5f170a259ed79735753b3795bf9fa7c4fc1d0924e907161d90f89e097ec54fc3[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

5f170a259ed79735753b3795bf9fa7c4fc1d0924e907161d90f89e097ec54fc3.exe
Size

645KB
MD5

85995847fa62a99360750ddf30aba8b5
SHA1

234c5a811e07990a2a0ec90f230f5b407b2e241d
SHA256

5f170a259ed79735753b3795bf9fa7c4fc1d0924e907161d90f89e097ec54fc3
SHA512

b13121e09deac37a1a430072762b86e4c9b830c553e920225435ac3ed25efffc10d36648a0198ad78f95c9601f3fd74ac9bff13d19b3c7ad1e5e5fd3b4af1200
SSDEEP

12288:WZrl1HVH02VoFhae1ejjyL45x4m+Vm8FI3dSOd1vaRneE5hsKYrbrHSBSk/zcX/u:WZrlDHRVoFhP1ejj+45x4fE9N1vsneEP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f170a259ed79735753b3795bf9fa7c4fc1d0924e907161d90f89e097ec54fc3.exe

Files

5f170a259ed79735753b3795bf9fa7c4fc1d0924e907161d90f89e097ec54fc3.exe
.exe windows:4 windows x86 arch:x86

c879f934e5ad7bf1015f75ab8102f9d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemPowerStatus
MultiByteToWideChar
CreateThread
CreateDirectoryA
CreateFileA
ReadFile
CloseHandle
WriteFile
CreateToolhelp32Snapshot
Process32First
OpenProcess
GetCurrentProcessId
TerminateProcess
Process32Next
GetCurrentThreadId
SetEvent
GetProcessHeap
HeapAlloc
HeapFree
CreateEventA
GetLastError
WaitForSingleObject
GetOverlappedResult
BuildCommDCBA
SetCommState
SetLastError
Sleep
WinExec
GetCommState
GetCommTimeouts
SetCommTimeouts
SetCommMask
GetSystemTime
GetLogicalDrives
SystemTimeToFileTime
FileTimeToSystemTime
GetDiskFreeSpaceExA
DeleteFileA
SetFilePointer
FindFirstFileA
FindClose
GetFileAttributesA
FindNextFileA
GlobalAlloc
GlobalFree
GetFileSize
GetCurrentProcess
GetSystemTimes
GlobalLock
GlobalUnlock
GlobalReAlloc
GetFileAttributesExA
LoadLibraryA
GetProcAddress
FreeLibrary
ExitThread
SetEndOfFile
SetThreadPriority
CopyFileA
MoveFileExA
GetModuleHandleA
GetTickCount
FindResourceA
SizeofResource
LoadResource
LockResource
CreateProcessA
MoveFileA
GetCommandLineA
GetVolumeInformationA
SetErrorMode
SetUnhandledExceptionFilter
GetStartupInfoA
HeapCreate
HeapDestroy
HeapReAlloc
HeapSize
HeapValidate
VirtualAlloc
VirtualQuery
ExitProcess
RtlUnwind
GetSystemTimeAsFileTime
GetFileType
GetStdHandle
DuplicateHandle
SetHandleCount
GetModuleFileNameA
GetEnvironmentStrings
FreeEnvironmentStringsA
OutputDebugStringA
UnhandledExceptionFilter
SetConsoleCtrlHandler
GetConsoleMode
GetConsoleOutputCP
SetStdHandle
WideCharToMultiByte

user32

MessageBoxA
InvalidateRect
SendMessageA
SetWindowTextA
KillTimer
SetWindowPos
CharLowerA
ShowWindow
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
BringWindowToTop
PostMessageA
SetFocus
SetCursorPos
DestroyWindow
SetTimer
ReleaseCapture
SetWindowRgn
SetCapture
GetCursorPos
BeginPaint
FillRect
DrawTextA
EndPaint
CallWindowProcA
CreateWindowExA
SetWindowLongA
WindowFromPoint
ScreenToClient
PtInRect
IsWindowVisible
GetFocus
ModifyMenuA
DrawMenuBar
CreatePopupMenu
AppendMenuA
SetMenuInfo
TrackPopupMenu
DestroyMenu
GetWindowTextA
CharUpperA
ExitWindowsEx
SetRect
CopyImage
CheckMenuItem
DefWindowProcA
FindWindowA
RegisterClassA
UpdateWindow
GetWindowRect
GetDC
ReleaseDC
GetWindowLongA
RemoveMenu
GetClientRect
SetCursor
IsIconic
CreateMenu
LoadImageA
EnumDisplaySettingsA
GetSystemMetrics
SendNotifyMessageA
UnregisterClassA
SystemParametersInfoA
GetSysColor
SetClassLongA
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
UnregisterHotKey
PostQuitMessage
SetProcessDPIAware
RegisterHotKey
LoadIconA
LoadCursorA
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetMessageA

