5cb7c80430480a808fa8367d4831c2ae7355fc13a19dfa435c8c7630b97f830d

Sharing

Copy URL Twitter E-mail

General

Target

5cb7c80430480a808fa8367d4831c2ae7355fc13a19dfa435c8c7630b97f830d
Size

797KB
MD5

1f10128fcd19ec4d5746608e6aa7304b
SHA1

d7df20bbcc572ca6209ed21351daecc8e32b7ae0
SHA256

5cb7c80430480a808fa8367d4831c2ae7355fc13a19dfa435c8c7630b97f830d
SHA512

10fa056e38468b6f38062b12ff02aeac6d3b6d186ead2027b8d238446d680de2419035dc1a05983ce84049759be13c904332690c3cebd2d8c84e3b1751d9a84b
SSDEEP

12288:9q31sjGNuxJkeIORuYgCTKnmtf46WLBZxV+977XMDYCNt:9RwYuJCTd546WLBzV+9H4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5cb7c80430480a808fa8367d4831c2ae7355fc13a19dfa435c8c7630b97f830d

Files

5cb7c80430480a808fa8367d4831c2ae7355fc13a19dfa435c8c7630b97f830d
.exe windows:5 windows x86 arch:x86

77ca486c7b4da3e370f341a95bf2c219

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetOpenA
InternetOpenUrlA

version

VerQueryValueA
GetFileVersionInfoA

kernel32

CreateFileA
FileTimeToLocalFileTime
GetFileAttributesA
GetFileSizeEx
GetFileTime
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
FindNextFileA
GetCommandLineA
GetStartupInfoA
HeapReAlloc
RtlUnwind
SetStdHandle
GetFullPathNameA
ExitThread
CreateThread
HeapSize
ExitProcess
VirtualFree
HeapCreate
GetStdHandle
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetTickCount
InitializeCriticalSectionAndSpinCount
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
CompareStringW
SetEnvironmentVariableA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetOEMCP
GetCPInfo
GetLocaleInfoA
InterlockedExchange
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalReAlloc
TlsGetValue
LocalAlloc
GetModuleHandleW
GetUserDefaultLCID
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
LoadLibraryA
lstrcmpW
FileTimeToSystemTime
FormatMessageA
LocalFree
GlobalHandle
SetProcessWorkingSetSize
GetVersionExA
GetCurrentProcessId
TerminateThread
LockResource
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
IsDBCSLeadByte
lstrcmpiA
GetModuleHandleA
GetProcAddress
FreeLibrary
Sleep
GlobalFree
lstrcmpA
WideCharToMultiByte
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FlushInstructionCache
GetCurrentProcess
SetLastError
RaiseException
GetCurrentThreadId
InitializeCriticalSection
lstrlenW
GetModuleFileNameA
lstrlenA
MultiByteToWideChar
GetLastError
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement
InterlockedCompareExchange
GetProcessHeap
GetFileType
IsProcessorFeaturePresent

user32

GetSysColorBrush
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMessageA
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
IsWindowEnabled
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
DispatchMessageA
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
SetMenu
EnableWindow
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetDlgCtrlID
PtInRect
GetMenu
SystemParametersInfoA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
MapDialogRect
SetWindowContextHelpId
DialogBoxIndirectParamA
SendDlgItemMessageA
MessageBoxA
SetParent
PostQuitMessage
FindWindowExA
FindWindowA
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
SetForegroundWindow
SetActiveWindow
IsIconic
GetLastActivePopup
BringWindowToTop
UnhookWindowsHookEx
DestroyIcon
LoadImageA
PostMessageA
CopyRect
GetMonitorInfoA
MonitorFromWindow
ShowWindow
SetWindowTextW
SendMessageW
InflateRect
GetSystemMetrics
UpdateWindow
GetWindowRect
IsWindowVisible
FrameRect
SetWindowsHookExA
BeginPaint
EndPaint
IsChild
GetFocus
SetFocus
UnregisterClassA
CharUpperA
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
GetWindowThreadProcessId
GetWindow
GetDlgItem
IsWindow
GetClassNameA
GetSysColor
CharNextA
SetWindowPos
RedrawWindow
LoadCursorA
GetClassInfoExA
RegisterClassExA
DefWindowProcA
SetWindowLongA
CreateWindowExA
DestroyWindow
CreateAcceleratorTableA
ClientToScreen
ScreenToClient
MoveWindow
SetCapture
ReleaseCapture
FillRect
GetClientRect
InvalidateRgn
CallWindowProcA
InvalidateRect
GetDC
ReleaseDC
GetDesktopWindow
DestroyAcceleratorTable
SendMessageA
GetKeyState
CallNextHookEx
GetWindowLongA
GetParent
GetWindowPlacement

gdi32

SetWindowExtEx
ScaleWindowExtEx
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutA
RectVisible
SelectObject
DeleteObject
BitBlt
DeleteDC
GetStockObject
GetObjectA
PtVisible
GetDeviceCaps
SetMapMode
RestoreDC
SaveDC
ExtTextOutA
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueExA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegCloseKey
RegDeleteKeyA

shell32

SHGetSpecialFolderPathA

shlwapi

PathStripToRootA
PathIsUNCA
PathFindFileNameA

ole32

OleInitialize
OleUninitialize
CoTaskMemFree
CoTaskMemRealloc
CLSIDFromProgID
CoGetClassObject
CoCreateInstance
CreateStreamOnHGlobal
OleLockRunning
StringFromGUID2
CoTaskMemAlloc
CoDisconnectObject
CLSIDFromString

oleaut32

VariantCopy
VariantChangeType
SysStringByteLen
SysAllocStringByteLen
VarUI4FromStr
DispCallFunc
SysAllocStringLen
SysFreeString
SysAllocString
OleCreateFontIndirect
SysStringLen
LoadRegTypeLi
LoadTypeLi
VariantClear
VariantInit
OleLoadPicture

Sections

.text
Size: 365KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 349KB - Virtual size: 349KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77ca486c7b4da3e370f341a95bf2c219

Headers

DLL Characteristics

File Characteristics

Imports

wininet

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Sections

.text Size: 365KB - Virtual size: 364KB

.rdata Size: 63KB - Virtual size: 63KB

.data Size: 18KB - Virtual size: 34KB

.rsrc Size: 349KB - Virtual size: 349KB

.text
Size: 365KB - Virtual size: 364KB

.rdata
Size: 63KB - Virtual size: 63KB

.data
Size: 18KB - Virtual size: 34KB

.rsrc
Size: 349KB - Virtual size: 349KB