5ab74aa6ed4d386308e63466b455c9a633dd226beeefaf22ace4a635c329c8e4

Sharing

Copy URL Twitter E-mail

General

Target

5ab74aa6ed4d386308e63466b455c9a633dd226beeefaf22ace4a635c329c8e4
Size

4.7MB
MD5

2c7833a448e25ebbcc47b1477c9f412b
SHA1

4b96dca6977643bdd6f939c6c1a899cc07aba3ac
SHA256

5ab74aa6ed4d386308e63466b455c9a633dd226beeefaf22ace4a635c329c8e4
SHA512

6550d9e3811324eb6da5ffbb953e0cb8f41d92699cfe39d4bd657d09cd20e64bec8f5852482b1686557506404fa4fef7b91c277d52d6800aef16d4ab14d5b768
SSDEEP

98304:FWGnW6PT5g0yaAW49MJy984MQJrgFupNCK2keph3i/dDxg+43kB35qZalU03d91t:FTnPTe0yaES0VpJrgAjCK2kihS/dDG+1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ab74aa6ed4d386308e63466b455c9a633dd226beeefaf22ace4a635c329c8e4

Files

5ab74aa6ed4d386308e63466b455c9a633dd226beeefaf22ace4a635c329c8e4
.exe windows x86

1d54b8e40d4cac277685ca378a0cb22a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2976

