51cd480545f7f94743b31ae220b54f34428241cfaa3c30a31f200c54f4a359cc

Sharing

Copy URL Twitter E-mail

General

Target

51cd480545f7f94743b31ae220b54f34428241cfaa3c30a31f200c54f4a359cc
Size

586KB
MD5

2a09a78bacf423d3e27b3f63751527d0
SHA1

75f9810b2df62dce6354f1797be681a9f4bb1734
SHA256

51cd480545f7f94743b31ae220b54f34428241cfaa3c30a31f200c54f4a359cc
SHA512

c0cb2fd2f7b4a56b68111a5df43fda9d064d1fe8ed4dfe31063c90fd0b20aa81656355563d8dbde8c61c155282820be1785af7b1eacaefb71bde628a6edc1d86
SSDEEP

3072:y8ON5QWrM7GsDvIqHRxxqbkqTlLz78f6OAYLJMeAdq28BBBkrIvo0QvTg32IFw5:y8ON5QWejYb/5USOR1MBdEVfCgNw5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51cd480545f7f94743b31ae220b54f34428241cfaa3c30a31f200c54f4a359cc

Files

51cd480545f7f94743b31ae220b54f34428241cfaa3c30a31f200c54f4a359cc
.exe windows:6 windows x86 arch:x86

dba2ed91fe8c4de2b6a547afb1251aad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Jonathan\source\Workspaces\Workspace\Array30IME\Array30IME\Release\Array30Prop.pdb

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
FindResourceW
GetUserPreferredUILanguages
LocalFree
SetLastError
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
RaiseException
DeleteCriticalSection
GetLastError
InitializeCriticalSectionEx
CreateProcessW
CloseHandle
CreateFileW
ReadFile
CreateDirectoryW
WriteFile
GetModuleHandleW
DecodePointer
FlushFileBuffers
SetFilePointerEx
GetStringTypeW
SetStdHandle
FindResourceExW
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetFileType
GetStdHandle
GetModuleHandleExW
ExitProcess
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetSystemTimeAsFileTime
LoadResource
LockResource
SizeofResource
GetModuleFileNameW
WriteConsoleW
MulDiv
GetProcAddress
HeapDestroy
LoadLibraryW
FreeLibrary
VerifyVersionInfoW
VerSetConditionMask
GetConsoleOutputCP
GetConsoleMode
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
IsDebuggerPresent
OutputDebugStringW
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
GetCurrentProcess
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
LoadLibraryExA
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable

user32

DestroyIcon
LoadImageW
CreateDialogParamW
SendDlgItemMessageW
InvalidateRect
GetSysColorBrush
ShowWindow
IsWindowEnabled
IsWindowVisible
EnableWindow
GetSysColor
DestroyAcceleratorTable
UnhookWindowsHookEx
SetWindowsHookExW
LoadAcceleratorsW
CallNextHookEx
TranslateAcceleratorW
SetWindowLongW
DialogBoxParamW
UnregisterClassW
GetActiveWindow
EndDialog
OffsetRect
AdjustWindowRectEx
GetDlgItem
SystemParametersInfoW
ReleaseDC
GetDC
MoveWindow
GetWindow
GetWindowLongW
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
GetParent
GetClientRect
MapWindowPoints
SetWindowPos
SetWindowTextW
SendMessageW
GetSystemMetrics

gdi32

SetTextColor
SetBkMode
SelectObject
CreateFontIndirectW
GetDeviceCaps
DeleteObject
GetTextExtentPoint32W

advapi32

RegSetValueExW
SetNamedSecurityInfoW
SetEntriesInAclW
GetNamedSecurityInfoW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey

shell32

CommandLineToArgvW
SHGetKnownFolderPath

ole32

CoTaskMemFree

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 429KB - Virtual size: 429KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dba2ed91fe8c4de2b6a547afb1251aad

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 110KB - Virtual size: 109KB

.rdata Size: 35KB - Virtual size: 34KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 429KB - Virtual size: 429KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 110KB - Virtual size: 109KB

.rdata
Size: 35KB - Virtual size: 34KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 429KB - Virtual size: 429KB

.reloc
Size: 7KB - Virtual size: 7KB