ca5d55b8e48f009b8342df597b1863c85286dd97b483e69b2dc22105d031e6c0

Sharing

Copy URL Twitter E-mail

General

Target

ca5d55b8e48f009b8342df597b1863c85286dd97b483e69b2dc22105d031e6c0
Size

5.7MB
MD5

5a6cd50b11c4739639a0a3fdb63f5ad8
SHA1

ecc82be04645c2885f29b6d7e969ed33d67500d1
SHA256

ca5d55b8e48f009b8342df597b1863c85286dd97b483e69b2dc22105d031e6c0
SHA512

0dc417e75e858c266a782ed309d9f24e7faf005fd30c221a9d7629f53b3c60eff6864264642e49a075e4600ca02b7dcc05b00c0b1434e917796b02ba4733a3e1
SSDEEP

98304:0GT1354l1pJnboFmIa/MAPuq8PqzJhBXJnm2doHft9tLcFgvGK:wl1pxMPmYCDBXIlvqUGK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca5d55b8e48f009b8342df597b1863c85286dd97b483e69b2dc22105d031e6c0

Files

ca5d55b8e48f009b8342df597b1863c85286dd97b483e69b2dc22105d031e6c0
.exe windows:5 windows x86 arch:x86

a0010f9a44f8bab2b514911355945c90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

atl

ord47

gdi32

DeleteDC

gdiplus

GdipDrawRectangle

msimg32

TransparentBlt

msvcrt

strncmp

ole32

CreateStreamOnHGlobal

oleaut32

SysAllocString

shell32

DragAcceptFiles

shlwapi

PathFileExistsA

user32

AppendMenuA
CharUpperBuffW

wininet

HttpQueryInfoA

Sections

.text
Size: - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.htext
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Qsl
Size: - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.~o$
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qq!
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0010f9a44f8bab2b514911355945c90

Headers

File Characteristics

Imports

kernel32

atl

gdi32

gdiplus

msimg32

msvcrt

ole32

oleaut32

shell32

shlwapi

user32

wininet

Sections

.text Size: - Virtual size: 256KB

.rdata Size: - Virtual size: 6KB

.data Size: - Virtual size: 293KB

.htext Size: - Virtual size: 4KB

.Qsl Size: - Virtual size: 3.1MB

.~o$ Size: 2KB - Virtual size: 1KB

.qq! Size: 5.7MB - Virtual size: 5.7MB

.text
Size: - Virtual size: 256KB

.rdata
Size: - Virtual size: 6KB

.data
Size: - Virtual size: 293KB

.htext
Size: - Virtual size: 4KB

.Qsl
Size: - Virtual size: 3.1MB

.~o$
Size: 2KB - Virtual size: 1KB

.qq!
Size: 5.7MB - Virtual size: 5.7MB