5b222575ddd9176f58e7048e079ff1af

Sharing

Copy URL Twitter E-mail

General

Target

5b222575ddd9176f58e7048e079ff1af
Size

604KB
MD5

5b222575ddd9176f58e7048e079ff1af
SHA1

1a3b25e5f08553176322bbac12f3d2a585001630
SHA256

965dc383bf229f248568dc4014ffac0e70714cb99e89239fa4a6c94e41f6acc8
SHA512

a47b6e411bed7de99d9133e900955d554aecf1125a24e332be1f030b7a18e1c253b5d289178835bec7625d6e79a12a4478861aca7ebbb1d51076ba282723b06b
SSDEEP

12288:esMmES+tb1mmICzaV0VxpH4ilN9MEXI79zblZHD:XMml+t4mICzasog9479zfD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b222575ddd9176f58e7048e079ff1af

Files

5b222575ddd9176f58e7048e079ff1af
.exe windows:4 windows x86 arch:x86

338dbb6e5f99597cfca6d9d4e201478b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetUserDefaultLCID
IsValidCodePage
OpenMutexA
SetEndOfFile
GetTempFileNameA
GetCurrentThreadId
ReleaseSemaphore
GetVersionExA
GetCurrentThread
IsDebuggerPresent
EnumSystemLocalesA
TlsSetValue
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FindNextChangeNotification
GetStdHandle
IsValidLocale
SetLastError
VirtualProtect
GetStringTypeW
GetLocaleInfoA
CreateEventA
GetTimeZoneInformation
GetThreadPriorityBoost
LCMapStringW
GetStringTypeA
TlsAlloc
CloseHandle
WideCharToMultiByte
HeapReAlloc
GetModuleFileNameA
CreateFileMappingW
GetPrivateProfileStructA
TlsGetValue
SetThreadPriority
GetTickCount
HeapAlloc
InitializeCriticalSection
HeapCreate
GetACP
CreateMutexA
SetVolumeLabelW
EnumDateFormatsW
GetStartupInfoA
SetEnvironmentVariableA
VirtualAlloc
SetFilePointer
RtlUnwind
ConnectNamedPipe
LCMapStringA
FlushFileBuffers
HeapDestroy
CompareStringA
GetVersion
WriteConsoleOutputA
GetLocaleInfoW
GetCPInfo
IsBadWritePtr
LoadModule
GetProfileSectionW
GetThreadContext
CreateWaitableTimerW
InterlockedExchange
MoveFileA
GetStartupInfoW
CommConfigDialogW
SuspendThread
GetEnvironmentStrings
ReadConsoleA
FreeEnvironmentStringsA
GetModuleHandleA
LoadLibraryA
lstrcpy
WaitForMultipleObjects
GetDateFormatA
EnumResourceTypesW
CompareStringW
GetLastError
EnterCriticalSection
GetSystemInfo
WriteConsoleInputW
SetFileTime
UnhandledExceptionFilter
GetCommandLineA
DeleteCriticalSection
QueryPerformanceCounter
GetOEMCP
SetStdHandle
ReadFile
ExitProcess
GetCurrentProcessId
VirtualQuery
WriteFile
CreateDirectoryW
GetFileType
WritePrivateProfileStructW
GetNamedPipeInfo
RaiseException
SetHandleCount
GetProcAddress
GetTimeFormatA
TlsFree
HeapSize
VirtualFree
FoldStringW
MultiByteToWideChar
FreeEnvironmentStringsW
HeapFree
GetLongPathNameA
lstrcatA
LeaveCriticalSection
GetNamedPipeHandleStateW
GetPrivateProfileStringA
GetCurrentProcess
MapViewOfFile
TerminateProcess
GlobalFlags
FlushViewOfFile

comctl32

ImageList_Duplicate
ImageList_Create
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_Write
InitCommonControlsEx
DestroyPropertySheetPage
CreateToolbar
ImageList_LoadImageA
ImageList_GetIcon
ImageList_Read
CreatePropertySheetPageA
ImageList_SetImageCount
ImageList_LoadImage
ImageList_Replace
CreateMappedBitmap
ImageList_DragEnter
ImageList_AddMasked
DrawStatusTextW
CreateUpDownControl

user32

CharPrevExA
MapVirtualKeyW
DdeFreeDataHandle
TabbedTextOutW
GetMenuDefaultItem
RealChildWindowFromPoint
SetWindowContextHelpId
DdeUninitialize
GetCursorInfo
DrawTextW
GetScrollInfo
SetWindowRgn
ClipCursor
RegisterClassA
SetMenuItemInfoA
DrawFrame
IsCharLowerW
CreateWindowExW
DrawStateW
GetSubMenu
CharPrevW
ShowWindow
DdeCreateDataHandle
DestroyMenu
FlashWindowEx
CopyAcceleratorTableA
DestroyWindow
SetWindowPos
EnumThreadWindows
SetCapture
GetKeyState
InternalGetWindowText
SetWindowsHookA
LoadImageW
DrawAnimatedRects
GetUserObjectInformationA
CreateIconFromResource
GetDlgCtrlID
WaitMessage
GetKeyboardLayout
SetCursorPos
CascadeChildWindows
GetMenuItemID
GetThreadDesktop
CreateWindowStationW
GetDlgItemTextA
GetCaretBlinkTime
DrawCaption
RegisterClassExA
GetForegroundWindow
GetShellWindow
GetMenuStringA
MessageBoxExA
MessageBoxIndirectW
UnionRect
LoadMenuIndirectW
LoadMenuIndirectA
EnableWindow
InvalidateRect
SetDeskWallpaper
DdeGetLastError
SetProcessDefaultLayout
DlgDirSelectComboBoxExA
TabbedTextOutA
LoadImageA
InsertMenuItemA
DeferWindowPos
GetProcessDefaultLayout
DestroyCaret
EnumChildWindows
SetMenuItemInfoW
HideCaret
SetPropA
WinHelpW
RealGetWindowClass
LoadKeyboardLayoutW
DefWindowProcW
GetClassInfoW
DdeClientTransaction
CopyAcceleratorTableW
EndTask
GetCapture
EnumDisplaySettingsExW
AdjustWindowRect
CreateWindowStationA
UnhookWinEvent
SubtractRect
EndMenu
DialogBoxIndirectParamW
DrawFrameControl
PackDDElParam
GetWindowTextW
DefWindowProcA
MessageBoxW
GetDialogBaseUnits
GetKeyboardType
SetDebugErrorLevel
WindowFromDC
DrawTextExA
CloseWindow
SendMessageTimeoutW
MenuItemFromPoint

advapi32

RegEnumKeyExA
LookupAccountSidW
CryptCreateHash
RegCloseKey
CryptSetProvParam

Sections

.text
Size: 196KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

338dbb6e5f99597cfca6d9d4e201478b

Headers

File Characteristics

Imports

kernel32

comctl32

user32

advapi32

Sections

.text Size: 196KB - Virtual size: 193KB

.rdata Size: 252KB - Virtual size: 250KB

.data Size: 112KB - Virtual size: 130KB

.rsrc Size: 40KB - Virtual size: 37KB

.text
Size: 196KB - Virtual size: 193KB

.rdata
Size: 252KB - Virtual size: 250KB

.data
Size: 112KB - Virtual size: 130KB

.rsrc
Size: 40KB - Virtual size: 37KB