5c485964120a8a7273932407315f4d2f

Sharing

Copy URL

Twitter E-mail

General

Target

5c485964120a8a7273932407315f4d2f
Size

520KB
MD5

5c485964120a8a7273932407315f4d2f
SHA1

5d863770b4859097e4e0d8007dd5574cb8a0fb29
SHA256

cfdaea56aed5906cd863107ebe42a2ec4aa2903c632042fa65ee507f43cd1da9
SHA512

136dc613b4a60aea77a897c6b14dfcfa2fca3ac060a27c8698c458e5f6bfccf429c19a2e5f175e4e88e021a57c1c10ef02fb325c99cf1ad30fcff09573d03706
SSDEEP

12288:hZxPRTrjD2XuWkSSQQhDBXVtbeHeXSAMt5RR3MO4T:nxP1jD2XuWkSSfPeHx/3DM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c485964120a8a7273932407315f4d2f

Files

5c485964120a8a7273932407315f4d2f
.exe windows:4 windows x86 arch:x86

c9d86e005a7bf4a49fefcc256c989cad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

WriteFile
LocalFlags
GetEnvironmentStringsW
GetCommandLineA
TerminateProcess
CloseHandle
HeapCreate
VirtualQuery
OutputDebugStringA
TlsAlloc
VirtualProtect
GetCurrentThreadId
HeapReAlloc
GetStringTypeW
TlsGetValue
FormatMessageA
DeleteCriticalSection
CreateMutexA
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
InterlockedExchange
FindAtomA
GetUserDefaultLCID
GetCPInfo
TlsFree
GetDateFormatA
GetModuleHandleA
GetSystemInfo
MultiByteToWideChar
EnterCriticalSection
GetStartupInfoW
GetCurrentThread
GetACP
ExitProcess
GetCurrentProcess
IsBadWritePtr
InitializeCriticalSection
GetModuleFileNameW
HeapDestroy
GetProcAddress
GetFileAttributesA
UnhandledExceptionFilter
InterlockedCompareExchange
EnumSystemLocalesA
FlushViewOfFile
GetModuleHandleW
FlushFileBuffers
LoadLibraryA
GetTickCount
GetStringTypeA
CompareStringW
MapViewOfFileEx
HeapSize
GetFileSize
GetFileTime
GetFileType
GetTimeFormatA
SetLastError
IsValidLocale
IsValidCodePage
VirtualAlloc
TlsSetValue
lstrcat
QueryPerformanceCounter
SetEnvironmentVariableA
HeapAlloc
GetLastError
SetConsoleMode
VirtualFree
GetLocaleInfoW
GetConsoleMode
ReadFile
LCMapStringA
SetHandleCount
CopyFileA
GetModuleFileNameA
WideCharToMultiByte
LCMapStringW
CompareStringA
GetEnvironmentStrings
GetCurrentProcessId
GetStdHandle
OpenMutexA
GetConsoleOutputCP
GetOEMCP
GetStartupInfoA
HeapFree
SetFilePointer
FreeEnvironmentStringsA
SetStdHandle
GetLocaleInfoA
GetVersionExA
LeaveCriticalSection
GetTimeZoneInformation
GlobalGetAtomNameW
GetCommandLineW
GetCalendarInfoW
RtlUnwind

user32

RegisterClassExW
RegisterClassA
RegisterClassExA

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9d86e005a7bf4a49fefcc256c989cad

Headers

File Characteristics

Imports

comctl32

kernel32

user32

Sections

.text Size: 183KB - Virtual size: 183KB

.rdata Size: 7KB - Virtual size: 12KB

.data Size: 313KB - Virtual size: 312KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 183KB - Virtual size: 183KB

.rdata
Size: 7KB - Virtual size: 12KB

.data
Size: 313KB - Virtual size: 312KB

.rsrc
Size: 15KB - Virtual size: 15KB