c5e52aa2fb9307f1faa3e15ce98c45e8

Sharing

Copy URL Twitter E-mail

General

Target

c5e52aa2fb9307f1faa3e15ce98c45e8
Size

501KB
MD5

c5e52aa2fb9307f1faa3e15ce98c45e8
SHA1

a0f7c76975fc563d527796fedb06c3964ef51d30
SHA256

0bb8b7eb2e910928d9805f4476b1861223e2a2e664e50a2dcdbfd13ddaf81b3a
SHA512

61e8d4d07a1a5bfc658405e8115c7affb38425a9f3a3b39ff85e185a3c7cabd9cd8a1ad0929653edc6479e73b9d30cfa933e154713d9f333acc492d4a2fd4730
SSDEEP

6144:+/Op4fAKl5MjgzMO6+L64CrXGL+TBAP0d+OwEN9x6IDmmz44OhKWcprQ9UmG2CtB:+mpVKEgy+e4WA+T4w+/EN9gIxMmptlV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5e52aa2fb9307f1faa3e15ce98c45e8

Files

c5e52aa2fb9307f1faa3e15ce98c45e8
.exe windows:4 windows x86 arch:x86

6bc2a13aa0accbc92b5299e120e16c02

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
QueryPerformanceCounter
IsValidCodePage
GetProfileSectionA
LCMapStringW
GetCurrentProcessId
GetStringTypeA
FreeEnvironmentStringsW
HeapFree
SetHandleCount
VirtualFree
WideCharToMultiByte
GetCPInfo
GetTempFileNameW
EnumCalendarInfoExA
GetStdHandle
GetStartupInfoW
GetSystemTimeAsFileTime
ExitProcess
GetEnvironmentStrings
GetSystemTime
WriteConsoleOutputA
ReadFile
GetSystemDefaultLCID
CompareStringW
WriteFile
lstrlenW
SetEnvironmentVariableA
LeaveCriticalSection
HeapCreate
MultiByteToWideChar
FindFirstFileExW
EnterCriticalSection
GetCommandLineA
GetStringTypeW
GetModuleFileNameW
GetLocalTime
InterlockedIncrement
SetFilePointer
LoadLibraryA
CompareStringA
TlsGetValue
GetCommandLineW
InterlockedDecrement
GetProcAddress
GetEnvironmentStringsW
HeapReAlloc
DeleteCriticalSection
SetLastError
OpenMutexA
LCMapStringA
HeapDestroy
CreateMutexA
CreateFileMappingA
GetLastError
FlushFileBuffers
GetTickCount
SetStdHandle
GetCurrentProcess
HeapAlloc
SetFileAttributesA
GetCalendarInfoA
RtlUnwind
TlsAlloc
GetTimeZoneInformation
UnlockFileEx
GetCurrentThreadId
InterlockedExchange
IsBadWritePtr
CloseHandle
VirtualQuery
GetExitCodeThread
EnumSystemCodePagesA
TlsSetValue
GetStartupInfoA
TerminateProcess
FreeEnvironmentStringsA
GetComputerNameA
UnhandledExceptionFilter
FreeResource
VirtualAlloc
GetModuleHandleA
GetFileType
GetVersion
GetCurrentThread
TlsFree
GetModuleFileNameA

shell32

ExtractIconExA
SHGetSpecialFolderPathW
SHAddToRecentDocs

user32

EnumWindows
DdeQueryNextServer
GetSubMenu
wsprintfA
RegisterClassA
VkKeyScanExW
SetWindowLongA
TranslateAccelerator
EnumPropsW
GetWindowRect
CharNextA
RegisterClassExA
GetThreadDesktop
DlgDirListA
GetClassInfoA
LoadAcceleratorsW
LoadImageW
LoadImageA
DdeInitializeW
GetWindow
GetFocus
CreateDialogParamW
RegisterDeviceNotificationW
EnumDisplayDevicesW
CreateDesktopW

gdi32

GetGlyphOutlineW
GetTextExtentPointA
SetWindowOrgEx
SetStretchBltMode
GetViewportOrgEx
SetTextAlign
GetCurrentPositionEx
MaskBlt
RestoreDC
SetBkMode
SetAbortProc
CreateEnhMetaFileA
CreateColorSpaceW
GetWindowExtEx
SetBitmapBits
GetObjectA
PolylineTo
SetBkColor
ScaleWindowExtEx
EnumFontFamiliesA
Rectangle
CancelDC
PolyTextOutA

comdlg32

ChooseColorA
GetOpenFileNameA
PageSetupDlgW

comctl32

InitCommonControlsEx

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6bc2a13aa0accbc92b5299e120e16c02

Headers

File Characteristics

Imports

kernel32

shell32

user32

gdi32

comdlg32

comctl32

Sections

.text Size: 174KB - Virtual size: 173KB

.rdata Size: 5KB - Virtual size: 24KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 174KB - Virtual size: 173KB

.rdata
Size: 5KB - Virtual size: 24KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 8KB - Virtual size: 7KB