5c515a76f5896fc22be144ac799378ee

Sharing

Copy URL

Twitter E-mail

General

Target

5c515a76f5896fc22be144ac799378ee
Size

20KB
MD5

5c515a76f5896fc22be144ac799378ee
SHA1

99333506bbef73bf7f57b5923ccf4f57d0b7cdc2
SHA256

1b1dc1463984f63b136dac30fc7b331e32abc641c83ef3718ced6fdfb4bf7995
SHA512

e081e6fb50f29461b9a33b906300d771f91619eb6b45b5a59307beb736875e9b8ddeae7019a2c0dd4e7c3a9d293fe058d0ec5a48a09ac4fb7f187402ce880260
SSDEEP

192:cRcMsupMUK/KHbFWbgfWmmReEIxtF7duzH9PT/RSHXLYBl9NJCqWc6coOgJqfn83:PM4iDswEH9PT/S7glHJCqWcn0q0JB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c515a76f5896fc22be144ac799378ee

Files

5c515a76f5896fc22be144ac799378ee
.exe windows:4 windows x86 arch:x86

a3176354d9629bb8b0a66f69094194b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ssgui

?LoadCtl3d@CLoad3d@@QAEHPAUHINSTANCE__@@@Z
SSGetpRefreshInfo
?FilterHelpMessages@CHelpHook@@SAHHPAUtagMSG@@@Z
SSGuiAllocateParent
?UnloadCtl3d@CLoad3d@@QAEXXZ
SSGuiFreeParent
SSDoAboutBox
SSMessageFilter
SSGuiGetHelpFileFromClient
SSGuiDocInit
SSGuiGetHelpFileFromServer
SSGuiGetHelpFile
??1CLoad3d@@QAE@XZ
SSSendRefresh
??0CLoad3d@@QAE@XZ

mfc42

ord4080
ord6398
ord5458
ord5588
ord502
ord825
ord774
ord800
ord924
ord537
ord858
ord2614
ord939
ord4160
ord1567
ord5572
ord2915
ord268
ord540
ord860
ord4684
ord4612
ord4610
ord4274
ord4486
ord2554
ord2512
ord5731
ord3922
ord5199
ord2396
ord3346
ord5302
ord4079
ord4698
ord5307
ord5289
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord5300
ord4622
ord4424
ord3738
ord815
ord561
ord4357
ord6117
ord5943
ord1270
ord1168
ord1205
ord2725
ord5714
ord1199
ord1175
ord1576
ord823

msvcrt

_exit
__CxxFrameHandler
_strdup
free
??1type_info@@UAE@XZ
__dllonexit
_onexit
__p__mbctype
_XcptFilter
exit
__p__acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_setmbcp

kernel32

GetStartupInfoA
lstrcpyA
GetModuleHandleA
LoadLibraryA
GetProcAddress
FindResourceA
LoadResource
LockResource
GetVersion

user32

DeleteMenu
GetMenuStringA
GetMenuItemCount
InsertMenuA
MessageBoxA
wsprintfA
KillTimer
SetTimer

advapi32

RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegCloseKey

Exports

Exports

??4CLoad3d@@QAEAAV0@ABV0@@Z
?Ctl3dSubclassDlgEx@CLoad3d@@QAEHPAUHWND__@@K@Z
?IsLoaded@CLoad3d@@QAEHXZ

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a3176354d9629bb8b0a66f69094194b2

Headers

File Characteristics

Imports

ssgui

mfc42

msvcrt

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 8KB