c545c591c2433e42bc25d85d14aaf956

Sharing

Copy URL Twitter E-mail

General

Target

c545c591c2433e42bc25d85d14aaf956
Size

163KB
MD5

c545c591c2433e42bc25d85d14aaf956
SHA1

ed08f1e6f3bdc02bbe126de3e4a9d7c9d11ee302
SHA256

bd6e77769f5b09eb0f8eb618918994967c3f4c37ab2c9beb6e9e451c7d5ce2d5
SHA512

79ca0c56be8dd80f855e6f7f99e1e89af5cca6ae0ec44f461e24f3f580fc66ae281f3c8c29af698a4b1c585e4a21b5f5bd9faab5e2839f4f06d18674af93b2ba
SSDEEP

3072:fxM9VzOiiZk1wdBax8r+L8o4w9s01pxpBQNQnRZ+KtJxGkrIWtIJFuM:fx/k1w+x8r+Ew9s01TpBgQnRVxJrISKZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c545c591c2433e42bc25d85d14aaf956

Files

c545c591c2433e42bc25d85d14aaf956
.exe windows:4 windows x86 arch:x86

03911377602cd344b6ac43e116bb5ceb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
CreateProcessA
CloseHandle
SetFileAttributesA
GetCurrentDirectoryA
GetModuleFileNameA
WaitForSingleObject
RemoveDirectoryA
GetEnvironmentStrings
SetCurrentDirectoryA
HeapSize
FileTimeToLocalFileTime
DeleteFileA
CompareStringA
SetEndOfFile
CompareStringW
GetStringTypeW
GetStringTypeA
FlushFileBuffers
GetProcAddress
IsBadCodePtr
LoadLibraryA
SetUnhandledExceptionFilter
GetEnvironmentStringsW
IsBadReadPtr
UnhandledExceptionFilter
GetLocalTime
FreeEnvironmentStringsW
GetTimeZoneInformation
SetStdHandle
GetSystemTime
LCMapStringW
LCMapStringA
CreateFileA
WideCharToMultiByte
SetFilePointer
MultiByteToWideChar
SetHandleCount
ReadFile
GetFileType
GetACP
GetCPInfo
GetOEMCP
WriteFile
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
HeapReAlloc
GetLastError
SetEnvironmentVariableA
GetFullPathNameA
GetDriveTypeA
FindFirstFileA
FindNextFileA
FindClose
FileTimeToSystemTime
GetStartupInfoA
GetStdHandle
GetFileAttributesA
CreateDirectoryA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetModuleHandleA
HeapDestroy
GetCommandLineA
GetVersion
RaiseException
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr

user32

LoadStringA
MessageBoxA
DispatchMessageA
TranslateMessage
RegisterClassA
LoadIconA
LoadCursorA
CreateDialogParamA
ShowWindow
GetDesktopWindow
GetWindowRect
CreateWindowExA
SetActiveWindow
GetClientRect
PostQuitMessage
UpdateWindow
DefWindowProcA
EndDialog
DestroyWindow
DialogBoxParamA
GetDlgItem
SetWindowPos
PeekMessageA
SetWindowTextA
SendMessageA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

FindExecutableA

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

03911377602cd344b6ac43e116bb5ceb

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 52KB - Virtual size: 49KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 418KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 418KB

.rsrc
Size: 16KB - Virtual size: 16KB