c5711b26208aaad34d8cac29247e3c16

Sharing

Copy URL Twitter E-mail

General

Target

c5711b26208aaad34d8cac29247e3c16
Size

519KB
MD5

c5711b26208aaad34d8cac29247e3c16
SHA1

c8b85320ab70ad30a7d4cffed1c6e92f185ceb61
SHA256

09f95cd8572dd5e5b69399cf05edd270d23a3e9134e927547e6001a9b8b5c7c0
SHA512

18aaa54b41f2b840166215b25aada2d12037d70bf59930061fca6ca2d163fa218601fe87aba81ba8678e1b13d052005957795c20b43274d8299a5fdb7197e27e
SSDEEP

12288:+q/WLw7/DMeGPV88zAs6mGw7EQzOu1do7vXVAjx6Y347dg:+q/WLw7/DMV86n69wwvu1deXVV77

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5711b26208aaad34d8cac29247e3c16

Files

c5711b26208aaad34d8cac29247e3c16
.exe windows:4 windows x86 arch:x86

25473cf971bc26b1236283eb4c724327

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetListBoxInfo
GetKeyboardLayoutNameW
DdeFreeStringHandle
DefFrameProcA
GetActiveWindow
DestroyMenu
GetWindowRgn
GetMenuItemID
MessageBoxExA
CopyIcon
GetClipboardSequenceNumber
CountClipboardFormats
RegisterClassExA
RegisterClassA
AdjustWindowRect
TrackPopupMenuEx
GetWindowTextW
ArrangeIconicWindows
CopyAcceleratorTableW

kernel32

VirtualFree
LCMapStringW
SetThreadContext
GetPrivateProfileStringA
InitializeCriticalSection
UnhandledExceptionFilter
ReadFile
LeaveCriticalSection
GetCommandLineA
GetCurrentThread
EnterCriticalSection
FreeEnvironmentStringsA
GetCurrentProcessId
GetVersionExA
CompareStringA
GetUserDefaultLCID
GetEnvironmentStringsW
FlushFileBuffers
SetLastError
GetModuleHandleA
GetLocaleInfoA
GetTimeZoneInformation
GetTickCount
HeapReAlloc
HeapFree
VirtualQuery
SetHandleCount
GetStdHandle
GetEnvironmentStrings
GetStringTypeA
GetSystemInfo
AddAtomW
CreateMutexA
EnumSystemLocalesA
SetStdHandle
GetModuleFileNameA
CloseHandle
OpenMutexA
WriteFile
SetEndOfFile
lstrcpynA
GetStringTypeW
DeleteCriticalSection
ExitProcess
LoadLibraryA
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetTimeFormatA
SetConsoleTitleA
GetCurrentThreadId
GetDateFormatA
SetEnvironmentVariableA
GetOEMCP
HeapDestroy
GetCurrentProcess
GetCPInfo
EnumTimeFormatsW
VirtualAlloc
TlsFree
TlsGetValue
GetLastError
CompareStringW
IsValidLocale
lstrcmpi
GetACP
GetStringTypeExW
HeapSize
GetFileType
VirtualProtect
InterlockedExchange
LCMapStringA
RtlUnwind
IsValidCodePage
GetLocaleInfoW
TlsAlloc
SetFilePointer
GetNamedPipeHandleStateW
HeapAlloc
HeapCreate
GetStartupInfoA
MultiByteToWideChar
IsBadWritePtr
TlsSetValue
SetLocaleInfoA
WideCharToMultiByte
CreateFileA
TerminateProcess
GetProcAddress
FreeEnvironmentStringsW

comdlg32

PrintDlgW
ChooseFontA
GetFileTitleW
FindTextW

gdi32

SaveDC
SetTextJustification
GetKerningPairs
SetStretchBltMode
LPtoDP
CopyEnhMetaFileA
SetMetaRgn
ColorMatchToTarget
StretchDIBits
SetDeviceGammaRamp
GetDIBColorTable
EnumObjects

comctl32

InitCommonControlsEx

shell32

SHGetSpecialFolderPathW
SHGetFileInfoW
ExtractAssociatedIconW

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25473cf971bc26b1236283eb4c724327

Headers

File Characteristics

Imports

user32

kernel32

comdlg32

gdi32

comctl32

shell32

Sections

.text Size: 188KB - Virtual size: 187KB

.rdata Size: 8KB - Virtual size: 19KB

.data Size: 314KB - Virtual size: 313KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 188KB - Virtual size: 187KB

.rdata
Size: 8KB - Virtual size: 19KB

.data
Size: 314KB - Virtual size: 313KB

.rsrc
Size: 8KB - Virtual size: 7KB