5bcaa9ba66ff545f2d99f301bf3ccce6e61bee1ab8296a340e7d67d9463ae6e7

Sharing

Copy URL Twitter E-mail

General

Target

5bcaa9ba66ff545f2d99f301bf3ccce6e61bee1ab8296a340e7d67d9463ae6e7
Size

320KB
MD5

7d8c496fa0b843df0341b7940b3fbf44
SHA1

34d79f1d194db9752084957b45ab0ae72df795fb
SHA256

5bcaa9ba66ff545f2d99f301bf3ccce6e61bee1ab8296a340e7d67d9463ae6e7
SHA512

4f37feb0f6b95cec45bbe92b9e4ce04498f09296c372e51270bcb00e4aedb313f844b0d6f657101ca9d03099e638ff924d0da52742265c5a1e1eceb2a14177d6
SSDEEP

6144:2WXJ7lFc5WxJAOUhEUyANZ4hnpm5i9FoZDUsTdoUWqGcLldl:DJ7lFcYxJAzhEF1pm5QoZQsxgqGcLln

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bcaa9ba66ff545f2d99f301bf3ccce6e61bee1ab8296a340e7d67d9463ae6e7

Files

5bcaa9ba66ff545f2d99f301bf3ccce6e61bee1ab8296a340e7d67d9463ae6e7
.exe windows x86

52bea9a2d8e6c241c08fb769857fdb3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
GetFileTime
LocalFileTimeToFileTime
FindClose
FindFirstFileA
CreateDirectoryA
DosDateTimeToFileTime
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
HeapSize
GetTimeZoneInformation
SetCurrentDirectoryA
GetCurrentDirectoryA
GetFullPathNameA
SetStdHandle
SetEndOfFile
FlushFileBuffers
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
GetConsoleMode
GetConsoleCP
ReadFile
GetCurrentProcessId
InterlockedDecrement
InterlockedIncrement
QueryPerformanceCounter
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FreeLibrary
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MoveFileExA
Sleep
WideCharToMultiByte
MultiByteToWideChar
FormatMessageW
GetLastError
SetLastError
SleepEx
WaitForSingleObject
CloseHandle
GetVersionExA
HeapFree
HeapAlloc
DeleteFileA
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
HeapReAlloc
GetFileType
CreateFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
GetFileAttributesA
ExitThread
GetCurrentThreadId
CreateThread
GetTimeFormatA
GetDateFormatA
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree

ws2_32

WSAIoctl
setsockopt
select
__WSAFDIsSet
htonl
htons
WSAGetLastError
closesocket
ntohs
socket
WSACloseEvent
send
getsockopt
bind
recv
getsockname
connect
getpeername
accept
listen
gethostbyname
gethostbyaddr
getservbyname
getservbyport
inet_addr
inet_ntoa
ioctlsocket
WSASetLastError

advapi32

CryptReleaseContext
CryptGenRandom
CryptGetHashParam
CryptCreateHash
CryptDestroyHash
CryptHashData
CryptImportKey
CryptEncrypt
CryptDestroyKey
CryptAcquireContextA

Sections

.text
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52bea9a2d8e6c241c08fb769857fdb3d

Headers

File Characteristics

Imports

kernel32

ws2_32

advapi32

Sections

.text Size: 260KB - Virtual size: 257KB

.rdata Size: 40KB - Virtual size: 37KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 4KB - Virtual size: 176B

.text
Size: 260KB - Virtual size: 257KB

.rdata
Size: 40KB - Virtual size: 37KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 4KB - Virtual size: 176B