gdi32

GetStockObject
CreateRectRgn
SelectObject
SetTextColor
SetBkMode
RoundRect
Polygon
DeleteObject
CreatePen
TextOutA
CreateFontA
CreateCompatibleDC
GetObjectA
CreateDIBSection
BitBlt
ExtCreateRegion
CombineRgn
DeleteDC
GetDIBits
SetDIBits
CreateBitmap
StretchBlt
CreateSolidBrush
CreateRoundRectRgn
MoveToEx
LineTo
SetBkColor
OffsetRgn
Rectangle
Polyline
CreateCompatibleBitmap
ChoosePixelFormat
SetPixelFormat
SwapBuffers
Ellipse
Pie
SetStretchBltMode
CreateFontIndirectA
CreateHatchBrush
SelectClipRgn
CreatePolygonRgn
BeginPath
EndPath
PathToRegion
GetRgnBox
CreateRectRgnIndirect

shell32

ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

opengl32

glColor3ub
glColor4ub
glGenLists
wglUseFontOutlinesA
glDeleteLists
glTranslatef
glPushAttrib
glListBase
glCallLists
glPopAttrib
glColor3f
glEnable
glDisable
glLoadIdentity
wglUseFontBitmapsA
glBlendFunc
glRasterPos2f
glBegin
glColor4f
glVertex2f
glEnd
glLineWidth
glMatrixMode
glPushMatrix
glViewport
glOrtho
glGenTextures
glBindTexture
glTexParameteri
glTexImage2D
glGetError
glRotatef
glScalef
glPolygonMode
glVertex3f
glEnableClientState
glNormalPointer
glVertexPointer
glDrawArrays
glTexGeni
glPopMatrix
glVertex2i
glRotated
glNormal3d
glTexCoord2d
glVertex3d
glTexCoord2f
glClear
glDepthFunc
wglMakeCurrent
wglDeleteContext
wglCreateContext
glShadeModel
glHint
glDeleteTextures
glFogi
glFogf
glLineStipple
glClearColor
glClearDepth
glReadPixels

glu32

gluPerspective
gluBuild2DMipmaps
gluDisk
gluDeleteQuadric
gluNewQuadric
gluQuadricNormals
gluQuadricTexture
gluSphere

winmm

waveOutUnprepareHeader
waveOutOpen
waveOutPrepareHeader
waveOutReset
mciSendStringA
waveOutWrite
PlaySoundA
waveOutClose

wininet

DeleteUrlCacheEntry
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable
InternetGetConnectedState

gdiplus

GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipDisposeImage
GdiplusShutdown
GdipGetImageThumbnail

msimg32

GradientFill

urlmon

URLOpenBlockingStreamA
URLDownloadToFileA

shlwapi

PathStripPathA
PathRemoveFileSpecA

ole32

CoInitialize
CoCreateInstance
CoUninitialize
OleInitialize
CreateStreamOnHGlobal
OleUninitialize

oleaut32

OleLoadPicture

Sections

.text
Size: 557KB - Virtual size: 557KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 718.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c879f934e5ad7bf1015f75ab8102f9d1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

advapi32

opengl32

glu32

winmm

wininet

gdiplus

msimg32

urlmon

shlwapi

ole32

oleaut32

Sections

.text Size: 557KB - Virtual size: 557KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 41KB - Virtual size: 718.6MB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 557KB - Virtual size: 557KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 41KB - Virtual size: 718.6MB

.rsrc
Size: 13KB - Virtual size: 12KB