5cf9474df37762e1f54daa979d21eb23f0b71c90659fae8fe86f6d9ea2b2168a

Sharing

Copy URL Twitter E-mail

General

Target

5cf9474df37762e1f54daa979d21eb23f0b71c90659fae8fe86f6d9ea2b2168a
Size

393KB
MD5

f6346cba322ccfd7037a216844f149d2
SHA1

0d89ff68aa8c9fa41df6c97beca113a7c77180e4
SHA256

5cf9474df37762e1f54daa979d21eb23f0b71c90659fae8fe86f6d9ea2b2168a
SHA512

68bf11a08fe82ea042814b8cdfa1f530eee2cb3bb3f4d74bebb276aadf319854b4d416d083bd91b6c570c5ef4a21273373927474fcdd60dac0023f16bc402153
SSDEEP

6144:ada0xhuwVMCwtjP1h4Q81i6nhsX8DYkqPWfv:advBwtz4U6nUZPWfv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5cf9474df37762e1f54daa979d21eb23f0b71c90659fae8fe86f6d9ea2b2168a

Files

5cf9474df37762e1f54daa979d21eb23f0b71c90659fae8fe86f6d9ea2b2168a
.exe windows:6 windows x86 arch:x86

09d90b0369e01a6e17931ddae4d9fe19

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
lstrcmpW
MulDiv
LoadLibraryExW
WriteConsoleW
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetStringTypeW
SetStdHandle
CloseHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
lstrcmpiW
FindClose
LCMapStringW
HeapReAlloc
HeapSize
GetFileType
GetACP
WriteFile
GetStdHandle
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetSystemTimeAsFileTime
FreeLibrary
GetModuleHandleW
DeleteCriticalSection
GlobalLock
GetProcAddress
DecodePointer
FindResourceW
LoadResource
RaiseException
GetLastError
GlobalAlloc
MultiByteToWideChar
GetCurrentThreadId
InitializeCriticalSectionEx
LeaveCriticalSection
GetModuleFileNameW
EnterCriticalSection
SetLastError
FindFirstFileExA
SizeofResource
GetCurrentProcessId
CreateFileW
QueryPerformanceCounter
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
OutputDebugStringW
IsDebuggerPresent
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
GetCurrentProcess
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetProcessHeap
HeapFree
HeapAlloc
EncodePointer

user32

GetWindowTextW
EndPaint
BeginPaint
ReleaseDC
InvalidateRect
ReleaseCapture
UpdateWindow
RegisterWindowMessageW
GetParent
GetClassInfoExW
GetDesktopWindow
PostQuitMessage
GetWindowLongW
GetWindowTextLengthW
GetMessageW
DefWindowProcW
CallWindowProcW
GetWindow
GetFocus
DestroyWindow
GetDC
SetWindowPos
FillRect
CreateWindowExW
ScreenToClient
SendMessageW
UnregisterClassW
SetWindowTextW
RegisterClassExW
ShowWindow
IsWindow
InvalidateRgn
DispatchMessageW
RedrawWindow
ClientToScreen
DestroyAcceleratorTable
IsChild
RegisterClassW
GetSysColor
MoveWindow
CreateAcceleratorTableW
SetFocus
CharNextW
TranslateMessage
LoadCursorW
GetClassNameW
SetCapture
wsprintfW
SetWindowLongW
GetClientRect
GetDlgItem

gdi32

BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetStockObject
GetDeviceCaps
DeleteDC
GetObjectW
DeleteObject
CreateSolidBrush

advapi32

RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegCloseKey

ole32

CoGetClassObject
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
CLSIDFromProgID
CoTaskMemFree
CreateStreamOnHGlobal
OleInitialize
CoTaskMemRealloc
CLSIDFromString
OleLockRunning
OleUninitialize

oleaut32

VarUI4FromStr
VariantInit
LoadTypeLi
SysFreeString
OleCreateFontIndirect
SysAllocString
SysStringLen
SysAllocStringLen
VariantClear
LoadRegTypeLi

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09d90b0369e01a6e17931ddae4d9fe19

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 113KB - Virtual size: 112KB

.rdata Size: 39KB - Virtual size: 39KB

.data Size: 5KB - Virtual size: 7KB

.rsrc Size: 226KB - Virtual size: 226KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 113KB - Virtual size: 112KB

.rdata
Size: 39KB - Virtual size: 39KB

.data
Size: 5KB - Virtual size: 7KB

.rsrc
Size: 226KB - Virtual size: 226KB

.reloc
Size: 7KB - Virtual size: 7KB