6554356c0cbf254f38d577bd3b1dcd42

Sharing

Copy URL

Twitter E-mail

General

Target

6554356c0cbf254f38d577bd3b1dcd42
Size

464KB
MD5

6554356c0cbf254f38d577bd3b1dcd42
SHA1

b7a2e3fc8965579a0546ad8801c38a1dfa1338e8
SHA256

5c98d16b5c8e224a1e7e031fbdf0298a1976352426e4c25d715f94173c1df0c1
SHA512

a34dab2974deac4d3c40b980426de19fa1962c07f10c60235806c70320cc6869bb4ea0c2db77ed210c45696a1db2ae18ab0f13abbe70dcc3d34344b75124d3a0
SSDEEP

6144:bJDBXVjZbMF7pdYytc5EmdRqqTVaKyQUmbOvWYzUwHOYNZNeY9kYaPd8w9G9pu2u:bhZ0YysdzQKyHmqvdZHOIaOu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6554356c0cbf254f38d577bd3b1dcd42

Files

6554356c0cbf254f38d577bd3b1dcd42
.exe windows:4 windows x86 arch:x86

e7f815e75665d2877d4ac84d2e3e1fd2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
HeapDestroy
EnterCriticalSection
GetCommandLineW
HeapCreate
LCMapStringW
InterlockedIncrement
GetCurrentThread
GetCurrentProcess
EnumSystemLocalesA
GetLocaleInfoA
WideCharToMultiByte
IsValidCodePage
SetEnvironmentVariableA
GetStdHandle
TlsFree
TlsSetValue
GetModuleHandleA
GetCPInfo
SetConsoleCtrlHandler
TlsGetValue
HeapFree
GetSystemTimeAsFileTime
GetStartupInfoW
Sleep
CompareStringW
VirtualAlloc
GetLastError
GetCurrentProcessId
GetVersionExA
QueryPerformanceCounter
GetTimeFormatA
SetHandleCount
GetEnvironmentStrings
GetLocaleInfoW
IsDebuggerPresent
GetTimeZoneInformation
FreeEnvironmentStringsW
GetDateFormatA
SetUnhandledExceptionFilter
TerminateProcess
InitializeCriticalSection
FindResourceExW
GetStringTypeA
GetFileType
ExitProcess
LCMapStringA
FreeLibrary
WriteFile
GetEnvironmentStringsW
TlsAlloc
VirtualFree
GetCurrentThreadId
CompareStringA
LoadLibraryA
GetOEMCP
HeapReAlloc
GetCommandLineA
VirtualQuery
HeapSize
IsValidLocale
GetPrivateProfileIntW
RtlUnwind
GetUserDefaultLCID
HeapAlloc
SetLastError
MultiByteToWideChar
InterlockedExchange
DeleteCriticalSection
GetStartupInfoA
GetProcAddress
GetModuleFileNameA
FreeEnvironmentStringsA
GetStringTypeW
UnhandledExceptionFilter
GetModuleFileNameW
GetProcessHeap
LeaveCriticalSection
GetTickCount
InterlockedDecrement

comdlg32

FindTextW
GetSaveFileNameA
PrintDlgA
ChooseColorW

wininet

ShowClientAuthCerts

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 281KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7f815e75665d2877d4ac84d2e3e1fd2

Headers

File Characteristics

Imports

kernel32

comdlg32

wininet

Sections

.text Size: 158KB - Virtual size: 158KB

.rdata Size: 8KB - Virtual size: 24KB

.data Size: 281KB - Virtual size: 281KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 158KB - Virtual size: 158KB

.rdata
Size: 8KB - Virtual size: 24KB

.data
Size: 281KB - Virtual size: 281KB

.rsrc
Size: 15KB - Virtual size: 14KB