d5b6a309b12a2f0a185207da2adadd3d

Sharing

Copy URL

Twitter E-mail

General

Target

d5b6a309b12a2f0a185207da2adadd3d
Size

471KB
MD5

d5b6a309b12a2f0a185207da2adadd3d
SHA1

a3e52897f14cacbc0da9f7053a4ac302a165cb14
SHA256

12b58d53ddc77d81ea3de8f7761ba36e552e57f5c3c95853799f3e8d4e72876f
SHA512

e617090d3a42eae06760e3af60368cd8fc6903246db671a1c208e6fba63539b1c7a6a730b403bf03205cfed59959abf7c3d3423a52b66c5593835d2a2179f126
SSDEEP

6144:Ww0uS4HrtXRGPRX2YIe4GQYMb9bn6DtcvW4LHJ2SkArBylSD:jA4ZX4Jae4GRMRmpRKp2S5Bp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5b6a309b12a2f0a185207da2adadd3d

Files

d5b6a309b12a2f0a185207da2adadd3d
.exe windows:4 windows x86 arch:x86

084ca747e75cbefe4eee4321e2dea72f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
CompareStringW
lstrcmpW
GetLastError
CloseHandle
ReleaseMutex
WaitForSingleObject
OpenMutexW
lstrcmpiW
ExpandEnvironmentStringsW
MulDiv
UnregisterWaitEx
RegisterWaitForSingleObject
CreateEventW
VirtualFree
VirtualAlloc
GetCurrentProcess
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
Sleep
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
GetModuleHandleW
GetProcessHeap
HeapAlloc
LocalAlloc
CreateActCtxW
ReleaseActCtx
ActivateActCtx
CreateFileW
CreateMailslotA
ExitThread
IsBadReadPtr
lstrlenW
VirtualLock
IsBadCodePtr

user32

CheckDlgButton
SetDlgItemTextW
GetDlgItem
GetDoubleClickTime
GetMonitorInfoW
MonitorFromRect
SetActiveWindow
GetSysColor
GetDlgCtrlID
BeginPaint
EndPaint
GetDC
FillRect
SetRect
DrawIconEx
DrawTextW
MoveWindow
SetFocus
SystemParametersInfoW
MapWindowPoints
GetFocus
NotifyWinEvent
PtInRect
SetWindowTextW
GetWindow
GetDlgItemInt
SetDlgItemInt
GetWindowTextLengthW
SetTimer
SetCapture
ClientToScreen
KillTimer
RemovePropW
AnyPopup
FindWindowA
GetWindowRect
SetWindowPos
LoadImageW
SetClassLongW
SetCursor
SetPropW
UnregisterClassW
GetPropW
CallWindowProcW
GetClassInfoExW
GetActiveWindow
DestroyWindow
GetWindowLongW
SetWindowLongW
CreateIconIndirect
CreateWindowExW
UpdateWindow
GetSystemMetrics

shell32

SHBindToParent
SHGetFileInfoW
SHParseDisplayName
CommandLineToArgvW
ShellExecuteExW

ole32

CoInitialize
CoSetProxyBlanket
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
CoUninitialize

msvcrt

wcsrchr
free
memset
memmove
wcsspn
towupper
malloc
qsort
time
wcstoul
wcschr
wcsstr
rand

shlwapi

SHStrDupW
PathFindFileNameW
StrRetToBufW
AssocQueryStringW
PathFindExtensionW

rpcrt4

RpcBindingFree
RpcBindingFromStringBindingW
RpcBindingSetAuthInfoW

msimg32

GradientFill

uxtheme

GetThemeFont
GetThemeColor
OpenThemeData
GetThemeBackgroundContentRect
SetWindowTheme
IsThemeActive

Sections

.text
Size: 324KB - Virtual size: 321KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

084ca747e75cbefe4eee4321e2dea72f

Headers

File Characteristics

Imports

kernel32

user32

shell32

ole32

msvcrt

shlwapi

rpcrt4

msimg32

uxtheme

Sections

.text Size: 324KB - Virtual size: 321KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 80KB - Virtual size: 90KB

.rsrc Size: 36KB - Virtual size: 34KB

.text
Size: 324KB - Virtual size: 321KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 80KB - Virtual size: 90KB

.rsrc
Size: 36KB - Virtual size: 34KB