d5c18f2678c94ef01100fb3bcd69679b

Sharing

Copy URL Twitter E-mail

General

Target

d5c18f2678c94ef01100fb3bcd69679b
Size

158KB
MD5

d5c18f2678c94ef01100fb3bcd69679b
SHA1

2e0d98d560b8fb5bc2f14dd13ffbca9dbe744867
SHA256

bddb649a5b40d6347c70ba61ce2bcd40b06b81cfbcf8b324b605f715c0d34d41
SHA512

3f4f9f849774951f57244aaa57fce208055f70aadf455f3f8ef84264a9ecf5e69258ebb292a5248004c66d7b2e00f563e749eb686cd9fb8a85e8c1d1935dd146
SSDEEP

3072:E3nI/6mkYRDBEUl/c5tAJwyYq1/GzUjOKgfL/J0oPUe+KU+ggrTu4ETY2fm:E3nI/jDBE0c5tqju0O9d0oJ+KU+ggrKC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5c18f2678c94ef01100fb3bcd69679b

Files

d5c18f2678c94ef01100fb3bcd69679b
.exe windows:4 windows x86 arch:x86

39acafbdcd5aef4acffc226bb221c9b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
LoadResource
LoadLibraryExW
GetStartupInfoA
GetConsoleOutputCP
WaitForSingleObject
IsDebuggerPresent
InterlockedIncrement
LocalFree
TerminateProcess
SetConsoleCP
ExpandEnvironmentStringsW
GetSystemDefaultLangID
InterlockedDecrement
HeapAlloc
CreateFileA
GetACP
GetCurrentProcessId
FindClose
SetCurrentDirectoryA
SetFilePointer
GetCurrentThreadId
ExitProcess
HeapCreate
GetStdHandle
GetFileAttributesA
GetProcAddress
GlobalSize
InitializeCriticalSection
EnterCriticalSection
GetEnvironmentStringsW
GetFileType
ReleaseSemaphore
ExitThread
GetModuleHandleW
VirtualProtect
MoveFileA
WideCharToMultiByte
FlushFileBuffers
SetEvent
GetVersionExA
LocalReAlloc
GetModuleFileNameA
WriteFile
MulDiv
TlsSetValue
GetSystemTimeAsFileTime
lstrlenW
GetCurrentThread
GetTimeZoneInformation
CreateThread
InterlockedExchange
VirtualQuery
Sleep
TlsAlloc
SetHandleCount
SetEndOfFile
SetConsoleCtrlHandler
SetStdHandle
GetOEMCP
GetModuleHandleA
CreateFileMappingW
TlsGetValue
GetCurrentProcess
GetVersionExW
GetStartupInfoW
MultiByteToWideChar
GetCommandLineA
ExpandEnvironmentStringsA

user32

TranslateMessage
DefWindowProcW
GetWindowTextA
GetMessageA
GetClassInfoExW
UnhookWindowsHookEx
InflateRect
LoadStringW
LoadBitmapW
CheckMenuItem
KillTimer
SystemParametersInfoA
PeekMessageW
DestroyMenu
GetWindowTextW
ScreenToClient
SetWindowLongW
SendMessageW
PtInRect
CallNextHookEx
GetSystemMetrics

advapi32

RegSetValueExW
InitializeSecurityDescriptor
QueryServiceStatus
OpenThreadToken
RegCreateKeyExA
RegEnumKeyExW
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
OpenServiceW
RegCloseKey

ole32

CoInitialize
StringFromCLSID
CoTaskMemAlloc
CLSIDFromProgID
CreateStreamOnHGlobal
CoUninitialize
CoCreateInstance

rpcrt4

RpcStringFreeW

gdi32

SetTextColor
SelectObject
SetViewportOrgEx
IntersectClipRect
SelectPalette

msvcrt

__setusermatherr
_initterm
_wcsnicmp
memcpy
_onexit
exit
_CxxThrowException

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 119KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39acafbdcd5aef4acffc226bb221c9b0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

rpcrt4

gdi32

msvcrt

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 119KB - Virtual size: 176KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 119KB - Virtual size: 176KB

.rsrc
Size: 2KB - Virtual size: 2KB