b54413071cfa35ba1e399ba4fc4469f5

General

Target

b54413071cfa35ba1e399ba4fc4469f5
Size

299KB
MD5

b54413071cfa35ba1e399ba4fc4469f5
SHA1

239ce42b0a96e61b13ac94e991bf5596f7bfc1b5
SHA256

5810587ad4a712414e726fd162b41b0c5b463a95d0e12a0350402757f4c3c671
SHA512

77060eed048bbd9081c1d9f21d6e8f9ee07e34f73628d0284ab4359ee02e6243b4c982a725d5e54b28746aec1bf09ddbe724d44e237428a1b1173685d097dd77
SSDEEP

6144:roOXGQ1iWaIoVjCEIAyqIk+Pk8vZ/hgu4e49C7Wz5HHlZ/F+1WJ:rUlJDjCEaJPNvZ/h7o9CoHFZs1WJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b54413071cfa35ba1e399ba4fc4469f5

Files

b54413071cfa35ba1e399ba4fc4469f5
.exe windows:4 windows x86 arch:x86

539134572941ca9646f44ca76677bf10

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

dciman32

DCIBeginAccess

user32

IsIconic
EnumWindowStationsW
GetLastActivePopup
SetRect
ShowWindow
GetWindowRect
SetForegroundWindow
GetClientRect

kernel32

CloseHandle
Sleep
GetCommandLineA
WideCharToMultiByte
GetLocaleInfoA
GetLocaleInfoW
GetShortPathNameW
GetProcessHeap
GetVersionExA
MultiByteToWideChar
SetStdHandle
FindNextFileW
lstrlenW
FindClose
InterlockedExchange
OutputDebugStringA
GetTempPathW
GetLastError
FindNextFileA
GetFullPathNameW
GetUserDefaultUILanguage
FindResourceA
ExitProcess
FindFirstFileExW
GetFullPathNameA
GetVersion
OutputDebugStringW
CreateFileMappingA
GetUserDefaultLangID
lstrlenA
GetModuleFileNameA
GetStartupInfoA
GetVersionExW
lstrcmpiA
SizeofResource
GetModuleFileNameW
LockResource
LoadResource
GetACP
GetThreadLocale
EnumSystemLocalesW
EnumUILanguagesW
FindFirstFileExA
GetModuleHandleA
GetSystemDefaultLangID
GetShortPathNameA

shell32

SHChangeNotify
SHGetSpecialFolderPathA
SHGetFolderPathW
SHCreateDirectoryExW
SHCreateDirectoryExA
SHGetSpecialFolderPathW

Sections

.text
Size: 211KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bore
Size: 5KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

539134572941ca9646f44ca76677bf10

Headers

File Characteristics

Imports

dciman32

user32

kernel32

shell32

Sections

.text Size: 211KB - Virtual size: 210KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 80KB - Virtual size: 80KB

.bore Size: 5KB - Virtual size: 74KB

.text
Size: 211KB - Virtual size: 210KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 80KB - Virtual size: 80KB

.bore
Size: 5KB - Virtual size: 74KB