5005742c51cca4d150675e02a0d05e33dfa6dd369a0a5ede6b2b63a1d1474ff5

Sharing

Copy URL Twitter E-mail

General

Target

5005742c51cca4d150675e02a0d05e33dfa6dd369a0a5ede6b2b63a1d1474ff5
Size

248KB
MD5

5ba950833dc55fe30f1e24cbcf1dea3c
SHA1

86771a63a2e2c906b8a3eb9f24653875e91173e4
SHA256

5005742c51cca4d150675e02a0d05e33dfa6dd369a0a5ede6b2b63a1d1474ff5
SHA512

65d306af1c17323562b50c9aaea23a4a8743b0cfefb3f6a0dc419771da032f96bb2e212a8d9051c934cadef3e7604b450d88b0539b7b826fe362f1583717d0b0
SSDEEP

3072:5w98nHbg79cvRlo6SnRGoZDQb4R6uq2QLklWjZoYPgNwEPJF5p:5wU8koNUK6JLLRZPi5Fn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5005742c51cca4d150675e02a0d05e33dfa6dd369a0a5ede6b2b63a1d1474ff5

Files

5005742c51cca4d150675e02a0d05e33dfa6dd369a0a5ede6b2b63a1d1474ff5
.exe windows:5 windows x86 arch:x86

a301b849000fc5ca087635c086cd3cd5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFilePointer
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileAttributesA
GetProcAddress
GetModuleHandleA
CreateDirectoryA
GetWindowsDirectoryA
lstrcmpA
GetSystemWow64DirectoryA
GetSystemDirectoryA
FreeLibrary
LoadLibraryA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
MoveFileExA
GetSystemWindowsDirectoryA
GetLastError
WriteFile
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
ReadFile
CreateFileA
HeapFree
GetProcessHeap
HeapAlloc
DeleteFileA
FindFirstFileA
FindClose
GetVersionExA
GetModuleFileNameA
HeapReAlloc
VirtualAlloc
GetConsoleMode
GetConsoleCP
GetCurrentProcess
CopyFileA
TerminateProcess
GetLocaleInfoA
GetModuleHandleW
Sleep
ExitProcess
GetCommandLineA
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetStdHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
RtlUnwind

user32

SetTimer
GetDesktopWindow
PostMessageA
FindWindowA
SendMessageA
LoadStringA
GetDlgItem
EnableWindow
SetDlgItemTextA
EnableMenuItem
GetSystemMenu
KillTimer
GetSystemMetrics
GetParent
GetWindowRect
SetWindowPos
SetWindowTextA

advapi32

RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegCloseKey

comctl32

CreatePropertySheetPageA
PropertySheetA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

cabinet

ord22
ord20

shlwapi

SHDeleteKeyA

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 185KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a301b849000fc5ca087635c086cd3cd5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

comctl32

version

cabinet

shlwapi

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 185KB - Virtual size: 184KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 185KB - Virtual size: 184KB