5ae6e8901945c88665b176f10a63ef015e050fa141b26341a8fe695148b0144d

Sharing

Copy URL

Twitter E-mail

General

Target

5ae6e8901945c88665b176f10a63ef015e050fa141b26341a8fe695148b0144d
Size

463KB
MD5

05fd26eb052c6dcaa9565838720b2934
SHA1

34953fb8c074b0f11162986392d428fcd2f82ef5
SHA256

5ae6e8901945c88665b176f10a63ef015e050fa141b26341a8fe695148b0144d
SHA512

289f1ea424afca7215dbdf46c32b867bdd32db686c855783cca0207feca18d88b8ae126688fee6f2c8187375d90048f6c4c9d805e6b36deace364b6bc3f6c8c9
SSDEEP

6144:mKoXjs+W8g/Mm7bEa653fzuo9d3DGCFks/NDKUE:QQ8g/MmnEPl9XFks/1K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ae6e8901945c88665b176f10a63ef015e050fa141b26341a8fe695148b0144d

Files

5ae6e8901945c88665b176f10a63ef015e050fa141b26341a8fe695148b0144d
.exe windows:5 windows x86 arch:x86

33f05b4301f9a12d53fef3fcb5c0093e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlIsTextUnicode
RtlUshortByteSwap
iswctype
wcsncpy
_wcsnicmp
memcmp
memcpy
wcscmp
swprintf
memset
wcslen
_wcsicmp
wcscpy
RtlDetermineDosPathNameType_U

comctl32

ImageList_Create
ImageList_Remove
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Destroy

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

skinmagicu

ord4
ord1
ord8

kernel32

FindFirstFileW
GetCurrentProcess
GetLogicalDrives
GetUserDefaultLangID
Sleep
TerminateThread
SetPriorityClass
MultiByteToWideChar
CreateThread
GetWindowsDirectoryW
GetCurrentThreadId
FindNextFileW
SetProcessWorkingSetSize
SetCurrentDirectoryW
GetModuleHandleW
SearchPathW
GetFileAttributesW
CreateFileW
GetLastError
SetLastError
CloseHandle
SetFilePointer
HeapAlloc
HeapFree
GetProcessHeap
ReadFile
DeleteFileW
SetFileAttributesW
GetDriveTypeW
GetVolumeInformationW
GetFileSize
WriteFile
GetModuleFileNameW
FlushFileBuffers
FindClose

user32

SetTimer
GetMessageW
PostQuitMessage
TrackPopupMenu
EnableWindow
IsDlgButtonChecked
ShowWindow
CheckDlgButton
EndDialog
GetDlgItem
SetClassLongW
LoadIconW
SetDlgItemInt
SetForegroundWindow
GetDlgItemInt
UnregisterDeviceNotification
RegisterDeviceNotificationW
DestroyIcon
UpdateWindow
SendMessageW
GetSystemMetrics
MessageBoxW
PostMessageW
DestroyWindow
DispatchMessageW
GetWindow
GetWindowThreadProcessId
DefWindowProcW
DestroyMenu
RegisterClassW
MessageBoxIndirectW
SetMenuDefaultItem
CreateWindowExW
CreateDialogParamW
GetCursorPos
SetWindowPos
LoadMenuW
TranslateMessage
DialogBoxParamW
GetSubMenu
KillTimer
UnregisterClassW
RegisterWindowMessageW

advapi32

RegCloseKey
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegNotifyChangeKeyValue
RegQueryValueExW

shell32

ShellExecuteW
Shell_NotifyIconW
SHGetFileInfoW

ole32

CoUninitialize
CoInitializeEx

shlwapi

PathAppendW

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 427KB - Virtual size: 427KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

:h�!�u
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

33f05b4301f9a12d53fef3fcb5c0093e

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

comctl32

version

skinmagicu

kernel32

user32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 244B

.rsrc Size: 427KB - Virtual size: 427KB

:h�!�u Size: 16KB - Virtual size: 20KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 244B

.rsrc
Size: 427KB - Virtual size: 427KB

:h�!�u
Size: 16KB - Virtual size: 20KB