c54f495c2872dc650989fdb6cdfd5e79

Sharing

Copy URL Twitter E-mail

General

Target

c54f495c2872dc650989fdb6cdfd5e79
Size

529KB
MD5

c54f495c2872dc650989fdb6cdfd5e79
SHA1

b59de62a7545f446e0cb578f0857b959cc72304a
SHA256

7d35711f4c6577f7a4ecf9294ee70a156f6d09051b6fdcabe9572f3652d61c17
SHA512

86cdb195871a053deb6f7fcf9f736798697943f4199d7afc5f7292114c3e7fe6ea392568c19648a73d545937371ddb7bf3dab1d186370da1a6155987bf9495a3
SSDEEP

12288:Ioq0ORXXFBtOEqKWmZT9SRKw26Q+n4NlsvwCoth0S:IoqjFB8Eq/mZ5SRa6Fn4OOhh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c54f495c2872dc650989fdb6cdfd5e79

Files

c54f495c2872dc650989fdb6cdfd5e79
.exe windows:4 windows x86 arch:x86

07aaf04892b8d8578e34e4b58807adca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
HeapSize
GetStdHandle
LCMapStringA
GetProcAddress
GetFileType
QueryPerformanceCounter
InterlockedExchange
CloseHandle
GetStringTypeW
GetCPInfo
TlsAlloc
GetCurrentProcess
GetCommandLineA
FlushFileBuffers
GetProcessShutdownParameters
IsDebuggerPresent
SetFilePointer
GetModuleFileNameW
WideCharToMultiByte
IsValidCodePage
SetLastError
WriteConsoleW
GetCommandLineW
SetEnvironmentVariableA
GetVersionExA
GetCurrencyFormatA
VirtualQuery
EnumSystemLocalesA
CreateMutexA
DeleteCriticalSection
GetStartupInfoA
GetCurrentThreadId
FindAtomA
MoveFileW
TlsGetValue
LCMapStringW
LoadLibraryA
LeaveCriticalSection
GetUserDefaultLCID
GetTimeFormatA
GetConsoleMode
GetLocaleInfoW
ExitProcess
SetConsoleCtrlHandler
FreeEnvironmentStringsW
TlsFree
InterlockedDecrement
HeapFree
TryEnterCriticalSection
GetProcessHeap
GetTimeZoneInformation
GetConsoleOutputCP
GetEnvironmentStrings
GetFileTime
HeapCreate
Sleep
GetOEMCP
SetHandleCount
GetStartupInfoW
FreeLibrary
ReadFile
GetLocaleInfoA
AddAtomW
SetConsoleActiveScreenBuffer
GetTickCount
UnhandledExceptionFilter
MultiByteToWideChar
VirtualAlloc
VirtualFree
WriteFile
RtlUnwind
EnterCriticalSection
GetLogicalDriveStringsW
LoadModule
HeapAlloc
InterlockedIncrement
TerminateProcess
IsValidLocale
GetDateFormatA
SetUnhandledExceptionFilter
InitializeCriticalSection
GlobalGetAtomNameW
CompareStringA
OpenMutexA
HeapReAlloc
GetLastError
TlsSetValue
GetConsoleScreenBufferInfo
GetSystemTimeAsFileTime
GetConsoleCP
GetStringTypeA
GetCurrentProcessId
RtlZeroMemory
GetCurrentThread
WriteConsoleA
GetACP
GetEnvironmentStringsW
GetModuleHandleA
SetConsoleMode
WaitForMultipleObjects
GetModuleFileNameA
FreeEnvironmentStringsA
HeapDestroy
CreateFileA
CompareStringW
GetLongPathNameA

comctl32

InitCommonControlsEx

comdlg32

PageSetupDlgA
GetOpenFileNameW
ChooseColorW

wininet

GetUrlCacheConfigInfoW
UnlockUrlCacheEntryFile
InternetSetDialStateW
GetUrlCacheHeaderData
FtpCommandW
CreateUrlCacheContainerW
InternetSetCookieA

shell32

ShellExecuteW
CommandLineToArgvW
DuplicateIcon
DragAcceptFiles

advapi32

RegLoadKeyA
RegEnumValueA
RegQueryValueA

user32

AttachThreadInput
PostThreadMessageW
GetSystemMenu
EnumDisplaySettingsW
RegisterClassA
DdeUnaccessData
DdeImpersonateClient
GetPropA
DdeKeepStringHandle
DlgDirSelectExA
CloseWindow
ShowWindow
RegisterClassExA
GetUserObjectInformationW

Sections

.text
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07aaf04892b8d8578e34e4b58807adca

Headers

File Characteristics

Imports

kernel32

comctl32

comdlg32

wininet

shell32

advapi32

user32

Sections

.text Size: 194KB - Virtual size: 193KB

.rdata Size: 10KB - Virtual size: 15KB

.data Size: 315KB - Virtual size: 314KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 194KB - Virtual size: 193KB

.rdata
Size: 10KB - Virtual size: 15KB

.data
Size: 315KB - Virtual size: 314KB

.rsrc
Size: 8KB - Virtual size: 8KB