c191595a7ab6af9541dadd4b6544c9b65a9e5fa76f49836d1f3fc28a50c0459f[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

c191595a7ab6af9541dadd4b6544c9b65a9e5fa76f49836d1f3fc28a50c0459f.exe
Size

464KB
MD5

5ff1999425fe352ee7fe4d1eb995a2fe
SHA1

2cb44adb130a1316010cee3e54dbbc432f40d807
SHA256

c191595a7ab6af9541dadd4b6544c9b65a9e5fa76f49836d1f3fc28a50c0459f
SHA512

58bb4d99c717a52fe7cd516eb6a1db45428e666788742d452eae902a80391ccb8249f40bd05a2c2f79826d0c744859e8b2c85e0d4578867cf2ff5ab6acceb4f1
SSDEEP

6144:5Sl3cEjScqKbDFrXNAvJ3BEXDhI0ifpxzxGqW7qcRa9Br7ierTrD9f5jxZ8YFYZH:QlsEGZK1SB30mRG9mcrefJ1bXCtsdu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
c191595a7ab6af9541dadd4b6544c9b65a9e5fa76f49836d1f3fc28a50c0459f.exe

Files

c191595a7ab6af9541dadd4b6544c9b65a9e5fa76f49836d1f3fc28a50c0459f.exe
.exe windows:4 windows x86 arch:x86

4d018d383154c00f70af136cc2d0db3f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetMenuItemInfoA
RegisterClassW
CreateWindowExW
GetCursorPos
DestroyMenu
ReleaseCapture
DrawFocusRect
DefWindowProcW
UnregisterClassA
SetWindowTextW
GetActiveWindow
LoadIconA
DestroyWindow
PtInRect
GetMenu

kernel32

CompareStringA
GetTimeZoneInformation
GetLocaleInfoW
HeapSize
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
GetEnvironmentStringsW
IsDebuggerPresent
CompareStringW
VirtualAlloc
GetTickCount
GetEnvironmentStrings
GetCommandLineA
GetProcAddress
LoadLibraryA
GetCurrentThread
RaiseException
HeapAlloc
GetStdHandle
GetOEMCP
CreateEventW
TlsAlloc
GetModuleHandleW
CloseHandle
GetVersionExA
GetLastError
MultiByteToWideChar
LCMapStringA
HeapFree
GetProcessHeap
GetStartupInfoA
GetModuleHandleA
ExitProcess
WriteFile
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
SetEnvironmentVariableA
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
InitializeCriticalSection
Sleep
HeapReAlloc
RtlUnwind

advapi32

RegOpenKeyExW

ole32

OleSaveToStream

Sections

.text
Size: 420KB - Virtual size: 416KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d018d383154c00f70af136cc2d0db3f

Headers

File Characteristics

Imports

user32

kernel32

advapi32

ole32

Sections

.text Size: 420KB - Virtual size: 416KB

.data Size: 28KB - Virtual size: 24KB

.tls Size: 4KB - Virtual size: 105B

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 420KB - Virtual size: 416KB

.data
Size: 28KB - Virtual size: 24KB

.tls
Size: 4KB - Virtual size: 105B

.reloc
Size: 8KB - Virtual size: 4KB