5b1195cfa1559441b863bc7127f9bd2c

Sharing

Copy URL Twitter E-mail

General

Target

5b1195cfa1559441b863bc7127f9bd2c
Size

462KB
MD5

5b1195cfa1559441b863bc7127f9bd2c
SHA1

2d64b338d249287e77bab87f48f8ab6d95b18653
SHA256

e775c48496a89bdc656b76ef3eca938c5b1c6a0a70a2ad1c31b4fa278ff9b7cb
SHA512

a1a5ffdc0ddad7bf24e74bc064337309cb5765ebf93266ab79c017773bc89ec9ec605d716da95ddb9559d060b6b48f405152cc0112f2d29d72bcc0bd2a33e9e9
SSDEEP

12288:79HWtTm95nMkwb4tQe/vO5p1c0BxOaEYd6:79gTm95Mve/v/R3Yd6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b1195cfa1559441b863bc7127f9bd2c

Files

5b1195cfa1559441b863bc7127f9bd2c
.exe windows:4 windows x86 arch:x86

48060ea6a6544fa2756af65cdc9004ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ahni18n

ord1
ord2

kernel32

TlsFree
GlobalReAlloc
TlsSetValue
GlobalHandle
LocalReAlloc
TlsGetValue
GlobalFlags
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentDirectoryA
GetProcessVersion
SizeofResource
GetCPInfo
GetOEMCP
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesA
GetFileSize
GetFileTime
EnterCriticalSection
TlsAlloc
SetFileTime
SetErrorMode
RtlUnwind
ExitProcess
GetDriveTypeA
RaiseException
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapFree
CreateThread
ExitThread
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
FatalAppExitA
SetUnhandledExceptionFilter
DeleteCriticalSection
LeaveCriticalSection
SystemTimeToFileTime
LocalFileTimeToFileTime
InitializeCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
CloseHandle
GetLastError
CreateMutexA
lstrcatA
lstrcpyA
LocalFree
lstrlenA
lstrcmpA
LocalAlloc
GetVersion
GetSystemTime
GetDateFormatA
GetProfileStringA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
FindNextFileA
WaitForMultipleObjects
ReleaseMutex
ReleaseSemaphore
CreateSemaphoreA
lstrcpynA
MulDiv
SetLastError
GlobalGetAtomNameA
GetModuleHandleA
UnhandledExceptionFilter
GlobalAddAtomA
GetProcAddress
InterlockedExchange
GlobalFindAtomA
CreateEventA
GlobalUnlock
GlobalFree
FreeEnvironmentStringsA
SuspendThread
LoadLibraryA
GetModuleFileNameA
SetThreadPriority
ResumeThread
SetEvent
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
FormatMessageA
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
CreateFileA
GetLocaleInfoA
RemoveDirectoryA
FindFirstFileA
FindClose
CreateDirectoryA
SetFileAttributesA
OutputDebugStringA
GetCurrentProcessId
CopyFileA
CreateProcessA
FindResourceA
LoadResource
LockResource
Sleep
WaitForSingleObject
OpenProcess
GetTickCount
GetExitCodeProcess
TerminateProcess
GetLocalTime
FreeLibrary
SetCurrentDirectoryA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW

user32

CopyRect
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
DestroyMenu
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
MsgWaitForMultipleObjects
CharUpperA
LoadCursorA
SetCapture
ReleaseCapture
WaitMessage
GetDesktopWindow
WindowFromPoint
GetClassNameA
PtInRect
InsertMenuA
DeleteMenu
GetMenuStringA
GetSysColorBrush
GetDialogBaseUnits
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
InvalidateRect
BringWindowToTop
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
EndDeferWindowPos
BeginDeferWindowPos
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
GetWindowLongA
MessageBoxA
SetCursor
ShowOwnedPopups
PostQuitMessage
UnhookWindowsHookEx
OemToCharA
CharToOemA
wsprintfA
IsWindowEnabled
EnableWindow
GetActiveWindow
SetActiveWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
SendMessageA
LoadIconA
FindWindowA
PostMessageA
GetWindowThreadProcessId
GetMenuItemCount
ScrollWindow
GetSubMenu
IsWindow
EndDialog
ModifyMenuA
GetMenuState
LoadStringA
ShowCaret
IsWindowUnicode
CharNextA
InflateRect
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
HideCaret
UnregisterClassA

gdi32

SetTextColor
GetClipBox
SetBkColor
GetObjectA
DeleteDC
StartDocA
SaveDC
RestoreDC
SelectObject
GetStockObject
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
GetDCOrgEx
PolyBezierTo
PolylineTo
GetClipRgn
CreateRectRgn
DeleteObject
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextExtentPoint32A
GetTextMetricsA
CreateFontIndirectA
CreateDIBitmap
CreateCompatibleDC
BitBlt
GetTextExtentPointA
PatBlt
CreateBitmap
SetColorAdjustment
SelectClipPath

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumValueA
RegDeleteValueA
RegQueryValueExA
RegEnumKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
RegOpenKeyA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA

shell32

DragQueryFileA
SHGetFileInfoA
DragAcceptFiles
DragFinish

comctl32

ord17

Sections

.text
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rrdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

48060ea6a6544fa2756af65cdc9004ac

Headers

File Characteristics

Imports

ahni18n

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 256KB - Virtual size: 252KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 24KB - Virtual size: 37KB

.rsrc Size: 52KB - Virtual size: 52KB

.rrdata Size: 68KB - Virtual size: 68KB

.text
Size: 256KB - Virtual size: 252KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 24KB - Virtual size: 37KB

.rsrc
Size: 52KB - Virtual size: 52KB

.rrdata
Size: 68KB - Virtual size: 68KB