ca3152cb6464c7f6d8dd6410a9b5cf54

Sharing

Copy URL Twitter E-mail

General

Target

ca3152cb6464c7f6d8dd6410a9b5cf54
Size

151KB
MD5

ca3152cb6464c7f6d8dd6410a9b5cf54
SHA1

62384172431d5367eda474380513f16f74db65ae
SHA256

96e8d3f4eb39890ac4f014dee9fdfdef4faa8ad3d9916e8279e56aff3f0f7600
SHA512

426dfd0154a8dc215c8b9b118de8a8c54726b127337d04909df21078474e590d94da0b94709187bb785141f99d2a6bff0668c5a417a5c3b8b2751ee5a0e7b98f
SSDEEP

3072:uzpuNGJ/soy5Ff0UzzNYTlDqlTy+KnOO1lFqA:IpuNeSFfBY5exy+SN1lF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca3152cb6464c7f6d8dd6410a9b5cf54

Files

ca3152cb6464c7f6d8dd6410a9b5cf54
.exe windows:5 windows x86 arch:x86

ddf1aacd58f94d9a18381ea2c4ae4f13

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFileEx
CompareStringA
CreateDirectoryA
GetWindowsDirectoryA
GetThreadPriority
VirtualQuery
LeaveCriticalSection
GetCurrentProcessId
ReadFile
FindClose
SizeofResource
GetModuleHandleA
GetExitCodeProcess
CloseHandle
TerminateProcess
FileTimeToSystemTime
GlobalLock
WaitForMultipleObjects
GetCurrentProcess
lstrlenW
GlobalFree
LockResource
CreateFileMappingA
LoadLibraryW
DeleteFileA
QueryPerformanceFrequency
LocalAlloc
UnmapViewOfFile
GetCommandLineW
ResumeThread

gdi32

SetDIBColorTable
GetCurrentPositionEx
SetBkMode
UnrealizeObject
CreateEnhMetaFileA
GetClipBox
GetEnhMetaFileHeader
GetSystemPaletteEntries
PatBlt
ExtTextOutA
GetCharABCWidthsA
GetObjectA
GetTextAlign
SetViewportOrgEx
RealizePalette
GetNearestColor
CreatePalette
LineTo
TextOutA
DeleteDC
FillRgn
ExtTextOutW
MaskBlt
SetAbortProc
RestoreDC

user32

CharNextA
SetActiveWindow
LoadStringW
DispatchMessageW
DefWindowProcA
SetWindowsHookExW
CheckMenuItem
SetCursor
WinHelpA
GetSysColor
EnableMenuItem
DrawCaption
GetSystemMenu
GetDoubleClickTime
MoveWindow
GetClassNameA
OpenClipboard
SetMenu
GetMenu
EndPaint
DestroyCursor
ReleaseCapture
EndDeferWindowPos
ValidateRect
GetUpdateRect
ClientToScreen
SetCaretPos
DrawFrameControl
DefFrameProcA
SetDlgItemTextA
ShowWindow
IsRectEmpty
GetMenuItemInfoA
ClipCursor
DefMDIChildProcA
CharUpperW
GetKeyNameTextW
EnableWindow

ole32

DoDragDrop
CoUninitialize
ReleaseStgMedium
OleSetMenuDescriptor
CreateStreamOnHGlobal

msaftvpt

_Toupper
_LSinh
_Sinh
_Dtest
_LInf
_Stod
_Snan
_FInf

comctl32

ImageList_GetIcon
ImageList_GetBkColor
ImageList_Remove
ImageList_Add
ImageList_SetBkColor

imm32

ImmGetContext
ImmReleaseContext

wininet

InternetSetOptionA
InternetCrackUrlA
InternetQueryOptionA

winmm

timeBeginPeriod
timeEndPeriod

oleaut32

SetErrorInfo
SafeArrayCreateVector
VariantCopyInd
SafeArrayDestroy
SafeArrayUnaccessData
SysReAllocStringLen

shell32

SHGetMalloc
SHGetDesktopFolder

version

GetFileVersionInfoSizeA

Sections

.text
Size: 144KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddf1aacd58f94d9a18381ea2c4ae4f13

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

user32

ole32

msaftvpt

comctl32

imm32

wininet

winmm

oleaut32

shell32

version

Sections

.text Size: 144KB - Virtual size: 148KB

.rdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 144KB - Virtual size: 148KB

.rdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB