c5e3dad6b4fd1a843a3a6de0e876ceaf

Sharing

Copy URL Twitter E-mail

General

Target

c5e3dad6b4fd1a843a3a6de0e876ceaf
Size

451KB
MD5

c5e3dad6b4fd1a843a3a6de0e876ceaf
SHA1

106518c0a1462c3304f8ebdb26a6cec076bafcb8
SHA256

7e6e2bdf7fea374e7f9887a8b9f6fd3c1892f28680e0c1c41fe0f668cd4b1026
SHA512

7e223bde5244e3cd983a359a6e74ea8358e911dfe0de5f6801691752187ddbdf79a42c01bb501ac35f5b6710cf43b1e5fa179ecbb78c61cb5ce2145a7c005df2
SSDEEP

6144:ZDUP+1jR9dmtYjeHCVRpRzHKWpVR9eM9gZWH4GuDhTorUv4CCx9c:ZAP+1t9dmtYjeHWXzqePD6ZMMvXI9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5e3dad6b4fd1a843a3a6de0e876ceaf

Files

c5e3dad6b4fd1a843a3a6de0e876ceaf
.exe windows:4 windows x86 arch:x86

25f78e0d09de42c1c2b38c6446ba0a5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateRectRgn
GetSystemPaletteUse
PaintRgn
PtInRegion
PolyPolyline
StrokeAndFillPath
GetDCOrgEx
GetCharWidth32W
SetMetaFileBitsEx
GetBitmapDimensionEx
GetGlyphOutline
CreateMetaFileW
SetArcDirection
GetOutlineTextMetricsW
CombineRgn
CreateDIBPatternBrush

kernel32

SetEnvironmentVariableA
TlsAlloc
SetLastError
GetPrivateProfileSectionA
SetConsoleScreenBufferSize
GetPrivateProfileStructA
IsValidLocale
GetModuleHandleW
WriteConsoleOutputW
HeapSize
VirtualFree
HeapFree
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetFileType
GetCPInfo
HeapCreate
LeaveCriticalSection
SetEnvironmentVariableW
InterlockedExchange
GetEnvironmentStringsW
ExpandEnvironmentStringsA
CompareStringW
SuspendThread
EnterCriticalSection
SetUnhandledExceptionFilter
LCMapStringW
GetLastError
GetLocaleInfoW
VirtualUnlock
HeapAlloc
lstrcmpiW
DeleteFileA
VirtualQuery
HeapReAlloc
WriteFile
GetTickCount
FreeLibrary
LoadLibraryA
EnumSystemLocalesA
InterlockedDecrement
GetProcAddress
GetSystemTimeAsFileTime
GetUserDefaultLCID
VirtualAlloc
GetDriveTypeW
GetWindowsDirectoryW
GetStringTypeA
TerminateProcess
FreeEnvironmentStringsW
ExitProcess
GetThreadPriorityBoost
GetCurrentProcessId
GetTimeZoneInformation
Sleep
HeapDestroy
GetCommandLineA
TlsSetValue
FillConsoleOutputCharacterA
GetStdHandle
GetACP
IsDebuggerPresent
GetModuleHandleA
GetOEMCP
FreeEnvironmentStringsA
GetStringTypeW
TlsGetValue
GetEnvironmentStrings
GetTimeFormatA
IsValidCodePage
SetHandleCount
QueryPerformanceCounter
TlsFree
InterlockedIncrement
GetCurrentThreadId
MultiByteToWideChar
SetCurrentDirectoryW
WideCharToMultiByte
GetCurrentThread
EnumTimeFormatsA
GetModuleFileNameA
GetCurrentProcess
CompareStringA
RtlUnwind
GlobalAddAtomA
SetConsoleCtrlHandler
OpenEventW
UnhandledExceptionFilter
GetDateFormatA
LCMapStringA
GetStartupInfoA
GetLocaleInfoA

user32

GetWindowTextA
ChangeDisplaySettingsExW
SendIMEMessageExW
SetWinEventHook
DdeNameService
SetDeskWallpaper
DrawAnimatedRects
GetClassNameA
DrawCaption
DestroyAcceleratorTable
InvalidateRect
SetScrollInfo
GetCaretBlinkTime

wininet

InternetInitializeAutoProxyDll
FreeUrlCacheSpaceW
ReadUrlCacheEntryStream
InternetConfirmZoneCrossingW
InternetOpenW
FindFirstUrlCacheEntryExW
IsHostInProxyBypassList

comdlg32

FindTextA
ChooseFontW

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25f78e0d09de42c1c2b38c6446ba0a5e

Headers

File Characteristics

Imports

gdi32

kernel32

user32

wininet

comdlg32

Sections

.text Size: 152KB - Virtual size: 152KB

.rdata Size: 9KB - Virtual size: 39KB

.data Size: 280KB - Virtual size: 280KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 152KB - Virtual size: 152KB

.rdata
Size: 9KB - Virtual size: 39KB

.data
Size: 280KB - Virtual size: 280KB

.rsrc
Size: 7KB - Virtual size: 7KB