c57e933e6af65d120f429b921ef4fbef

Sharing

Copy URL Twitter E-mail

General

Target

c57e933e6af65d120f429b921ef4fbef
Size

269KB
MD5

c57e933e6af65d120f429b921ef4fbef
SHA1

36da00ec1a8f5d148aafd126fa04a9598ad027f3
SHA256

d48a3b004fd868c48c58e59044a2dd8e4132f9ef680dbfe00d313a1abf0618c0
SHA512

8b7237e13d7d5d314167ac65cac75fd62dd9b5ff9d1e3c86b3bcef14478c39cbf60e43ffaadf71fe751c8190df34c0337bac3bcfc348c42d9f0114834773c8e9
SSDEEP

6144:tYDZEd6tmmKPpVSJHiueJ56jEb1DHePFWP9eX9:tiZy64lxVIk5mEb1DHePFWl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c57e933e6af65d120f429b921ef4fbef

Files

c57e933e6af65d120f429b921ef4fbef
.exe windows:4 windows x86 arch:x86

794b73e532e16c951f56f20ff0566c03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHUpdateRecycleBinIcon
InternalExtractIconListW
SHGetFileInfoW
DragQueryFileA

user32

UnhookWindowsHookEx
GetListBoxInfo
GetOpenClipboardWindow
EnumThreadWindows
GetDoubleClickTime
LoadBitmapW
InsertMenuItemA
GetSysColor
InsertMenuW
SetDeskWallpaper
ToUnicodeEx
DdeDisconnectList
GetKeyState
DdeQueryConvInfo
DestroyIcon
LoadIconA
CharToOemA
MapDialogRect
DlgDirListComboBoxA

comdlg32

PageSetupDlgW
GetFileTitleW

kernel32

GetLocaleInfoW
WriteFile
GetEnvironmentStringsW
FreeEnvironmentStringsA
LCMapStringW
GetEnvironmentStrings
WideCharToMultiByte
GetCommandLineA
MultiByteToWideChar
HeapAlloc
SetEnvironmentVariableA
FindNextChangeNotification
EnumSystemLocalesA
RaiseException
TlsGetValue
GetDriveTypeA
SetLastError
QueryPerformanceCounter
GetAtomNameW
IsValidLocale
GetCurrentProcess
HeapDestroy
CompareStringW
TerminateProcess
EnterCriticalSection
GetSystemTimeAsFileTime
GetLastError
InitializeCriticalSection
GetDateFormatA
GetSystemInfo
GetOEMCP
GetCommandLineW
GetStringTypeW
VirtualQuery
IsValidCodePage
FreeEnvironmentStringsW
GetTickCount
GetModuleHandleA
DeleteCriticalSection
GetLocaleInfoA
GetCurrentProcessId
InterlockedExchange
GetStartupInfoA
GetStdHandle
GetModuleFileNameW
LeaveCriticalSection
HeapReAlloc
VirtualProtect
UnhandledExceptionFilter
GetProcAddress
GetUserDefaultLCID
GetACP
GetStartupInfoW
VirtualAlloc
HeapCreate
LoadLibraryA
TlsAlloc
TlsSetValue
GetCurrentThreadId
RtlUnwind
ExitProcess
GetStringTypeA
HeapSize
GetVersionExA
GlobalUnlock
GetFileType
GetCurrentThread
VirtualFree
SetHandleCount
GetModuleFileNameA
GetCPInfo
HeapFree
GetTimeFormatA
LCMapStringA
IsBadWritePtr
CompareStringA
VirtualLock
TlsFree
GetTimeZoneInformation

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

794b73e532e16c951f56f20ff0566c03

Headers

File Characteristics

Imports

shell32

user32

comdlg32

kernel32

Sections

.text Size: 114KB - Virtual size: 114KB

.rdata Size: 7KB - Virtual size: 38KB

.data Size: 137KB - Virtual size: 136KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 114KB - Virtual size: 114KB

.rdata
Size: 7KB - Virtual size: 38KB

.data
Size: 137KB - Virtual size: 136KB

.rsrc
Size: 9KB - Virtual size: 9KB