c5363eada33dc93b6a0d07b961dc28af

Sharing

Copy URL Twitter E-mail

General

Target

c5363eada33dc93b6a0d07b961dc28af
Size

864KB
MD5

c5363eada33dc93b6a0d07b961dc28af
SHA1

a7a292e60eb98b18e0cea9e218c08bdac82d57ff
SHA256

65a2cae5450f9d3ad1a7d8c3c3ef342fb9fa0319bc411ef576bfd7853036e266
SHA512

bb957c707c3ffc6d8474bf075fe8d1da59b88402c241f5c2ff9c6c66131620a1db8adaed0912fa23cec4cd4f0e71b47d39d526145075f726ad7ab212a890645b
SSDEEP

24576:ujUhHlyJ2XDzS833PMJERgiKnIDN/gGNTqqdk5KYAfW:/HocaqMJERgiKnIDNhNkI+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5363eada33dc93b6a0d07b961dc28af

Files

c5363eada33dc93b6a0d07b961dc28af
.exe windows:4 windows x86 arch:x86

c1ffd8e48906dc60e6a690807f7afc1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FatalExit
GetCommConfig
UnlockFileEx
LocalAlloc
SetCommMask
WaitNamedPipeA
UTRegister
CloseHandle
GlobalReAlloc
CreateMailslotA
FindResourceA
SetLocalTime
SystemTimeToTzSpecificLocalTime
GetPrivateProfileSectionNamesA
FindCloseChangeNotification
FindAtomA
Heap32First
VirtualAlloc
ResumeThread
WriteConsoleOutputAttribute
GlobalFindAtomA
GlobalUnlock
GetDriveTypeA
CreateNamedPipeA
SetCommBreak
GetNamedPipeHandleStateA
GetTempPathA
VirtualLock
SizeofResource
GetProcessAffinityMask
CommConfigDialogA
EnumSystemLocalesA
SetVolumeLabelA
MoveFileA
WriteProfileStringA
CreateFiber
ExpandEnvironmentStringsA
EnumResourceTypesA
GetTapeStatus
GetFullPathNameA
GetTapeParameters
UpdateResourceA
TlsFree
GetConsoleCursorInfo
HeapWalk
FreeConsole
IsDBCSLeadByteEx
OpenSemaphoreA
ContinueDebugEvent
DuplicateHandle
EnumCalendarInfoA
DebugActiveProcess
GetCurrentThreadId
SetFileApisToOEM
EraseTape
FileTimeToLocalFileTime
FindNextChangeNotification
GlobalAddAtomA
GetNumberFormatA
MapViewOfFile

shlwapi

SHRegEnumUSKeyA
PathSearchAndQualifyA
SHRegWriteUSValueA
UrlGetLocationA
PathIsRelativeA
StrToIntExA
StrRChrIA
UrlIsOpaqueA
SHRegCreateUSKeyA
SHIsLowMemoryMachine
PathFindOnPathA
PathFileExistsA
StrFormatByteSize64A
PathRemoveBlanksA
PathQuoteSpacesA
PathMakePrettyA
UrlCombineA
PathIsUNCA
StrSpnA
HashData
StrCSpnA
PathCommonPrefixA
StrChrIA
StrIsIntlEqualA
PathStripToRootA
SHCreateStreamWrapper
PathGetDriveNumberA
SHDeleteValueA
AssocQueryStringA
PathAppendA

user32

UnhookWinEvent

Sections

.wpop
Size: 638KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hqto
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nifap
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ejc
Size: 512B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.klets
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jkn
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdkdc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bev
Size: 49KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vivm
Size: 125KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1ffd8e48906dc60e6a690807f7afc1c

Headers

File Characteristics

Imports

kernel32

shlwapi

user32

Sections

.wpop Size: 638KB - Virtual size: 1.3MB

.hqto Size: 6KB - Virtual size: 8KB

.nifap Size: 19KB - Virtual size: 27KB

.ejc Size: 512B - Virtual size: 21KB

.klets Size: 6KB - Virtual size: 15KB

.jkn Size: 512B - Virtual size: 56B

.sdkdc Size: 512B - Virtual size: 24B

.bev Size: 49KB - Virtual size: 77KB

.vivm Size: 125KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.wpop
Size: 638KB - Virtual size: 1.3MB

.hqto
Size: 6KB - Virtual size: 8KB

.nifap
Size: 19KB - Virtual size: 27KB

.ejc
Size: 512B - Virtual size: 21KB

.klets
Size: 6KB - Virtual size: 15KB

.jkn
Size: 512B - Virtual size: 56B

.sdkdc
Size: 512B - Virtual size: 24B

.bev
Size: 49KB - Virtual size: 77KB

.vivm
Size: 125KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB