c57da95e0360eb2964902d53359ce48e

Sharing

Copy URL Twitter E-mail

General

Target

c57da95e0360eb2964902d53359ce48e
Size

175KB
MD5

c57da95e0360eb2964902d53359ce48e
SHA1

e06c8a02df3aa2f0e1fbc150c1c966fc6c7237a8
SHA256

cff9d285719a2e03a2486b241d2bb7e52d587cf820e6583291892beb0202ff25
SHA512

1836b283ea6f1f5e72a13b07935844aef84e86ba23854a250b9448afcf34fe2a20c0526062873290062edf2ce2384d9765e6677e113552c7f9f31ea1ee2984ac
SSDEEP

3072:LvKSIDFKq51MpUR6vwPH2c3C9X74hnHZj1r60kv:DKlHp6vdZ725pg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c57da95e0360eb2964902d53359ce48e

Files

c57da95e0360eb2964902d53359ce48e
.exe windows:4 windows x86 arch:x86

579ebf19ae5be5446a8901715bad74c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyA
RegQueryValueExA
RegEnumKeyA
RegLoadKeyA

gdi32

SelectPalette
SetPixel
RestoreDC
CreateBitmap
CreateCompatibleDC
SetTextColor
SelectObject
CreateFontIndirectA
GetDCOrgEx
GetDIBColorTable

shlwapi

SHGetValueA
SHDeleteValueA
SHStrDupA

user32

FindWindowA
InsertMenuA
GetMenuItemCount
GetCapture
GetSysColor
WindowFromPoint
GetTopWindow
GetScrollInfo
CreatePopupMenu
DrawAnimatedRects
GetMenuItemInfoA
SetClassLongA
UpdateWindow
GetCursor
TranslateMDISysAccel
SetWindowPlacement
LoadStringA
FrameRect
InflateRect
ReleaseDC
DefMDIChildProcA
GetSubMenu
UnhookWindowsHookEx
OemToCharA
GetDesktopWindow
MsgWaitForMultipleObjects
EnumChildWindows
GetFocus
WaitMessage
DefWindowProcA
TrackPopupMenu
IsWindowUnicode
SetScrollInfo
IsWindowVisible
DispatchMessageW

ole32

CLSIDFromProgID
CoCreateGuid
CoGetObjectContext
StgCreateDocfileOnILockBytes
CoGetMalloc

version

GetFileVersionInfoA
VerQueryValueA
VerInstallFileA

kernel32

SetEndOfFile
GetOEMCP
GlobalAddAtomA
FindFirstFileA
GetProcAddress
GetModuleHandleA
GetLocaleInfoA
GetModuleFileNameA
VirtualAlloc
GetThreadLocale
lstrcmpiA
GetVersionExA
ExitProcess
VirtualAllocEx
GlobalAlloc
GetCurrentThread
GetLastError

shell32

SHFileOperationA
DragQueryFileA

Sections

CODE
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

579ebf19ae5be5446a8901715bad74c7

Headers

File Characteristics

Imports

advapi32

gdi32

shlwapi

user32

ole32

version

kernel32

shell32

Sections

CODE Size: 29KB - Virtual size: 29KB

.data Size: 140KB - Virtual size: 207KB

DATA Size: 4KB - Virtual size: 4KB

CODE
Size: 29KB - Virtual size: 29KB

.data
Size: 140KB - Virtual size: 207KB

DATA
Size: 4KB - Virtual size: 4KB