c5d41a4e972dbbc2992d189a511609c9

Sharing

Copy URL

Twitter E-mail

General

Target

c5d41a4e972dbbc2992d189a511609c9
Size

411KB
MD5

c5d41a4e972dbbc2992d189a511609c9
SHA1

8c515bcb7b4258e37c8c6ae20b97109b0ef1ca10
SHA256

8c802164fbf7a61bab5ca52f635288f95132e776c47e8c6c6b42d96c64599a00
SHA512

d9c21c07ebe5f924faf6ed6a17f506bca482cbed83749816091023f24568101ca6fece316dd0640e7ef40873037b9c9308ff482fe7d29aa7753ab7a1a931f598
SSDEEP

12288:rTrNMlnTDIr1GOV0sn5orvu8/kzEKPSGBY1IHARD5:7NYsrPV10vXyzSGB7g7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5d41a4e972dbbc2992d189a511609c9

Files

c5d41a4e972dbbc2992d189a511609c9
.exe windows:4 windows x86 arch:x86

a26625d1936282642a88d9ba728d6404

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteExW

comdlg32

PageSetupDlgW
FindTextA

gdi32

GetGlyphOutline
SetMagicColors
TranslateCharsetInfo
ExtTextOutW
GetOutlineTextMetricsA
SetPaletteEntries
AnimatePalette
LineDDA
RoundRect
SetAbortProc
FrameRgn
GetCharWidth32A
CreateMetaFileA
OffsetViewportOrgEx
EnableEUDC
GetWorldTransform
CreateHatchBrush
GetTextExtentExPointA

advapi32

CryptSetHashParam
ReportEventA
RegSetValueA
CryptHashSessionKey
ReportEventW
RegSetValueExA
CryptSetProviderW
RegQueryMultipleValuesW
RevertToSelf
LookupAccountSidA
RegDeleteKeyW

user32

ShowCursor
GetSystemMetrics
GetMenuState
SetClassWord
GetMenuDefaultItem
GetWindowThreadProcessId
EndPaint
HideCaret
DdeAccessData
ReleaseDC
WinHelpA
CharUpperA
SwitchToThisWindow
MapDialogRect
GetCursor
GetClassNameW
ShowCaret
GetClassLongW

kernel32

GetEnvironmentVariableA
GetTimeZoneInformation
TlsGetValue
SetEnvironmentVariableA
HeapFree
ExitProcess
CompareStringW
GetStringTypeW
GetStartupInfoW
SetSystemTime
GetCurrentProcessId
TlsAlloc
SetLastError
GetCommandLineA
VirtualProtect
GetCurrentThreadId
GetUserDefaultLCID
VirtualFree
GetLastError
GetFileType
VirtualQuery
GetEnvironmentStrings
IsValidCodePage
InterlockedExchange
GetTimeFormatA
FreeEnvironmentStringsW
IsValidLocale
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
LeaveCriticalSection
IsBadWritePtr
GetStringTypeA
GetOEMCP
GetTickCount
LCMapStringA
GetCurrentThread
GetEnvironmentStringsW
TlsSetValue
GetSystemInfo
HeapReAlloc
GetModuleHandleA
SetHandleCount
FreeEnvironmentStringsA
GetProcAddress
VirtualFreeEx
DeleteCriticalSection
CompareStringA
GetModuleFileNameW
EnterCriticalSection
HeapDestroy
WideCharToMultiByte
GetCPInfo
GetCommandLineW
GetStartupInfoA
HeapAlloc
GetACP
MultiByteToWideChar
RtlUnwind
GlobalAddAtomA
GlobalCompact
GetFullPathNameA
GetVersionExA
GetLocaleInfoA
LCMapStringW
GetStdHandle
WriteFile
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcess
HeapCreate
TlsFree
GetLocaleInfoW
EnumSystemLocalesA
VirtualAlloc
InitializeCriticalSection
LoadLibraryA
GetDateFormatA
QueryPerformanceCounter

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a26625d1936282642a88d9ba728d6404

Headers

File Characteristics

Imports

shell32

comdlg32

gdi32

advapi32

user32

kernel32

Sections

.text Size: 114KB - Virtual size: 113KB

.rdata Size: 8KB - Virtual size: 32KB

.data Size: 276KB - Virtual size: 275KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 114KB - Virtual size: 113KB

.rdata
Size: 8KB - Virtual size: 32KB

.data
Size: 276KB - Virtual size: 275KB

.rsrc
Size: 12KB - Virtual size: 11KB