50ab522d9a735c6cbc399779ff3e73843cd00cfb15de7b3c1e85f8cf251f74fa

Sharing

Copy URL

Twitter E-mail

General

Target

50ab522d9a735c6cbc399779ff3e73843cd00cfb15de7b3c1e85f8cf251f74fa
Size

5.9MB
MD5

5ed4deab615b0465c4c8cdc120ac7151
SHA1

db99625347308b347f9a8cf95563bcdd61bd0b8d
SHA256

50ab522d9a735c6cbc399779ff3e73843cd00cfb15de7b3c1e85f8cf251f74fa
SHA512

4540b9e226ac8ebc7ca5f90e759625cb66939912141ddfa568b4094af981150e8274c9299431cb6164e07ec004c2379fce4b8e50636ef73b427237acfc5d3a41
SSDEEP

6144:HN4thSUHz9HRg1c96R7b3/dyTl8W2p7/j1qBl9scLGUNhN:HYh3Hz9HeTZzdwl8W2ZR6aU3N

Score

1^/10

Malware Config

Signatures

Files

50ab522d9a735c6cbc399779ff3e73843cd00cfb15de7b3c1e85f8cf251f74fa
.exe windows:5 windows x86 arch:x86

920aca8fdc4985e3316b3693228113b0

Code Sign

23:5a:1c:76:22:8c:6f:81:4a:36:15:e0:21:d3:a8:a6
Certificate

Issuer

CN=IOCRSIHZPSQUIZFOZQ

Not Before

09-09-2020 13:46

Not After

31-12-2039 23:59

Subject

CN=IOCRSIHZPSQUIZFOZQ

Extended Key Usages

ExtKeyUsageCodeSigning

da:9f:57:ab:c6:d9:bf:81:71:e2:b7:5e:fe:02:15:93:38:6e:bc:c1
Signer

Actual PE Digest

da:9f:57:ab:c6:d9:bf:81:71:e2:b7:5e:fe:02:15:93:38:6e:bc:c1

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
Sleep
VirtualAllocEx
GetModuleHandleW
InterlockedIncrement
InterlockedDecrement
WaitForSingleObject
SetEvent
InitializeCriticalSection
SizeofResource
MultiByteToWideChar
lstrlenW
RaiseException
GetLastError
LoadLibraryExW
lstrcmpiW
DeleteCriticalSection
GetCurrentThreadId
CreateThread
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadResource
FreeLibrary
FindResourceW
GetCommandLineW
CloseHandle
GetModuleFileNameW
OutputDebugStringW
CreateEventW
CreateProcessW
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
DeleteVolumeMountPointW
GetCommTimeouts
GetTapePosition
EnumCalendarInfoA
GetCommModemStatus
GetComputerNameExA
CommConfigDialogA
SetNamedPipeHandleState
LocalSize
GetWriteWatch
GetCPInfoExA
FindVolumeClose
PrepareTape
SetCurrentDirectoryW
DeviceIoControl
SleepEx
FindNextChangeNotification
ReadConsoleA
UnlockFile
BackupSeek
FreeUserPhysicalPages
ExitProcess
GetTempFileNameW
SetThreadPriorityBoost
CancelDeviceWakeupRequest
VirtualProtectEx
GlobalFindAtomW
GetProcessHeap
RtlUnwind
HeapReAlloc
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapAlloc
VirtualAlloc
GetCPInfo
GetOEMCP
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
HeapFree
SetErrorMode
lstrlenA
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
lstrcpyW
SystemTimeToFileTime
PulseEvent
OpenProcess
OpenEventW
LoadLibraryW
GetSystemTime
GetFileTime
FindFirstFileW
FindClose
FileTimeToSystemTime
CreateFileW

user32

LoadCursorA
DispatchMessageW
PostThreadMessageW
CharUpperW
TranslateMessage
CharNextW
UnregisterClassA
GetMessageW
SetDlgItemTextW
DdeGetLastError
GetKeyNameTextW
SwitchDesktop
OpenDesktopA
EnumChildWindows
InternalGetWindowText
SetWinEventHook
CharPrevW
SwapMouseButton
IMPGetIMEW
GetClassInfoExW
GetMessagePos
CharLowerBuffA
RegisterClassExA
DestroyIcon
SetCapture
IsClipboardFormatAvailable
GetDlgCtrlID
GetClassNameW
GetClipboardData
InvertRect
MonitorFromPoint
GetClassInfoA
EnumWindowStationsW
EnumDesktopsA
AppendMenuA
OffsetRect

gdi32

GetStockObject
GetEnhMetaFileBits
ResetDCW
TextOutA
CombineTransform
UnrealizeObject
ResizePalette
GdiStartDocEMF
GdiPlayJournal
GdiSetServerAttr
PolyPatBlt
GetKerningPairsA
NamedEscape
DeleteDC
GetDeviceCaps
ScaleWindowExtEx
DeleteObject
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutW
RectVisible
PtVisible
CreateBitmap
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
ExtTextOutW
GetObjectW

advapi32

RegOpenKeyA
RegQueryValueExA
GetUserNameA
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegCreateKeyExW
RegSetValueExW

shell32

ExtractIconA
ExtractAssociatedIconW
SHEmptyRecycleBinW
FindExecutableW
DragQueryFileAorW
FindExecutableA
DoEnvironmentSubstW
SHLoadInProc
SHGetFileInfo
ShellAboutW
SHGetDataFromIDListA
SHFreeNameMappings
SHGetInstanceExplorer
SHGetDiskFreeSpaceExA
SHGetDataFromIDListW
DragAcceptFiles
ShellExecuteA
SHGetSpecialFolderPathW
Shell_NotifyIconW

ole32

CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoInitialize
StringFromGUID2
CoTaskMemRealloc
CoUninitialize
CoCreateInstance
CoTaskMemAlloc

shlwapi

StrCmpNIW
StrStrW
StrRChrW
StrStrIW
StrChrA
StrCmpNIA

comctl32

InitCommonControlsEx

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 306B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

920aca8fdc4985e3316b3693228113b0

Code Sign

23:5a:1c:76:22:8c:6f:81:4a:36:15:e0:21:d3:a8:a6Certificate

Extended Key Usages

da:9f:57:ab:c6:d9:bf:81:71:e2:b7:5e:fe:02:15:93:38:6e:bc:c1Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

comctl32

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 512B - Virtual size: 306B

.data Size: 5.6MB - Virtual size: 5.6MB

.rsrc Size: 165KB - Virtual size: 164KB

23:5a:1c:76:22:8c:6f:81:4a:36:15:e0:21:d3:a8:a6
Certificate

da:9f:57:ab:c6:d9:bf:81:71:e2:b7:5e:fe:02:15:93:38:6e:bc:c1
Signer

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 512B - Virtual size: 306B

.data
Size: 5.6MB - Virtual size: 5.6MB

.rsrc
Size: 165KB - Virtual size: 164KB