c545b9aeba6813b9e2fe868ae0db7e37

General

Target

c545b9aeba6813b9e2fe868ae0db7e37
Size

124KB
MD5

c545b9aeba6813b9e2fe868ae0db7e37
SHA1

2fa9ae36ce194c6929f2e93fc9b872232152c73f
SHA256

cb8ef553721fcd1069ac49bc3847b5a57137d94248592b5ae23aa2b00de23b71
SHA512

9c9cb1311ab381268c0eac9995d7a397ecdbe68e07d1ba68b2f83b0a30dd686ec3a8548363a338f22ca11c0454f986df2fc9757f566c7765f0d68fcb11c1635d
SSDEEP

3072:vP4zsintl/GKYxjm+LUyfnejRxeUJopUu4j0:vPOFtluPNX9NUJz/0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c545b9aeba6813b9e2fe868ae0db7e37

Files

c545b9aeba6813b9e2fe868ae0db7e37
.exe windows:4 windows x86 arch:x86

0608d3f14922393fe3e5b8407465229f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
GetConsoleMode
OpenFileMappingA
ReadConsoleA
Sleep
GetStdHandle
GetCommandLineA
WriteFile
FindFirstFileA
CopyFileExW
SetLastError
CopyFileA
GetLastError
DeleteFileW
DeleteAtom
OpenFile

advapi32

RegReplaceKeyW
RegQueryValueExA
RegLoadKeyW
RegOpenKeyExA
RegEnumKeyExW
RegCreateKeyW
RegDeleteKeyW
RegLoadKeyA
RegQueryValueA
RegEnumKeyA
RegOpenKeyW
RegGetKeySecurity
RegEnumKeyW
RegDeleteValueA
RegFlushKey
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteValueW
RegQueryValueExW

comctl32

ImageList_GetDragImage
InitCommonControls
ImageList_Destroy
ImageList_AddIcon
ImageList_Replace
ImageList_LoadImageA
ImageList_Read
ImageList_EndDrag
ImageList_GetImageCount
ImageList_Draw
ImageList_GetIcon
ImageList_GetImageRect
ImageList_AddMasked
ImageList_Create
ImageList_Remove
ImageList_GetImageInfo
ImageList_Copy
ImageList_BeginDrag
ImageList_Merge
ImageList_LoadImageW

user32

AlignRects
BlockInput
CopyIcon
CopyRect
DialogBoxParamW
LoadMenuA
GetFocus
CopyImage
DrawTextW
DrawIconEx
AppendMenuA
CloseWindow
InsertMenuA
AppendMenuW
IsMenu
GetMenu

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0608d3f14922393fe3e5b8407465229f

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

user32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 104KB - Virtual size: 174KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 104KB - Virtual size: 174KB

.rsrc
Size: 4KB - Virtual size: 1KB