c5a1826434a940471e78fecebe2de667

Sharing

Copy URL

Twitter E-mail

General

Target

c5a1826434a940471e78fecebe2de667
Size

151KB
MD5

c5a1826434a940471e78fecebe2de667
SHA1

bdf79b9c0236bcb13ca5ff05d06847c37847eb08
SHA256

06c522f5b39d79bf09eca0f0ab6cb29d6267f34efa3b882da4cc9b0ed9341c77
SHA512

80f49af1c70f81ad05ded335ff097397e8b19e2f7aa0b16d0d4e70b06cb9656dcadf0a63b297332f3d790164fbab1f930bb11c54eddac4237d33e58f01077a66
SSDEEP

3072:vGAbANuuuRHE3diQowFWM2RtN9UiUHO5FJMDRDmF8XJZNgkKvzos:vGkAIVRHE3TolM2BqiUu3MZNlso

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5a1826434a940471e78fecebe2de667

Files

c5a1826434a940471e78fecebe2de667
.exe windows:5 windows x86 arch:x86

255a17cc658251ed7001ac716a28555b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
CreateFileMappingW
FileTimeToDosDateTime
GlobalAlloc
GlobalLock
CloseHandle
GetCurrentThreadId
lstrlenW
LoadLibraryA
GetComputerNameA
RemoveDirectoryA
CopyFileA
HeapAlloc
FileTimeToLocalFileTime
TerminateProcess
GlobalAlloc
GetVersion
CreateThread
VirtualQuery
LocalAlloc
GetTempPathA
VirtualQueryEx
WaitForMultipleObjects
GetModuleHandleA
FreeLibrary
GetLocalTime
DeleteFileA
GlobalHandle
UnmapViewOfFile
GetTickCount
GetExitCodeThread
CreateDirectoryA
QueryPerformanceFrequency
CreateMutexA
MapViewOfFile
GetTempPathA
lstrcpynA
GetSystemTime

gdi32

RectVisible
CreateHalftonePalette
CreateEnhMetaFileA
Pie
RealizePalette
StartPage
GetClipBox
CreateRectRgnIndirect
LineTo
GetWindowOrgEx
CreatePen
CreateCompatibleBitmap
BitBlt
GetCurrentPositionEx
GetDIBColorTable

user32

DeleteMenu
FindWindowA
GetWindow
GetDoubleClickTime
GetWindowTextA
GetIconInfo
GetSubMenu
FrameRect
IsRectEmpty
GetDC
CharLowerA
ShowCursor
KillTimer
EmptyClipboard
GetSystemMetrics
SetWindowTextW
SetScrollRange
IsClipboardFormatAvailable
DrawTextA
GetMenuStringW
IsIconic
DrawIcon
SetActiveWindow
SubtractRect
ClientToScreen
SetClipboardData
EqualRect
GetWindowTextW
TranslateMDISysAccel
GetCursorPos
BringWindowToTop
CharUpperA
GetSystemMenu
ScrollDC
IsChild
DefMDIChildProcA
GetTopWindow
PtInRect
CharLowerBuffA
GetMenuStringA
DefWindowProcW
IntersectRect

dfrgfilt

_FRteps
_LSinh
_Dnorm
_LCosh
_LNan
_Eps
_FInf

shell32

DragQueryPoint

version

GetFileVersionInfoA

wininet

InternetOpenA
InternetQueryOptionA

ole32

CoCreateInstance
CoTaskMemAlloc
ProgIDFromCLSID
OleUninitialize

comctl32

ImageList_Destroy
ImageList_Replace

winmm

PlaySoundA

Sections

.text
Size: 142KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

255a17cc658251ed7001ac716a28555b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

user32

dfrgfilt

shell32

version

wininet

ole32

comctl32

winmm

Sections

.text Size: 142KB - Virtual size: 144KB

.rdata Size: 3KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 142KB - Virtual size: 144KB

.rdata
Size: 3KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB