ab5d0249384b30c4d9655f41134a26e1

Sharing

Copy URL Twitter E-mail

General

Target

ab5d0249384b30c4d9655f41134a26e1
Size

554KB
MD5

ab5d0249384b30c4d9655f41134a26e1
SHA1

777214e151f1a1cb289054d64b002b11e53a6312
SHA256

701a2817ba2d87b01d608a3598910aa634f35fbf02392f80e33b7a2ed4bf6ae3
SHA512

0e66e9c9d8c5682cbd2ef875be6ea151abc2dbd3029bbf3ff8db038a36a1a9eb45e612df10248162c247b65e75e68d5cb12406b9c6051952c4bebba5ee027004
SSDEEP

12288:rYMS5TNKI/nr2flgfdgabl5BrHpmp/yHx3VnJxhXq8ydRZ:rEswr2flgVLBHx3Vn7hXdq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab5d0249384b30c4d9655f41134a26e1

Files

ab5d0249384b30c4d9655f41134a26e1
.exe windows:4 windows x86 arch:x86

c1765985e30ae8b62d6d8a2993582e3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
VirtualFree
TlsGetValue
WriteFile
GetCurrentThreadId
OpenMutexA
GetCurrentThread
LocalShrink
GetVersionExA
IsValidLocale
EnumSystemLocalesA
GetOEMCP
SetLastError
SetThreadPriority
GlobalLock
CompareStringA
TlsAlloc
CloseHandle
VirtualAlloc
GetEnvironmentStringsW
SetFilePointer
GetCommandLineA
GetStringTypeExA
HeapDestroy
GetModuleFileNameW
GetCommandLineW
RtlUnwind
HeapCreate
GetModuleHandleA
ReadFile
IsValidCodePage
TerminateProcess
HeapSize
MultiByteToWideChar
GetLocaleInfoA
LCMapStringA
GetSystemInfo
IsBadWritePtr
FreeEnvironmentStringsA
TlsSetValue
GetCurrentProcessId
SetHandleCount
CompareStringW
ExitProcess
GetProcAddress
LCMapStringW
GetStartupInfoA
GetCurrentProcess
TlsFree
GetLastError
SetStdHandle
HeapReAlloc
EnterCriticalSection
GetTickCount
QueryPerformanceCounter
GetEnvironmentStrings
DeleteCriticalSection
SetEnvironmentVariableA
LoadLibraryA
HeapFree
InterlockedExchange
GetStdHandle
FoldStringA
CreateMutexA
VirtualQuery
VirtualProtect
GetModuleFileNameA
GetUserDefaultLCID
FreeEnvironmentStringsW
GetStringTypeW
LocalFileTimeToFileTime
GetSystemTimeAsFileTime
WideCharToMultiByte
GetACP
LeaveCriticalSection
InitializeCriticalSection
GetTimeZoneInformation
HeapAlloc
GetStartupInfoW
FlushFileBuffers
GetLocaleInfoW
GetConsoleTitleW
GetTimeFormatA
GetStringTypeA
GetCPInfo
UnhandledExceptionFilter
GetDateFormatA
GetFileType

user32

GetCaretBlinkTime
MessageBoxIndirectW
SetWinEventHook
SetDlgItemTextA
GetKeyNameTextA
CheckRadioButton
PaintDesktop
DlgDirSelectExA
RegisterClassExA
GetQueueStatus
DialogBoxParamW
DlgDirListComboBoxA
EnumDesktopWindows
GetSubMenu
DdeUnaccessData
RealChildWindowFromPoint
GetDoubleClickTime
LoadMenuIndirectW
CreateIconIndirect
DrawEdge
DeleteMenu
SendMessageW
GetParent
RegisterClassA
SendNotifyMessageA

comctl32

InitCommonControlsEx

Sections

.text
Size: 223KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1765985e30ae8b62d6d8a2993582e3a

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 223KB - Virtual size: 223KB

.rdata Size: 8KB - Virtual size: 22KB

.data Size: 315KB - Virtual size: 315KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 223KB - Virtual size: 223KB

.rdata
Size: 8KB - Virtual size: 22KB

.data
Size: 315KB - Virtual size: 315KB

.rsrc
Size: 6KB - Virtual size: 5KB