5a3d11f1e380e1ef50ee4cf746229a10N

Sharing

Copy URL Twitter E-mail

General

Target

5a3d11f1e380e1ef50ee4cf746229a10N
Size

7.0MB
MD5

5a3d11f1e380e1ef50ee4cf746229a10
SHA1

81ba9d1a08dbfb27289426ac3154562c3cb26a98
SHA256

bac319cf7129290115f5ea64b132974168ddd2bcc27621ad5eb69629afbb8dcc
SHA512

45a4f56fbefee22703cd38ff3c8fe558184574eba31137676c0c5b8649d9bfb71c5bba871ede7b9683fa7339ce174e16f1d10742941cc8fcd455aaf7fe05fcb8
SSDEEP

196608:Aooy10wRAhFggYUWLWHT25t+yFkw0un5Vot:+KTKggMWzGYzw0un5Vot

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a3d11f1e380e1ef50ee4cf746229a10N

Files

5a3d11f1e380e1ef50ee4cf746229a10N
.exe windows:5 windows x86 arch:x86

4923ea411ce46edf15b7db962ddf18f3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
CreateFileW
lstrlenA
lstrcpyA
WaitForSingleObject
OpenProcess
LocalFree
GetTickCount
GetOverlappedResult
GetModuleHandleA
GetLastError
GetCurrentProcess
LocalAlloc
GetCommConfig
FormatMessageA
ExitProcess
DuplicateHandle
DeviceIoControl
LoadLibraryExA
CreateEventA
CloseHandle
GetProcessHeap
GetProcAddress

user32

SendMessageA
SetDlgItemTextA
SetForegroundWindow
SetTimer
SetWindowPos
SetWindowTextA
UnregisterClassA
wsprintfA
SendDlgItemMessageA
ScreenToClient
ReleaseDC
RegisterClassA
LoadStringA
LoadImageA
LoadBitmapA
IsDialogMessageA
GetWindowTextA
GetWindowRect
GetDlgItem
GetDC
DestroyWindow
DestroyIcon
CreateDialogParamA
PostQuitMessage
DefWindowProcA
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
GetSystemMetrics
KillTimer

gdi32

GetTextExtentPoint32A
DeleteObject
DeleteEnhMetaFile
SelectObject
GetStockObject

comdlg32

PrintDlgExW
PageSetupDlgW
GetSaveFileNameW
GetOpenFileNameW
FindTextW
ChooseFontW

advapi32

RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegOpenKeyA
RegSetValueExW

shell32

ShellAboutW
Shell_NotifyIconA

msvcrt

_XcptFilter
__CxxFrameHandler
__dllonexit
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_ftol
_initterm
_onexit
_wcmdln
_wtoi
exit
free
malloc
qsort
wcschr
wcsrchr
wcsstr
wcstok
wcstol

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 599KB - Virtual size: 599KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4923ea411ce46edf15b7db962ddf18f3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

msvcrt

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 599KB - Virtual size: 599KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 599KB - Virtual size: 599KB

.rsrc
Size: 17KB - Virtual size: 17KB