c5ab2324164a1ba109ca99b6b0b8bfdf

Sharing

Copy URL Twitter E-mail

General

Target

c5ab2324164a1ba109ca99b6b0b8bfdf
Size

520KB
MD5

c5ab2324164a1ba109ca99b6b0b8bfdf
SHA1

8c7a156c46575b2e67485deb34d0e82ec68c213f
SHA256

4dbceb875caf15136f7a40e5da291f811e17f99c2e069dbb4a8ab82862504c3d
SHA512

806a9868d84224f2286a281d04662bfbc242eb7ae3a431a361c8473900dc9b8efe3938fcaad2daf304493056ed4ce3a699af9f5e3c39fc7c80557d27f94b84f5
SSDEEP

6144:9hBQsB1p+B+aIxrbiPUnfC4Z7g2S8Dkpg0Q9U7d5LjaQZJhvMA+NgAwfw60K0:qs0Bv0rWPAfC4Z7q88d5Lj1WWt41

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5ab2324164a1ba109ca99b6b0b8bfdf

Files

c5ab2324164a1ba109ca99b6b0b8bfdf
.exe windows:4 windows x86 arch:x86

f758dc323262237273a28b1b6f25294b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ClientToScreen
MapVirtualKeyExA
EnumPropsW
GetDlgItem
RegisterClassExA
CopyAcceleratorTableW
DrawFrameControl
RegisterClassA
RegisterClassExW
MessageBoxIndirectA

kernel32

TlsFree
GetTickCount
TlsGetValue
GetStringTypeA
LCMapStringW
GetTimeFormatA
WriteFile
LoadLibraryA
FreeEnvironmentStringsA
GetCommandLineA
EnterCriticalSection
GetSystemInfo
GetStdHandle
VirtualAlloc
ReadFile
GetCommandLineW
CloseHandle
IsBadWritePtr
GetLastError
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetModuleFileNameA
HeapReAlloc
GetProcAddress
SetHandleCount
SetLastError
HeapAlloc
HeapFree
MultiByteToWideChar
GetCurrentThreadId
RtlUnwind
LCMapStringA
GetStringTypeW
InterlockedExchange
HeapSize
GetCurrentThread
InterlockedDecrement
GetSystemTimeAsFileTime
GetACP
GetVersionExA
OpenMutexW
GetOEMCP
CompareStringA
GetDateFormatA
GetFileType
CreateMutexA
OpenMutexA
UnhandledExceptionFilter
GetTimeZoneInformation
CompareStringW
ExitProcess
GetCurrentProcessId
GetSystemDefaultLCID
GetStartupInfoW
GetModuleHandleA
GetCurrentProcess
SetFilePointer
GetEnvironmentStringsW
GetCPInfo
TlsAlloc
GetEnvironmentStrings
InitializeCriticalSection
VirtualProtect
TerminateProcess
GetUserDefaultLCID
QueryPerformanceCounter
GetModuleFileNameW
TlsSetValue
IsValidCodePage
VirtualQuery
GetStartupInfoA
SetStdHandle
FlushFileBuffers
DeleteCriticalSection
GetLocaleInfoA
MapViewOfFile
GetLocaleInfoW
EnumSystemLocalesA
LeaveCriticalSection
WideCharToMultiByte
VirtualFree
HeapDestroy
SetCriticalSectionSpinCount
HeapCreate
IsValidLocale

wininet

FtpFindFirstFileA
HttpAddRequestHeadersW
HttpEndRequestA
InternetTimeFromSystemTimeA
SetUrlCacheGroupAttributeA
HttpSendRequestExW

comctl32

InitCommonControlsEx

Sections

.text
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f758dc323262237273a28b1b6f25294b

Headers

File Characteristics

Imports

user32

kernel32

wininet

comctl32

Sections

.text Size: 184KB - Virtual size: 184KB

.rdata Size: 8KB - Virtual size: 13KB

.data Size: 313KB - Virtual size: 312KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 184KB - Virtual size: 184KB

.rdata
Size: 8KB - Virtual size: 13KB

.data
Size: 313KB - Virtual size: 312KB

.rsrc
Size: 13KB - Virtual size: 13KB