5b551ad4d1f42105c50cc7f0fcf510cd

Sharing

Copy URL Twitter E-mail

General

Target

5b551ad4d1f42105c50cc7f0fcf510cd
Size

136KB
MD5

5b551ad4d1f42105c50cc7f0fcf510cd
SHA1

f88281be67ad76ad9201ad737b9f14e211ec8cd1
SHA256

54dc40555b0dfc0ceb4770f3df0b95297b0382c3327bfc1584ee3b28cf0fb237
SHA512

b65591134f8b6dc5f39ab0254ff225791e6528a06492055459f2ae463b7592e413b8fe0e8e658b5ddb599a63ae08dee8c940d00697824fc237fbd0c84ca1d5d5
SSDEEP

3072:A2SavAYhQKcNwfgAD+TcyHI5OwkkefpMg58HL3Ycxa46Un:BwrcyrkXfHL3YcxN60

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b551ad4d1f42105c50cc7f0fcf510cd

Files

5b551ad4d1f42105c50cc7f0fcf510cd
.exe windows:5 windows x86 arch:x86

aa82d33fdf7f7f2efddc1c2583019e8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

memmove
__set_app_type
_CIsqrt
exit
toupper
puts
_except_handler3
__setusermatherr
_controlfp
_initterm
_acmdln
__getmainargs
localtime
strchr
_adjust_fdiv
__p__fmode
_isctype
ftell
log10
_mbscmp
_XcptFilter
__p__commode

kernel32

GetExitCodeProcess
LCMapStringW
SetFileAttributesW
GetStartupInfoA
VirtualQuery
SetThreadLocale
GetFullPathNameA
lstrcpynA
FileTimeToDosDateTime
VirtualProtect
GetUserDefaultLangID
GetModuleHandleA
GetModuleFileNameW

gdi32

GetEnhMetaFileDescriptionA
GetCharWidthW
CreateDCW
CloseEnhMetaFile
StrokeAndFillPath
EnumFontFamiliesA
GetObjectW
GetTextFaceA
CreatePen
SetViewportOrgEx
PlayEnhMetaFile
GetMapMode
CreateRectRgnIndirect
SelectClipRgn
EnumEnhMetaFile

ole32

OleSetClipboard
StgOpenStorage
OleIsCurrentClipboard
CoCreateInstance
CoFreeUnusedLibraries
OleRun
OleSetMenuDescriptor
CreateBindCtx
CoRevokeClassObject

version

GetFileVersionInfoA
VerLanguageNameA
GetFileVersionInfoSizeW
VerQueryValueA
VerQueryValueW
VerInstallFileW
VerInstallFileA
VerFindFileW

shell32

SHGetFileInfo
SHBrowseForFolderW
SHFileOperationA
SHGetSpecialFolderPathW
SHGetDesktopFolder
DragAcceptFiles
SHGetFolderPathA
SHAddToRecentDocs
SHGetSettings

advapi32

CryptGenRandom
RegOpenKeyExW
RegSetValueExW
DeregisterEventSource
RegCreateKeyExW
GetUserNameA
CopySid
FreeSid
SetSecurityDescriptorOwner

user32

GetClientRect
RemoveMenu
ReleaseCapture
GetClassInfoA
GetMenuItemCount
EnableWindow

comctl32

ImageList_GetIconSize
ImageList_DragEnter
ImageList_GetIcon
ImageList_SetDragCursorImage
ImageList_SetBkColor
ImageList_Create
CreatePropertySheetPageW
ImageList_Add
ImageList_SetIconSize
PropertySheetW

oleaut32

SafeArrayPtrOfIndex
SysStringByteLen
SysFreeString
SetErrorInfo
VariantCopyInd
LoadTypeLib
VariantInit

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aa82d33fdf7f7f2efddc1c2583019e8c

Headers

File Characteristics

Imports

msvcrt

kernel32

gdi32

ole32

version

shell32

advapi32

user32

comctl32

oleaut32

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 17KB - Virtual size: 41KB

.rsrc Size: 99KB - Virtual size: 172KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 17KB - Virtual size: 41KB

.rsrc
Size: 99KB - Virtual size: 172KB