c5ff0f9185afab731cf0441f3eca1b0a

Sharing

Copy URL Twitter E-mail

General

Target

c5ff0f9185afab731cf0441f3eca1b0a
Size

131KB
MD5

c5ff0f9185afab731cf0441f3eca1b0a
SHA1

503070fa1fc583fe8b80a8a6f9197b8d19e74991
SHA256

e3d634944bf3afbcc2eca253c43e89366d5b74dd7fecdd1ba205a8d4b7eaf08d
SHA512

da3d4d3cf054b9382bcb023d8456ae741356f2e8b495b7cb1b72b8cffedd11abbad0b6ee9091f8eaed1f3fb60f5b19b09f8d6410e3a6032ceef1b2eee7c6990c
SSDEEP

3072:ZhVWuV0hLkGsmDdsOkmMfK4nEPL6gF4r+XbgqRJ:jVVeUhrhEPLXF4KXbgqRJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5ff0f9185afab731cf0441f3eca1b0a

Files

c5ff0f9185afab731cf0441f3eca1b0a
.exe windows:5 windows x86 arch:x86

a9e32dd72aa801d03d826dbfac3efb65

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\Tsjbco\QgnB\gmfqFvo.pdb

Imports

kernel32

SetSystemTimeAdjustment
RegisterWaitForSingleObject
GetUserDefaultUILanguage
GetStartupInfoA
CreateWaitableTimerA
WaitForSingleObject
GetSystemDirectoryW
lstrlenW
CancelIo
HeapWalk
InitializeCriticalSection
IsBadStringPtrW
GetTempPathW

user32

wsprintfW
CharUpperW
SetCursorPos
DialogBoxParamW
SetDlgItemTextA
GetMonitorInfoW
GetWindowTextLengthW
InflateRect
GetMenuItemRect
SetWindowTextA
RedrawWindow
SetActiveWindow

comdlg32

ReplaceTextW
ChooseFontW

gdi32

ScaleWindowExtEx
AddFontResourceW
StartDocW
PolyBezier
LineDDA
TextOutW
IntersectClipRect

shlwapi

StrCatBuffW
StrCmpW

Exports

Exports

?ivZWiyrshzxt@@YGDIG@Z
?lumduhCNdq@@YGEIK@Z
?uhviOawmrkIybjWzR@@YGPAFMPAI@Z

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 675B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9e32dd72aa801d03d826dbfac3efb65

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comdlg32

gdi32

shlwapi

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 17KB

.idata Size: 1024B - Virtual size: 1020B

.data Size: 5KB - Virtual size: 265KB

.edata Size: 1024B - Virtual size: 675B

.pdata Size: 9KB - Virtual size: 9KB

.xdata Size: 89KB - Virtual size: 89KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 17KB - Virtual size: 17KB

.idata
Size: 1024B - Virtual size: 1020B

.data
Size: 5KB - Virtual size: 265KB

.edata
Size: 1024B - Virtual size: 675B

.pdata
Size: 9KB - Virtual size: 9KB

.xdata
Size: 89KB - Virtual size: 89KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 2KB