5b786c12b9a2242c2305c3d0299f4029

Sharing

Copy URL

Twitter E-mail

General

Target

5b786c12b9a2242c2305c3d0299f4029
Size

479KB
MD5

5b786c12b9a2242c2305c3d0299f4029
SHA1

bcdde82413d74f96676c6ac4c26709a94b40c8cd
SHA256

ddb4f6034100b8fc97243799dde4b9c329e74f32b1cfc232d034dc1fd220c212
SHA512

ada5e98376a880fef9ea9ca1e09d0b803a3c23a01a766946bad023f6aae1a093b3f7f8c45b09b737a917b3b3758b6b20e3cd2d4398365f47f83786e5e520e8e3
SSDEEP

12288:usoSijPEkvT0oaterR/gBcYtz4eXxTEZjkb/B+7:uVbAkvT03BcW46TqjT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b786c12b9a2242c2305c3d0299f4029

Files

5b786c12b9a2242c2305c3d0299f4029
.exe windows:4 windows x86 arch:x86

52e4058d7f4abcb9b4c75bbd5d1362df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHFileOperationA
ExtractIconEx
InternalExtractIconListA

comctl32

InitCommonControlsEx

kernel32

HeapDestroy
IsValidCodePage
GetStdHandle
LeaveCriticalSection
OpenMutexA
InitializeCriticalSection
VirtualProtect
EnumSystemLocalesA
QueryPerformanceCounter
GetVersionExA
GetEnvironmentStrings
TlsAlloc
TlsFree
VirtualFree
TlsSetValue
WriteFile
CompareStringA
CreateMutexA
GetCurrentThreadId
GetFileType
GetProcAddress
VirtualQuery
HeapSize
GetLocaleInfoA
LoadLibraryA
UnhandledExceptionFilter
GetStartupInfoA
GetUserDefaultLCID
HeapAlloc
FreeEnvironmentStringsW
VirtualAlloc
GetCurrentProcess
GetACP
CompareStringW
GetEnvironmentStringsW
EnterCriticalSection
CloseHandle
GetProcAddress
GetStringTypeA
GetTickCount
GetCurrentThread
DeleteCriticalSection
RtlUnwind
GetSystemInfo
SetLastError
FlushFileBuffers
HeapReAlloc
FreeEnvironmentStringsA
LCMapStringW
GetCommandLineA
SetHandleCount
SetEnvironmentVariableA
GetSystemTimeAsFileTime
GetCurrentProcessId
IsValidLocale
GetTimeFormatA
ExitProcess
GetLastError
GetOEMCP
ReadFile
HeapFree
IsBadWritePtr
InterlockedExchange
TerminateProcess
LCMapStringA
HeapCreate
WideCharToMultiByte
GetDateFormatA
TlsGetValue
SetFilePointer
MultiByteToWideChar
GetModuleHandleA
SetStdHandle
GetStringTypeW
GetCPInfo
GetLocaleInfoW
GetModuleFileNameA
GetTimeZoneInformation

gdi32

UpdateICMRegKeyW
GetTextExtentExPointA
CreateBitmapIndirect
gdiPlaySpoolStream
CreateRectRgn
SetICMMode
Escape
SetDIBColorTable
CreateSolidBrush
GetBrushOrgEx
GetTextExtentExPointW
SetViewportOrgEx
SetBrushOrgEx
CreateICW
SetDeviceGammaRamp
GetTextExtentPoint32W
GdiPlayScript
StretchDIBits
SetMetaFileBitsEx
EnumEnhMetaFile
GetTextFaceA

user32

GetMenuItemRect
MapWindowPoints
RegisterClassA
ChildWindowFromPoint
CallWindowProcW
RegisterClassExA
PostThreadMessageW
EnumChildWindows
EndPaint
DdeClientTransaction
SetWindowRgn
SendMessageA
LoadKeyboardLayoutW
ClientToScreen
MsgWaitForMultipleObjects
GetSysColorBrush
GetWindowTextA
IsClipboardFormatAvailable
RemoveMenu
SetRectEmpty
CopyRect

advapi32

RegFlushKey
RegOpenKeyExW
RegSaveKeyA
CryptDestroyKey
RegLoadKeyA
LookupSecurityDescriptorPartsW
CryptDuplicateHash
RegDeleteKeyW
RevertToSelf
DuplicateTokenEx
DuplicateToken

Sections

.text
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52e4058d7f4abcb9b4c75bbd5d1362df

Headers

File Characteristics

Imports

shell32

comctl32

kernel32

gdi32

user32

advapi32

Sections

.text Size: 308KB - Virtual size: 308KB

.rdata Size: 53KB - Virtual size: 69KB

.data Size: 102KB - Virtual size: 102KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 308KB - Virtual size: 308KB

.rdata
Size: 53KB - Virtual size: 69KB

.data
Size: 102KB - Virtual size: 102KB

.rsrc
Size: 14KB - Virtual size: 13KB