5b07157ef8b35962763d3d26df164b770f70b3e6f5dc585a9322052af01cfd73N

Sharing

Copy URL Twitter E-mail

General

Target

5b07157ef8b35962763d3d26df164b770f70b3e6f5dc585a9322052af01cfd73N
Size

24KB
MD5

fa50b6443e5cb7a2c7e2a84a1aab91f0
SHA1

204b46e7b7fc1cba634c063df2ad03b06f3b2ba0
SHA256

5b07157ef8b35962763d3d26df164b770f70b3e6f5dc585a9322052af01cfd73
SHA512

5538c7f4c5cd1af9b24d86ce9818a8720f573953684901357897fdab58204d38cbe7d1debdb6be9e6c6f7fbf51b84b7aae25f02b0d67e083cf8d8ef329c3ae35
SSDEEP

384:Bhl+9wz01U7ATiyOjmkpe7bZAxkydn3i09zkmDyoCNc+77UDLibhmL9zvX:c9w41V7OXEy+ydn3JzkmDq/UDLidmhzv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b07157ef8b35962763d3d26df164b770f70b3e6f5dc585a9322052af01cfd73N

Files

5b07157ef8b35962763d3d26df164b770f70b3e6f5dc585a9322052af01cfd73N
.exe windows:4 windows x86 arch:x86

af152559957b498a3e64e711fb418067

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FtpDeleteFileA

rpcrt4

UuidCreate
RpcStringBindingComposeW
RpcBindingFree
RpcBindingFromStringBindingW

ws2_32

WSAGetLastError

advapi32

GetSidSubAuthorityCount
RegEnumKeyExA
RegCreateKeyExA
GetSecurityDescriptorDacl
GetSidIdentifierAuthority
SetSecurityDescriptorGroup
AddAccessAllowedAce
SetSecurityDescriptorSacl
RegGetKeySecurity
GetTokenInformation
RegCreateKeyExW
CryptSetProvParam
CopySid
LockServiceDatabase
CryptSetKeyParam
CryptHashData
OpenProcessToken

user32

GetDC
DeleteMenu
GetDlgItemInt
GetMenuItemCount
LoadCursorW
GetMenuState
GetWindowTextLengthW
GetMenuCheckMarkDimensions
GetWindowRect
SetDlgItemTextW
GetPropW
BeginDeferWindowPos
TranslateMessage
AppendMenuW
GetCursorPos

ole32

CoTaskMemFree
ReleaseStgMedium

kernel32

GetCurrentProcess
GlobalReAlloc
GetFileSize
lstrcmpA
LockFile
GlobalFlags
GetVersionExW
GetShortPathNameW
HeapAlloc
EnumResourceLanguagesW
lstrcmpW
FindFirstFileW
GetCurrentThreadId
LeaveCriticalSection
InitializeCriticalSection
WriteFile
ResetEvent
GetProcessHeap
GetPrivateProfileIntW
GetUserDefaultLCID
SetEndOfFile
SetErrorMode
lstrcmpiW
DeleteCriticalSection
CompareStringW
LocalReAlloc
GlobalFindAtomW
GetFullPathNameW
GlobalFree
SizeofResource
GetThreadLocale
FreeResource
VirtualAlloc
LocalFileTimeToFileTime
InterlockedExchange
GlobalAlloc
ResumeThread
GetModuleHandleA
CreateEventW
CreateFileW
GetLocaleInfoW
FindResourceW
GlobalLock
GetFileAttributesA
InterlockedIncrement
SetThreadPriority
HeapReAlloc
CreateProcessW
GetVersion
FormatMessageW
InterlockedDecrement
GlobalUnlock
lstrlenA
EnterCriticalSection
SetFileTime
SuspendThread
UnlockFile
FileTimeToSystemTime
GlobalDeleteAtom
TlsGetValue
FlushFileBuffers
GetVolumeInformationW
DuplicateHandle
GetCurrentThread
SetFilePointer
MoveFileW
HeapFree
GetSystemInfo
SetLastError
DeleteFileW
SystemTimeToFileTime
GlobalGetAtomNameW
LocalAlloc
GetStringTypeExW
SetEvent
GlobalHandle
TlsSetValue
WaitForSingleObject
GlobalSize
GetCurrentProcessId
GetFileTime
GlobalAddAtomW
Sleep
FileTimeToLocalFileTime
ReadFile
WideCharToMultiByte
MulDiv
GetVersionExA
CopyFileW
CompareStringA
TlsAlloc
GetAtomNameW
GetFileAttributesW
LoadLibraryA
CloseHandle
GetModuleFileNameW
lstrcpyA
LoadResource
SetFileAttributesW
lstrlenW

shell32

ShellExecuteW
ExtractIconW

comdlg32

PrintDlgA
GetOpenFileNameA

Sections

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 699B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

af152559957b498a3e64e711fb418067

Headers

DLL Characteristics

File Characteristics

Imports

wininet

rpcrt4

ws2_32

advapi32

user32

ole32

kernel32

shell32

comdlg32

Sections

.rsrc Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 80KB

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 1024B - Virtual size: 699B

.reloc Size: 512B - Virtual size: 20B

.rsrc
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 80KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 1024B - Virtual size: 699B

.reloc
Size: 512B - Virtual size: 20B