CVE-2013-5065_x64[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

CVE-2013-5065_x64.exe
Size

52KB
MD5

2d52c407a8b11626fbfe22b67d7b97d6
SHA1

77c30c0a2ceb90720ede339cf5ebe05181fd01fa
SHA256

054e2aadb32ef0484f2615edcf339bedec60485592cddacdfba047a7898ae942
SHA512

5c9c78aa3554759ed18ede5407432bab43547e5dec7a4b18c0abb7f82eabb5e5070ff2105498426e7679715825057028954f235eead545af255ae38db40fe4ad
SSDEEP

768:k0B6zdmn3YQgOZLb6JJQyHraz5Yj/qUPLn3qpWnM6FAGz8Lpouy7VzWBk05+/X:HB6xmSJK5Yj/qUPLn3qp2M2AGg1xOI5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CVE-2013-5065_x64.exe

Files

CVE-2013-5065_x64.exe
.exe windows x64

57119163d2fe7eb1174dca234d1248af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

LoadLibraryA
GetProcAddress
CreateFileA
DeviceIoControl
WinExec
CloseHandle
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
HeapAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle

ntdll

NtQuerySystemInformation
NtAllocateVirtualMemory

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57119163d2fe7eb1174dca234d1248af

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdll

Sections

.text Size: 34KB - Virtual size: 33KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 5KB - Virtual size: 13KB

.pdata Size: 2KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 620B

.text
Size: 34KB - Virtual size: 33KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 5KB - Virtual size: 13KB

.pdata
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 620B