5a6c8071a17c5dde2a744ed2bea3041f3835243ddea1b152b8459dbc694a5573N

Sharing

Copy URL Twitter E-mail

General

Target

5a6c8071a17c5dde2a744ed2bea3041f3835243ddea1b152b8459dbc694a5573N
Size

2.2MB
MD5

fa131e1211326db50e2633e0fae282f0
SHA1

c91136091d53223d905d863c214ad9c5b39117d5
SHA256

5a6c8071a17c5dde2a744ed2bea3041f3835243ddea1b152b8459dbc694a5573
SHA512

f4d7730bf7c320b3e76888522a8014b3961af6baac1abd562c37fc2e59116d93e92111168f03d1ee3536ebaabe56e5c9d312cba80013fd5dd194fce932002a73
SSDEEP

24576:ifXO54rG3GeMCCtFg6CG1vVbbcRK/s8iftSppDaabpXLb:ifTrRFguQRmpnlbb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a6c8071a17c5dde2a744ed2bea3041f3835243ddea1b152b8459dbc694a5573N

Files

5a6c8071a17c5dde2a744ed2bea3041f3835243ddea1b152b8459dbc694a5573N
.exe windows:5 windows x86 arch:x86

6f4f04e41692cfe7561de9c9d1baf4a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UnionRect
PostThreadMessageW
ShowWindowAsync
CreateDialogParamW
CreateDialogIndirectParamW
CharNextW
SetCapture
GetSystemMetrics
LoadMenuW
CreatePopupMenu
EnableMenuItem
DdeCmpStringHandles
RealChildWindowFromPoint
IsDialogMessageW
GetParent
DrawFrameControl
EnumPropsW
EnableScrollBar
SetForegroundWindow
DrawIcon
RemoveMenu

kernel32

SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
RtlUnwind
LoadLibraryExW
VirtualAlloc
WriteConsoleW
PulseEvent
GetFileType
SetEndOfFile
lstrcmpW
GetModuleHandleW
ExpandEnvironmentStringsW
OutputDebugStringW
CreateFileW
FindNextFileW
AreFileApisANSI
GetVersionExW
GetLocaleInfoW
GetConsoleWindow
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
DeleteCriticalSection
ExitProcess
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
CloseHandle
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree

uxtheme

OpenThemeData
DrawThemeText
IsThemeBackgroundPartiallyTransparent
SetWindowTheme
IsAppThemed
GetCurrentThemeName
DrawThemeParentBackground

advapi32

RegOpenKeyExW

wsock32

WSAAsyncSelect
WSAAsyncGetHostByName

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 6.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.38tewl
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.6o2wtl
Size: 991KB - Virtual size: 991KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nl3nl
Size: 304KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f4f04e41692cfe7561de9c9d1baf4a2

Headers

File Characteristics

Imports

user32

kernel32

uxtheme

advapi32

wsock32

Sections

.text Size: 125KB - Virtual size: 125KB

.data Size: 128KB - Virtual size: 6.9MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.38tewl Size: 362KB - Virtual size: 361KB

.6o2wtl Size: 991KB - Virtual size: 991KB

.nl3nl Size: 304KB - Virtual size: 303KB

.rsrc Size: 362KB - Virtual size: 362KB

.text
Size: 125KB - Virtual size: 125KB

.data
Size: 128KB - Virtual size: 6.9MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.38tewl
Size: 362KB - Virtual size: 361KB

.6o2wtl
Size: 991KB - Virtual size: 991KB

.nl3nl
Size: 304KB - Virtual size: 303KB

.rsrc
Size: 362KB - Virtual size: 362KB