ab5378df666520ef47100bd3f97576d6

Sharing

Copy URL

Twitter E-mail

General

Target

ab5378df666520ef47100bd3f97576d6
Size

584KB
MD5

ab5378df666520ef47100bd3f97576d6
SHA1

a4c9d8a59d09af9a0382f6c010d8aaebe631cfd5
SHA256

56f6279d7e3888bdabf68d4f28beb7f27268bb38ea45e5969e7231e3a70e4ef3
SHA512

0672273d516f2952675da081cd24d0071ed4b2e55e27fef08fd80ccfecb60d56f2cff798370c72cbfdcf58efbd810976b39ff5346a8134f300cf7df1e5662073
SSDEEP

12288:LgMwLmIcIQdNgVGFjSvuf5paZjtJujdmPsrW8/1qyO0cL3:LgdLmIrQQAz5puTIWE6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab5378df666520ef47100bd3f97576d6

Files

ab5378df666520ef47100bd3f97576d6
.exe windows:4 windows x86 arch:x86

d4a6c13ebc179175e47ecbef2ac2837e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateDCW
EnumICMProfilesW
ColorMatchToTarget
GetObjectA
CreateBitmap
ExtSelectClipRgn
SelectObject
DeleteDC
GetDeviceCaps

advapi32

RegDeleteValueA
LookupPrivilegeNameA
RegDeleteValueW
LookupPrivilegeValueA
CryptEnumProviderTypesA
CryptGenRandom
RegOpenKeyA
CryptSetKeyParam
RegEnumValueW
CryptDecrypt
CryptSetHashParam
LogonUserW
DuplicateTokenEx
CryptAcquireContextW
GetUserNameA
RegCloseKey
CryptEnumProvidersW
CryptEncrypt
RegEnumKeyExW
CryptGetKeyParam
CryptVerifySignatureW
RegEnumKeyExA
CryptImportKey

user32

GetMenuStringA
LoadMenuIndirectW
GetDesktopWindow
ScrollWindowEx
DefWindowProcA
SetClassLongA
SetDebugErrorLevel
MessageBoxA
GetCapture
BlockInput
GetMenuContextHelpId
RegisterWindowMessageW
DialogBoxParamW
DispatchMessageW
DrawTextExA
EndDialog
ExcludeUpdateRgn
RegisterClassExA
SetWindowsHookW
HideCaret
LoadCursorFromFileA
SetFocus
GetClipboardViewer
CreateDesktopA
GetMonitorInfoW
DdeKeepStringHandle
GetUpdateRgn
GetMenuItemInfoA
MessageBoxExW
CreateWindowExA
UnhookWinEvent
RegisterClassA
ShowWindow
LookupIconIdFromDirectory
RegisterHotKey
DestroyWindow
GetMenuState

kernel32

CloseHandle
AddAtomA
CreateMutexA
FoldStringW
GetStringTypeW
GlobalGetAtomNameW
ExitProcess
SetStdHandle
UnhandledExceptionFilter
GetNamedPipeInfo
VirtualAlloc
FreeEnvironmentStringsW
InterlockedDecrement
GetStringTypeA
GetConsoleOutputCP
InterlockedIncrement
GetTickCount
GetCPInfo
GetLocaleInfoW
EnumDateFormatsW
LCMapStringA
GetConsoleCP
GetModuleFileNameA
GetVersionExA
HeapFree
HeapAlloc
EnumDateFormatsA
DuplicateHandle
SetEnvironmentVariableA
ExpandEnvironmentStringsW
LocalReAlloc
MultiByteToWideChar
GetCurrentThreadId
SetUnhandledExceptionFilter
EnumSystemLocalesA
SetFilePointer
FlushFileBuffers
lstrcmpiA
GetOEMCP
GetCalendarInfoA
LeaveCriticalSection
VirtualQuery
GetDateFormatA
HeapCreate
VirtualFree
CompareStringA
GetConsoleMode
IsValidLocale
QueryPerformanceCounter
TerminateProcess
TlsGetValue
GetCommandLineW
InterlockedExchange
GetCurrentThread
TlsSetValue
ReadFile
HeapDestroy
HeapReAlloc
FreeLibrary
LoadLibraryA
GetModuleHandleA
TryEnterCriticalSection
GetCurrentProcessId
GetPrivateProfileSectionNamesW
WriteConsoleA
SetHandleCount
WriteFile
GetEnvironmentStringsW
TlsFree
GetLocaleInfoA
FreeEnvironmentStringsA
RtlUnwind
GetModuleFileNameW
InitializeCriticalSection
GetCommandLineA
GetACP
HeapSize
OpenMutexA
UnlockFile
GetProcAddress
GetEnvironmentStrings
DeleteFileA
IsValidCodePage
WriteConsoleW
SetConsoleCtrlHandler
CreateFileA
GetStartupInfoA
GetTimeZoneInformation
GetUserDefaultLCID
EnumResourceLanguagesW
TlsAlloc
GetCurrentProcess
WideCharToMultiByte
IsDebuggerPresent
GetSystemTimeAsFileTime
LCMapStringW
GetTimeFormatA
GetLastError
GetProcessHeap
CompareStringW
GetStartupInfoW
EnterCriticalSection
Sleep
SetLastError
GetFileType
GetStdHandle
DeleteCriticalSection

comctl32

InitCommonControlsEx
ImageList_SetImageCount
CreatePropertySheetPageW
ImageList_BeginDrag
ImageList_Replace
InitMUILanguage
ImageList_DrawEx
ImageList_GetFlags
ImageList_LoadImage
ImageList_SetOverlayImage

comdlg32

PageSetupDlgW
FindTextW
GetFileTitleW
ChooseFontA

wininet

InternetCombineUrlW

Sections

.text
Size: 188KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4a6c13ebc179175e47ecbef2ac2837e

Headers

File Characteristics

Imports

gdi32

advapi32

user32

kernel32

comctl32

comdlg32

wininet

Sections

.text Size: 188KB - Virtual size: 184KB

.rdata Size: 268KB - Virtual size: 265KB

.data Size: 112KB - Virtual size: 127KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 188KB - Virtual size: 184KB

.rdata
Size: 268KB - Virtual size: 265KB

.data
Size: 112KB - Virtual size: 127KB

.rsrc
Size: 12KB - Virtual size: 11KB