c549db89a4fd676da1b0d0eb47c487c3

Sharing

Copy URL Twitter E-mail

General

Target

c549db89a4fd676da1b0d0eb47c487c3
Size

486KB
MD5

c549db89a4fd676da1b0d0eb47c487c3
SHA1

ba8889fc561fd7c1979cc670c83a3bf2bb04b4c6
SHA256

a99837619c746caf69ccfde1cd7524f61cb83104a479cae06e8fa06b578571b9
SHA512

2d3d371eda93a1c56b1e70b4e15eed1a29f34c33c2973038457818415f5148c570fc58c6b2199d433cef41ccea8ff0552edb9f1b5ed02c220c7b78cfed27b752
SSDEEP

6144:KuH973a3HbWYvzl5Xh8Ygho6xUi+WvUjX8/Wgia/N6PAXk0yK2/pwDJcoKSZUQU1:K03aX6YvxRCxAuOYWO/NjB2/+0td6Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c549db89a4fd676da1b0d0eb47c487c3

Files

c549db89a4fd676da1b0d0eb47c487c3
.exe windows:4 windows x86 arch:x86

ca86ba1f38f2205d363f01f6baf2c5b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Imports

advapi32

RegSetValueA
CryptCreateHash
ReportEventW
RegQueryInfoKeyW
RegEnumValueW
CryptVerifySignatureA
CryptDecrypt
CryptGetUserKey
CryptGetDefaultProviderA
RegCreateKeyA
RegSetValueW
RegSetKeySecurity
CryptVerifySignatureW
StartServiceW
RegNotifyChangeKeyValue
CryptExportKey
RegEnumKeyExA
CryptSignHashA
GetUserNameA
RegOpenKeyExA
RegCloseKey
CryptGetDefaultProviderW
CryptSetProviderExA

shell32

SHGetDiskFreeSpaceA
RealShellExecuteExW
SHQueryRecycleBinA

user32

DlgDirListComboBoxW
RegisterClassA
GetClipboardSequenceNumber
EnumDesktopsA
GetParent
RegisterClassExA

comctl32

InitCommonControlsEx

kernel32

GetCPInfo
LCMapStringA
GetVersionExA
GetLocaleInfoA
IsValidCodePage
ExitProcess
TlsGetValue
EnumSystemCodePagesW
HeapSize
WriteFileEx
FlushFileBuffers
GetTimeZoneInformation
GetStringTypeW
GetFileType
UnhandledExceptionFilter
LCMapStringW
HeapFree
GetLastError
GetSystemDefaultLCID
EnterCriticalSection
SetConsoleCtrlHandler
GetEnvironmentStrings
GetCompressedFileSizeW
GetStdHandle
WriteFile
HeapDestroy
GetCommandLineA
SetCurrentDirectoryA
CloseHandle
HeapAlloc
GetCommandLineW
GetCurrentProcessId
IsValidLocale
FillConsoleOutputCharacterA
InterlockedDecrement
VirtualQuery
GetConsoleCP
GetProcessShutdownParameters
SetLastError
ReadFile
EnumSystemLocalesA
GetProcessHeap
SetEnvironmentVariableA
GlobalFree
DeleteCriticalSection
CompareStringA
CreateFileA
RtlUnwind
LeaveCriticalSection
FoldStringW
GetModuleFileNameW
GetStartupInfoA
GetLocaleInfoW
FreeEnvironmentStringsA
SetStdHandle
SetFilePointer
FreeLibrary
GetConsoleMode
WriteConsoleA
GetModuleFileNameA
HeapCreate
SetUnhandledExceptionFilter
TerminateProcess
TlsFree
GetCurrentProcess
GetCurrentThread
GetStringTypeA
CreateFileW
WideCharToMultiByte
VirtualFree
WriteConsoleW
InitializeCriticalSection
GetACP
GetSystemTimeAsFileTime
TlsSetValue
GetCurrentThreadId
GetTimeFormatA
CreateMutexA
GetEnvironmentStringsW
GetModuleHandleA
CompareStringW
MultiByteToWideChar
OpenMutexA
IsDebuggerPresent
TlsAlloc
Sleep
FreeEnvironmentStringsW
GetOEMCP
HeapReAlloc
GetTempFileNameA
LoadLibraryA
GetTickCount
GetDateFormatA
GetStartupInfoW
CreateEventA
GetUserDefaultLCID
VirtualAlloc
InterlockedIncrement
GetProcAddress
SetHandleCount
GetConsoleOutputCP
InterlockedExchange
QueryPerformanceCounter

Sections

.text
Size: 335KB - Virtual size: 334KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca86ba1f38f2205d363f01f6baf2c5b9

Headers

File Characteristics

PDB Paths

Imports

advapi32

shell32

user32

comctl32

kernel32

Sections

.text Size: 335KB - Virtual size: 334KB

.rdata Size: 36KB - Virtual size: 50KB

.data Size: 105KB - Virtual size: 105KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 335KB - Virtual size: 334KB

.rdata
Size: 36KB - Virtual size: 50KB

.data
Size: 105KB - Virtual size: 105KB

.rsrc
Size: 9KB - Virtual size: 8KB