msvcrt

_adjust_fdiv

kernel32

WinExec
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

SetTimer

gdi32

GetPixel

ole32

CoInitialize

msvcp60

?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB

Exports

Exports

�JWdp+�p��*Ȼ�%��~`�Jh��ojxI��oq[��V�R��X�4��K��M,`� �aΑI�s�vwk��fp�M�/ե��\��n�o=.��A�Q0N�ިE��3X��G��K�#-~�B�qQ��bi��Pz0DUɼ%�k�Zߐ`��.O<��C�]ߍ& ��VO��r�-}�V��P�[>�j�t��Jm�C�2�_.�6.�$�[��<z�W�.Ψ�T�$n#h$��^�V��D}$&��g��tX"��6��)��>f�џ��L��J��c� -�RC �\ dȤ�$�q��C�78& X��b��f��1JZ��l��"Or�F�"TTERs�X��#q��d�v�X�_ˢt'��5��zm��U��Y�7UG��z}N��E��✞�^�u��C`��:��A�ϛ�-u��.љ}��1�|ڨ��V^k��8�`l*��g�,8p�x��5S�u�sE� ��=��jjȈ ��%��<kkI�[ku3^��ߒ6��oo<��Z�:"��o�Cu��è�hi.v��ڮ��}�a��0�xdC��rcܯ�j��T��d�>�s�ˀ��M�, ��ا[L0��<aL��֋�b,��)S㒭��B.�t+í�Ю�v��i3�_��ߟn-!�s��3�Fm��f�,�U�T�5�uqCQ��XIY|��b�%צB�UR�Ȣ&~��YY��ݨ�#r�π�Y��X6=��Bi,��)얅/6�ܵ=\|��h�*��(8��м��9"��d�aƨ��.�J��Ѱ�0˨�F7��1$0��DV�cIy,�{�.�BwIB��mȺ��`�\��R��o�?N��؝��+�㿱��.*Rڲ��v5s��(� !g�䉆��v颋E��[��=�X��x诮�up��E�&��k� �.`�&��w�A9��K��{uU�� R�%��a(>�|.^��s��~��ͱ�5Z#��Rгʍi�}��8�)K�Сc(t��6�lXZ�'��g��D~��ы��[�Ơ��,��І��1��p��jU3W�K��ݔYu|0Bo�]3�e�oO*,f�S��ݵ.nͣ��ZG9G½�uJ$\;6�X��w��逪t_�X�:wR^a;�KJ�Y ��Ac�MG��#J-��ɩ��"�%��8)�� U�|F^��,m��Ӌn��q1ten�[4�BY۪@@��̈da��h&��Y��JaB�ah��i�s{��K��}�d2ǎ&�ɹ�\��p/��`74�4��E��as��U��ٸ≮�]O�:a�_~�,��7͛��^��o��/q�̤�[�.�W�:^��g:�,�T`�o��3Q8HD:�e��ۤA&�񥝖Qδ?�p��R)r�%��>Yw�tYi�Ʈ%=��K��v��5�a��K��Ư��A{�r�Y��THr�DЉꃍ�!�Յ�7?�w��o��7}2�*�q�8��T0l�L�t��':�5��Q��(�sI��K_�<��>%�&� ��۵��r��p��S�s��J�y��s��VR(�y��&��ڏ��ut��3�mg��2R�[��{jT��ʣ��?��j��}?�A<{.�"��حx��E��ł�?�<&d�)�L [��A1t &�"s�Dr�\΂R�"�� E�J �I��JcF?��-��ݏ��L�Eַ��)E�/4K��9z��G��,��S[��k��N̆��=#��q��9��B��B��1�4�9\��0,�e��۷ɉ�}kGO��~(9��<��8]R��{�x��l��?�j ��y�"v��2��}>Ѿ�t6 ��w��9�(?�/��N��(�_�F^D��xn>�0z�嫏H��HP��7��s{��:�Z�z�2z��G��+��=��F��"�:�/6嚁�xU�6��,��F� �C|��ŕa��g\,�3�)��ϐ��~�Ⰿ��xQ&�Yn 0s_��.�]`��"��C��E�1X��B�� SK�� \:kI}�'!�v�(@s-itcI[)B�".UG��'ά�O��e��+n�� g��7u�?��˶�MT��-�%:B�S�1��U�_�f��i�Z�K�V��?�kM!vE�>�id��D@�.T�$��,�BZ�1U�ȿ?@��Eѣ��n�6OyAN��x�F�>V��4��)�^�QfX�M��T�_�_��$�� o��RI�Y�FW�WT��L��a��k�,o�W-%t��59:kr]L��$@k��ﵔ\hr�{�m�}�[ g��J;]��c��[}��t5�7Rw7B��XE@,��j��-��X��_�씟��0�+E��P�s~c�_:n�K��B.M2qu��B��u��h�9i�9 � T��o� :�C�=�q��ØB��=�#��[X�?��K_i=!��aoh~��c��v��ǝSG�F��猾�w+~R��;%SW햟EQʁ�u6��T�=2|M��`O[�4�x��65�V�.��q�Vɵ��L�s̕�6m��؂h2�xʏukN��k*�-�\ �:c6��9LJ.l� w�� 7' �6��m�ǫ@�I�}��x��Υ�wyI$��mĘ%��x5��F�2<�me�3�7j��J�q��6��ܫ=&p�� 3�Ev�̀��=�I�V�w%b��^l�ŵ�Eм>,U�Z#�]9�t=;�$��SC%h�~��O{,�vP.� ς��z>��.lr��e��q �n|��X;��<2v��| ��紑�>:�4�{V�!3 �چ)��

Sections

.text
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 10.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

0
Size: - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.tls
Size: 4KB - Virtual size: 24B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1d54b8e40d4cac277685ca378a0cb22a

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

ole32

msvcp60

Exports

Exports

Sections

.text Size: - Virtual size: 7KB

.rdata Size: - Virtual size: 5KB

.data Size: - Virtual size: 1008B

.rsrc Size: 4KB - Virtual size: 10.9MB

0 Size: - Virtual size: 105KB

.tls Size: 4KB - Virtual size: 24B

1 Size: 4.6MB - Virtual size: 4.6MB

.text
Size: - Virtual size: 7KB

.rdata
Size: - Virtual size: 5KB

.data
Size: - Virtual size: 1008B

.rsrc
Size: 4KB - Virtual size: 10.9MB

0
Size: - Virtual size: 105KB

.tls
Size: 4KB - Virtual size: 24B

1
Size: 4.6MB - Virtual size: 4.6MB