree
SetLastError
EnumResourceLanguagesA
GetSystemTimeAsFileTime
CompareStringA
ExitProcess
LCMapStringW
GetLocaleInfoW
CreateMutexA
GetDateFormatW
GetTimeFormatA
EnumCalendarInfoA

Sections

.text
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee286d6db57b2b792e82854a1865a5a1

Headers

File Characteristics

Imports

comdlg32

advapi32

user32

gdi32

wininet

comctl32

kernel32

Sections

.text Size: 136KB - Virtual size: 133KB

.rdata Size: 132KB - Virtual size: 129KB

.data Size: 104KB - Virtual size: 125KB

.rsrc Size: 96KB - Virtual size: 92KB

.text
Size: 136KB - Virtual size: 133KB

.rdata
Size: 132KB - Virtual size: 129KB

.data
Size: 104KB - Virtual size: 125KB

.rsrc
Size: 96KB - Virtual size: 92KB