5afb74314043adedaaf97c2c0f050fae

Sharing

Copy URL Twitter E-mail

General

Target

5afb74314043adedaaf97c2c0f050fae
Size

520KB
MD5

5afb74314043adedaaf97c2c0f050fae
SHA1

cd8e0173056935d0fd23b306b6a5ca692ea396ce
SHA256

df1fefc664efb683066c6e244aad465675aa755da50029d3ebdd57f61d7b5078
SHA512

a076d74049683d5d9299f6c5aab4d65fc6d19bc400eb361d5b541c47fbf14a162094873a0fd5a6f91c03f29ecf028407a2dfb899bfb2bb4f60156be150d563ad
SSDEEP

12288:3cA4iyH6RS4A5A9qp5awcd2nMVI4fOmc:MA4jHtA9qp5awcd2nMVIy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5afb74314043adedaaf97c2c0f050fae

Files

5afb74314043adedaaf97c2c0f050fae
.exe windows:5 windows x86 arch:x86

272bea096a051ebc33e8013c22c2c8e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
InterlockedExchange
GetModuleHandleW
GetACP
FindFirstFileA
ReadFile
GetModuleHandleA
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
SetStdHandle
HeapSize
GetCurrentDirectoryA
LockResource
GetCurrentProcessId
SizeofResource
FileTimeToLocalFileTime
lstrlenW
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
lstrlenA
UnmapViewOfFile
LCMapStringW
GetLastError
InterlockedIncrement
HeapAlloc
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
GlobalLock
WaitForMultipleObjects
DuplicateHandle
FindNextFileA
CompareStringA
GetCurrentThreadId
FindNextFileW
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
DeleteFileW
SetEvent
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
GetTickCount
QueryPerformanceCounter
FreeLibrary
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WideCharToMultiByte
WriteConsoleW
LeaveCriticalSection
GetVersion
SetEndOfFile
GlobalAlloc
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
GetPrivateProfileStringA
GetModuleFileNameA
GetVersionExA
ExitProcess
IsDebuggerPresent
GetModuleFileNameW
InterlockedDecrement
GetSystemTime
SetLastError
FormatMessageA
TlsGetValue
FindClose
LoadResource
InitializeCriticalSection
LocalFree
GetExitCodeProcess
SetFileAttributesA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
GetStringTypeA
lstrcmpiA
GetCPInfo
FreeEnvironmentStringsW
SetErrorMode
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
FindFirstFileW
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetStdHandle
TlsAlloc
GetEnvironmentVariableA
RtlUnwind
IsValidCodePage
HeapCreate
VirtualFree
Sleep
VirtualAlloc
FindResourceA
GetFullPathNameA
CloseHandle
GetOEMCP

user32

GetDlgItem
SetWindowTextA
SetCapture
GetWindowRect
GetSystemMetrics
DefWindowProcA
BeginPaint
PeekMessageA
SetFocus
DispatchMessageA
CreateWindowExA
GetWindowLongA
RegisterClassA
EnableMenuItem
LoadCursorA
TranslateMessage
EnableWindow
ShowWindow
UpdateWindow
GetParent
DestroyWindow
SendMessageA
UnregisterClassA
ReleaseDC
GetDC
IsWindow
SetWindowPos
DestroyMenu
SetForegroundWindow
LoadIconA
GetDesktopWindow
LoadStringA
EndDialog
SetDlgItemTextA
MessageBoxA
GetSysColor
SetCursor
CallWindowProcA
GetClientRect
InvalidateRect
SystemParametersInfoA
IsWindowVisible

oleaut32

SysFreeString
SysAllocStringLen
VariantInit

advapi32

RegOpenKeyExA
RegCloseKey

ole32

CoInitialize
CoCreateInstance
CoUninitialize

gdi32

SetBkMode
GetDeviceCaps
DeleteObject
SetBkColor
SetTextColor

version

VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 444KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

272bea096a051ebc33e8013c22c2c8e3

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

advapi32

ole32

gdi32

version

Sections

.text Size: 444KB - Virtual size: 440KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 40KB - Virtual size: 40KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 444KB - Virtual size: 440KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 4KB - Virtual size: 1KB