5d96604e0d1ab34d42d267783ade26fa[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

5d96604e0d1ab34d42d267783ade26fa.exe
Size

6.5MB
MD5

5d96604e0d1ab34d42d267783ade26fa
SHA1

5690c2fd39290c52656099dbaa6ab71645ef7fcf
SHA256

4af82e2942c843c88fd4dc43cfe11b9fc286c7ea1dac32bf4ee9de439eed07fd
SHA512

35e537e1a1ac8cfc5f8d042b5c26167fc7ffde7e27f349f6df23878cace3a550402c51ca3b0a0ea62ca0f284dba00a91f08cb25d11aea49dc5326a5331b47cf4
SSDEEP

196608:LzvolaY8aa303pN4r6IYxSb60nUWTX6m:/4aXaasE6IYYQU6m

Score

N/A

Malware Config

Signatures

Files

5d96604e0d1ab34d42d267783ade26fa.exe
.exe windows x86

ce26abf4781cac630107d46b9c76d477

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

OpenClipboard
CharUpperBuffW

advapi32

GetUserNameA

shell32

ShellExecuteA

wininet

InternetConnectA

msvcp140

?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z

vcruntime140

__std_terminate

api-ms-win-crt-runtime-l1-1-0

_initterm_e

api-ms-win-crt-stdio-l1-1-0

setvbuf

api-ms-win-crt-filesystem-l1-1-0

_lock_file

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-heap-l1-1-0

realloc

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-utility-l1-1-0

rand

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

#$TWEFC0
Size: - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

#$TWEFC1
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

#$TWEFC2
Size: 6.5MB - Virtual size: 6.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 469B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce26abf4781cac630107d46b9c76d477

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wininet

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: - Virtual size: 61KB

.rdata Size: - Virtual size: 15KB

.data Size: - Virtual size: 2KB

#$TWEFC0 Size: - Virtual size: 3.5MB

#$TWEFC1 Size: 1KB - Virtual size: 1KB

#$TWEFC2 Size: 6.5MB - Virtual size: 6.5MB

.reloc Size: 2KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 469B

.text
Size: - Virtual size: 61KB

.rdata
Size: - Virtual size: 15KB

.data
Size: - Virtual size: 2KB

#$TWEFC0
Size: - Virtual size: 3.5MB

#$TWEFC1
Size: 1KB - Virtual size: 1KB

#$TWEFC2
Size: 6.5MB - Virtual size: 6.5MB

.reloc
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 469B