5c0e5384787b4874ec481b92237e5dda

Sharing

Copy URL Twitter E-mail

General

Target

5c0e5384787b4874ec481b92237e5dda
Size

189KB
MD5

5c0e5384787b4874ec481b92237e5dda
SHA1

1cceb42277cb4bb74a5bb1324961545ee0d8c263
SHA256

8773338cfaa210a215414ac718a907b8f26919ff04db64a5875465db244b5720
SHA512

2c0f526a5364a3e6dd91013bcd579f6c18b34864e9495dadf050b0c9e93667fb42b911d7e0a2f73c97e80616deb394ccd786cad89fcadf251d5bb0b3eec7adf7
SSDEEP

3072:0MvhKNvn83Vx7baXWG0DCXqeAYF30r3eTuQokGFI0Q+jo+bXe:0iAnCKWVCt30bIt8DbO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c0e5384787b4874ec481b92237e5dda

Files

5c0e5384787b4874ec481b92237e5dda
.exe windows:4 windows x86 arch:x86

d9e42f63b8424841066776d4ca64cebb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA

msimg32

AlphaBlend

shlwapi

PathRemoveFileSpecA
PathAppendA

kernel32

TlsFree
FreeLibrary
GlobalAlloc
Sleep
IsDebuggerPresent
GetVersionExA
lstrcmpW
ReleaseMutex
QueryPerformanceCounter
GetSystemDefaultLCID
GetWindowsDirectoryA
GetCalendarInfoW
LoadLibraryA
ReleaseSemaphore
FindClose
GetProcAddress
DeleteCriticalSection
TlsGetValue
GetTickCount
ReadFile
ExitProcess
GetModuleFileNameA
GetACP
TlsSetValue
TerminateProcess
EnterCriticalSection
FindFirstFileA
GetLocaleInfoA
GetSystemInfo
GlobalUnlock
GetCurrentThreadId
GetLocalTime
InterlockedCompareExchange
EnumResourceNamesA
GetDateFormatA
WideCharToMultiByte
GetThreadLocale
SetThreadPriority
IsProcessorFeaturePresent
GetLastError
GlobalSize
CloseHandle
GetUserDefaultLangID
GetThreadPriority
GetDateFormatW
GlobalLock
GetSystemDirectoryA
GetTimeFormatW
GetProfileStringW
GlobalFree
GetModuleHandleA
CreateMutexA
GetCurrentThread
lstrlenW
GetSystemTimeAsFileTime
InitializeCriticalSection
InterlockedIncrement
SetCurrentDirectoryA
DeleteFileW
LeaveCriticalSection
FindNextFileA
GetCurrentDirectoryA
GetCurrentProcessId
UnhandledExceptionFilter
LocalAlloc
CreateFileA
GetFileTime
GetTimeFormatA
SetUnhandledExceptionFilter
CreateSemaphoreA
MultiByteToWideChar
GetEnvironmentVariableW
InterlockedExchange
GetFileSize
GetCurrentProcess
GetTempPathW
WaitForSingleObject
RaiseException

ole32

CoInitialize
CoRegisterMessageFilter
CoCreateInstance
OleFlushClipboard
CoGetClassObject
StgCreateDocfileOnILockBytes
CoGetProcessIdentifier
OleIsCurrentClipboard
CLSIDFromProgID
CoUninitialize
OleUninitialize
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleInitialize
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
CoFreeUnusedLibraries
CLSIDFromString

user32

DestroyWindow
MonitorFromWindow
MonitorFromPoint
ScrollWindowEx
GetWindowRect
SetWindowPos
CreateWindowExA
GetClientRect
GetDesktopWindow
WindowFromDC
SetActiveWindow
EnumDisplayMonitors
OffsetRect
GetMonitorInfoA
RegisterClassA
LoadCursorA
ReleaseDC
LoadIconA
DefWindowProcA
GetActiveWindow
CharNextW
GetSystemMetrics
GetDC
UnregisterClassA

gdi32

GetClipBox
GetViewportOrgEx
IntersectClipRect
GetRgnBox
Rectangle
ExtCreatePen
SetROP2
GetDeviceCaps
RestoreDC
BeginPath
DeleteDC
SetDIBits
CombineRgn
AbortDoc
SelectPalette
CreateBrushIndirect
StretchBlt
SetGraphicsMode
GetStockObject
StartDocW
StartPage
GetWorldTransform
MoveToEx
EqualRgn
StrokePath
PatBlt
DeleteObject
Escape
BitBlt
PolyBezierTo
GetCurrentObject
ResetDCW
SetStretchBltMode
GetDIBColorTable
SelectClipRgn
RealizePalette
CreatePolyPolygonRgn
CreatePatternBrush
SelectObject
CreateDIBSection
SetMiterLimit
CreateDCW
CreateICW
CreatePalette
PolylineTo
EndPath
SetWorldTransform
ModifyWorldTransform
CloseFigure
CreateBitmap
GetObjectA
GetGraphicsMode
LineTo
SetPolyFillMode
SelectClipPath
SaveDC
SetBrushOrgEx
CreateRectRgn
OffsetRgn
FillPath
EndPage
ExtSelectClipRgn
GetRegionData
CreateCompatibleBitmap
EndDoc
CreateCompatibleDC
ExtEscape
StretchDIBits
PolyDraw

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9e42f63b8424841066776d4ca64cebb

Headers

File Characteristics

Imports

advapi32

msimg32

shlwapi

kernel32

ole32

user32

gdi32

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 78KB - Virtual size: 78KB

.edata Size: 1024B - Virtual size: 68KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 78KB - Virtual size: 78KB

.edata
Size: 1024B - Virtual size: 68KB