547fd47040b9ade034eb82ec704d9feca82e47d4

Sharing

Copy URL

Twitter E-mail

General

Target

547fd47040b9ade034eb82ec704d9feca82e47d4
Size

5.1MB
MD5

a3d9bfc47ae725dbec92210ee92ec3e1
SHA1

39935be48920af422bdf04f9265bfcc467d535f9
SHA256

19704d3c81a95718d164e60580772c7ef5d1b9f770b7e8e39f48d8ee2af5c9e2
SHA512

2e82fa5b3b77a0d74cd96dca8f5ddd5f63144a7132e2a9fe296b6c7fa284cf9ef07d70ed905009dbd78526417f735b86d5ce352df8562442108506c71685f173
SSDEEP

98304:KE0ggTs2wnEYpYj7Nx+dlAq37hQZfXsD2zgUo3cLjRVkzqA659FN0Y1:j0NsjEUYj+CqyhS2zgr3cLbk2A0UQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
547fd47040b9ade034eb82ec704d9feca82e47d4

Files

547fd47040b9ade034eb82ec704d9feca82e47d4
.exe windows:4 windows x86 arch:x86

f015763e6478be0225f38d4ef917ba3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
SystemTimeToFileTime
GetSystemTime
WideCharToMultiByte
GetModuleFileNameA
CompareFileTime
GetCommandLineA
InitializeCriticalSection
MultiByteToWideChar
lstrlenA
WriteProfileStringA
GetShortPathNameA
CreateDirectoryA
DeleteFileA
GetDiskFreeSpaceA
GetTempFileNameA
CreateFileA
ReadFile
WriteFile
CloseHandle
lstrcpyA
GetLogicalDrives
GetFileAttributesA
DeviceIoControl
GetVersionExA
SetFileAttributesA
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
SetFileTime
SetVolumeLabelA
FindFirstFileA
FindNextFileA
FindClose
GetVolumeInformationA
GetDriveTypeA
GetLocaleInfoA
LoadLibraryA
GetModuleHandleA
FreeLibrary
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
lstrcatA
GetTempPathA
SetCurrentDirectoryA
GetProcAddress
SetEndOfFile
SetFilePointer
GetStdHandle
GetACP
CompareStringW
GetOEMCP
GetCPInfo
SetStdHandle
CompareStringA
GetStringTypeA
RtlUnwind
GetStringTypeW
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
FlushFileBuffers
FreeEnvironmentStringsA
GetFileType
SetEnvironmentVariableA
HeapSize
SetHandleCount
GetFullPathNameA
LCMapStringW
HeapReAlloc
VirtualAlloc
HeapCreate
HeapDestroy
VirtualFree
GetStartupInfoA
MoveFileA
GetVersion
GetTimeZoneInformation
TerminateProcess
GetLocalTime
HeapAlloc
HeapFree
ExitProcess
LCMapStringA

user32

RegisterClassExA
CreateWindowExA
wsprintfA
SetWindowLongA
EnableWindow
SetFocus
TranslateMessage
DdeDisconnect
OemToCharBuffA
EndDialog
GetWindowTextA
SetWindowTextA
GetWindowRect
ScreenToClient
ShowWindow
PostMessageA
GetDlgItem
CharToOemBuffA
GetDesktopWindow
MoveWindow
DdeClientTransaction
DdeGetLastError
PeekMessageA
IsDialogMessageA
SetDlgItemTextA
DdeFreeStringHandle
DdeUninitialize
DdeConnect
DdeInitializeA
DdeCreateStringHandleA
DrawTextA
BeginPaint
GetClientRect
GetSysColor
EndPaint
InvalidateRect
CallWindowProcA
IsWindowEnabled
MessageBoxA
ReleaseCapture
SetCapture
SetCursor
ClientToScreen
GetParent
GetCursorPos
GetWindowLongA
DefWindowProcA
LoadStringA
UpdateWindow
LoadIconA
DispatchMessageA
RegisterClassA
GetMessageA
TrackPopupMenu
CreatePopupMenu
DialogBoxParamA
DestroyMenu
SendDlgItemMessageA
IsDlgButtonChecked
SendMessageA
CheckDlgButton
GetDlgItemTextA
GetClassInfoExA
LoadCursorA
PostQuitMessage
IsWindow

gdi32

GetStockObject
SetBkMode
SetTextColor
Rectangle
SelectObject
CreateSolidBrush

comdlg32

GetFileTitleA

advapi32

RegEnumKeyExA
RegQueryValueA
RegCloseKey
RegDeleteKeyA
RegOpenKeyExA
RegSetValueA
RegCreateKeyA
RegQueryValueExA

shell32

ShellExecuteA
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFileInfoA
SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pklstb
Size: 84KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.relo2
Size: 4KB - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f015763e6478be0225f38d4ef917ba3d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: - Virtual size: 107KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: - Virtual size: 32KB

.rsrc Size: 8KB - Virtual size: 16KB

.pklstb Size: 84KB - Virtual size: 100KB

.relo2 Size: 4KB - Virtual size: 60B

.text
Size: - Virtual size: 107KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: - Virtual size: 32KB

.rsrc
Size: 8KB - Virtual size: 16KB

.pklstb
Size: 84KB - Virtual size: 100KB

.relo2
Size: 4KB - Virtual size: 60B