5bf0ea23e021af5d216141e854ab7918

Sharing

Copy URL Twitter E-mail

General

Target

5bf0ea23e021af5d216141e854ab7918
Size

2.0MB
MD5

5bf0ea23e021af5d216141e854ab7918
SHA1

767b86573114dd1a82dc58a09311295806b0e100
SHA256

e629d8263bc8b8a0402aa4e7411e90b300518ba76ecfe77a00e7194e9c277ca8
SHA512

99886359836d96359331f8e48248289560bac9f9410869516996a84ed823e75f11379881ecb00632dca05131c1f33f78050ebccbbdfff15a69a2ef298a0c1491
SSDEEP

49152:HJcHddSMMqoLPxazcYRaUWJM30jhxVXyGkY6fQcmcHqn:pc9dSTqorxnZJM301f6BocmcHM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bf0ea23e021af5d216141e854ab7918

Files

5bf0ea23e021af5d216141e854ab7918
.exe windows:4 windows x86 arch:x86

17a0b52e23052e701c3b6216cfd665ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

Rectangle
GetTextExtentPoint32A
SelectObject
SetBkMode
GetStockObject
SetTextColor
CreateSolidBrush

comdlg32

GetFileTitleA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetFileInfoA
SHGetDesktopFolder
SHGetSpecialFolderLocation
ShellExecuteA

kernel32

FlushFileBuffers
GetFullPathNameA
lstrcatA
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
FreeLibrary
GetModuleHandleA
LoadLibraryA
GetProcAddress
SetCurrentDirectoryA
GetTempPathA
lstrcpyA
GetLogicalDrives
GetModuleFileNameA
WideCharToMultiByte
GetLastError
SystemTimeToFileTime
GetSystemTime
CompareFileTime
GetCommandLineA
InitializeCriticalSection
MultiByteToWideChar
lstrlenA
WriteProfileStringA
GetShortPathNameA
CreateDirectoryA
DeleteFileA
GetDiskFreeSpaceA
GetTempFileNameA
CreateFileA
GetStdHandle
ReadFile
WriteFile
CloseHandle
SetEndOfFile
SetFilePointer
GetFileAttributesA
DeviceIoControl
GetVersionExA
SetFileAttributesA
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
SetFileTime
SetVolumeLabelA
FindFirstFileA
FindNextFileA
FindClose
GetVolumeInformationA
GetDriveTypeA
GetLocaleInfoA
HeapFree
RtlUnwind
HeapAlloc
RaiseException
ExitProcess
TerminateProcess
GetTimeZoneInformation
GetLocalTime
MoveFileA
GetStartupInfoA
GetVersion
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
HeapSize
GetCPInfo
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA

user32

GetClientRect
SystemParametersInfoA
MapWindowPoints
SetWindowPos
GetWindow
GetWindowLongA
RegisterClassExA
wsprintfA
LoadCursorA
GetParent
IsDlgButtonChecked
GetClassInfoExA
SendMessageA
DialogBoxParamA
SendDlgItemMessageA
DestroyMenu
TrackPopupMenu
SetWindowTextA
EndDialog
DispatchMessageA
GetMessageA
CheckDlgButton
LoadStringA
LoadIconA
UpdateWindow
SetWindowLongA
CreateWindowExA
IsWindow
ClientToScreen
GetWindowTextA
ReleaseCapture
SetCursor
SetCapture
CallWindowProcA
MessageBoxA
IsWindowEnabled
GetSysColor
InvalidateRect
EndPaint
DrawTextA
BeginPaint
DdeConnect
DdeCreateStringHandleA
DdeInitializeA
DdeUninitialize
DdeFreeStringHandle
DdeDisconnect
TranslateMessage
IsDialogMessageA
PeekMessageA
DdeGetLastError
DdeClientTransaction
CharToOemBuffA
OemToCharBuffA
EnableWindow
SetFocus
GetDlgItemTextA
SetDlgItemTextA
PostQuitMessage
DefWindowProcA
GetCursorPos
GetWindowRect
ScreenToClient
ShowWindow
PostMessageA
GetDlgItem
CreatePopupMenu
RegisterClassA

advapi32

RegQueryValueExA
RegCloseKey
RegDeleteKeyA
RegQueryValueA
RegOpenKeyExA
RegSetValueA
RegCreateKeyA
RegEnumKeyExA

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pklstb
Size: 116KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.relo2
Size: 4KB - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17a0b52e23052e701c3b6216cfd665ef

Headers

File Characteristics

Imports

gdi32

comdlg32

shell32

kernel32

user32

advapi32

ole32

Sections

.text Size: - Virtual size: 158KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: - Virtual size: 51KB

.rsrc Size: 8KB - Virtual size: 16KB

.pklstb Size: 116KB - Virtual size: 132KB

.relo2 Size: 4KB - Virtual size: 60B

.text
Size: - Virtual size: 158KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: - Virtual size: 51KB

.rsrc
Size: 8KB - Virtual size: 16KB

.pklstb
Size: 116KB - Virtual size: 132KB

.relo2
Size: 4KB - Virtual size: 60B