5d9e7378c26f156405cacdcac1ed9203dc0e310027ecdde31c9b7c55956ae4a4N

Sharing

Copy URL

Twitter E-mail

General

Target

5d9e7378c26f156405cacdcac1ed9203dc0e310027ecdde31c9b7c55956ae4a4N
Size

585KB
MD5

816d4b7e2fe138da274af3b55a8516c0
SHA1

07ceb9cb95ca435a6832c64cd0a45181f4c73307
SHA256

5d9e7378c26f156405cacdcac1ed9203dc0e310027ecdde31c9b7c55956ae4a4
SHA512

6b0bf0175dae7ce90ad8cccd4679a614de32be458dd2d6acb118525b7e3d8626d8d463c14dfae10d6b228599a7103a74ad95901fdcbb5735b3fd0f689ef242a0
SSDEEP

12288:kElPhRQMP5rYBMlZJipr/O0JewNsHxiqFSxvITj:kurQM5s8KHJewNsHxiqFSxv4j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d9e7378c26f156405cacdcac1ed9203dc0e310027ecdde31c9b7c55956ae4a4N

Files

5d9e7378c26f156405cacdcac1ed9203dc0e310027ecdde31c9b7c55956ae4a4N
.exe windows:5 windows x86 arch:x86

e2c74240bb5ac11b421926cae88fd05b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_UP_SYSTEM_ONLY

Imports

kernel32

GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameW
GetStdHandle
SetHandleCount
ExitProcess
IsProcessorFeaturePresent
HeapFree
lstrcatW
SetLastError
GetModuleHandleW
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringW
GetStringTypeW
Sleep
RtlUnwind
LoadLibraryW
HeapSize
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
CloseHandle
WriteConsoleW
SetStdHandle
lstrcpyA
WriteFile
GetModuleHandleA
GetSystemInfo
TlsFree
DecodePointer
TlsSetValue
TlsGetValue
CreateFileW
TlsAlloc
EncodePointer
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
GetComputerNameExW
GetProcAddress
GetLastError
MulDiv
HeapCreate
WideCharToMultiByte
HeapAlloc
FreeLibrary
lstrlenA
GetCurrentThreadId
GetComputerNameA
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
MultiByteToWideChar

user32

LoadCursorA
FindWindowA
DestroyMenu
UpdateWindow
LoadImageA
CopyRect
GetSystemMetrics
MoveWindow
OffsetRect
SetWindowLongA
EnumDesktopsA
ShowWindow
DefWindowProcA
ReleaseDC
CreateWindowExA
MessageBoxA
SetWindowTextA
IsIconic
EndPaint
ClientToScreen
DestroyWindow
GetMessageA
GetWindowRect
IsMenu
CreateDialogParamA
RegisterClassExA
PostQuitMessage
GetWindowDC
TranslateMessage
FillRect
GetTopWindow
DrawTextA
DrawIconEx
LoadBitmapA
LoadIconA
wsprintfA
DrawIcon
GetClientRect
SetFocus
SendMessageA
BeginPaint
GetDC
InvalidateRect

gdi32

CreatePolygonRgn
MoveToEx
BitBlt
GetTextExtentPoint32A
LineTo
SetTextColor
DeleteDC
CreateDIBSection
CreateFontA
GetDeviceCaps
CreateFontIndirectA
CreateDCW
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
Ellipse
FillRgn
SaveDC
CreateRectRgn
CreatePatternBrush
CreatePen
SetTextAlign
GetStockObject
RestoreDC
CreateSolidBrush
TextOutA
GetObjectA

comdlg32

ChooseColorA

advapi32

LsaClose

shell32

ShellExecuteA
SHGetFolderPathW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoGetMalloc
CreateStreamOnHGlobal

netapi32

NetUserAdd
NetLocalGroupAddMember

avifil32

AVIStreamCreate
AVIFileInit

comctl32

ImageList_GetImageCount
ord17
FlatSB_GetScrollInfo
InitCommonControlsEx
ImageList_GetImageInfo
ImageList_Create
ImageList_AddMasked
CreateToolbarEx

gdiplus

GdipAlloc
GdiplusStartup
GdipCloneImage
GdipSaveImageToFile
GdipCreateBitmapFromHBITMAP
GdiplusShutdown
GdipFree
GdipDisposeImage

uxtheme

DrawThemeBackground

dxva2

GetTimingReport

Sections

.text
Size: 342KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2c74240bb5ac11b421926cae88fd05b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

netapi32

avifil32

comctl32

gdiplus

uxtheme

dxva2

Sections

.text Size: 342KB - Virtual size: 342KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 7KB - Virtual size: 14KB

.rsrc Size: 206KB - Virtual size: 205KB

.text
Size: 342KB - Virtual size: 342KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 7KB - Virtual size: 14KB

.rsrc
Size: 206KB - Virtual size: 205KB