5fb768442e6c016d020dea1469dd9971bd22c3039782ffb642a0a91b57f8561f

Sharing

Copy URL Twitter E-mail

General

Target

5fb768442e6c016d020dea1469dd9971bd22c3039782ffb642a0a91b57f8561f
Size

14.7MB
MD5

50a45aad5b1e179405deecf573d247a7
SHA1

08487434b4b2a4129ac514d1a2e6a3837c3df4bc
SHA256

5fb768442e6c016d020dea1469dd9971bd22c3039782ffb642a0a91b57f8561f
SHA512

d35217e3142b28187e197fcc655e398d961589ffe5feec6a7333d684832f623a8f2786320d7f0b34fd0803f397978f793ffa940d27ada67f5222d2c15af47b8c
SSDEEP

196608:hesy/x7maFHB9Rq8CdCNXc2N+oQfVpP5tFwOUEq/kvcNExzs0:hfyoaFHB2eHNIKOi/kQEx4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fb768442e6c016d020dea1469dd9971bd22c3039782ffb642a0a91b57f8561f

Files

5fb768442e6c016d020dea1469dd9971bd22c3039782ffb642a0a91b57f8561f
.exe windows x64

01c07c2f5cdd5846d7617e0dda4525f7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

api-ms-win-crt-environment-l1-1-0

getenv_s

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-time-l1-1-0

_localtime64

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-math-l1-1-0

sqrt

api-ms-win-crt-utility-l1-1-0

srand

api-ms-win-crt-filesystem-l1-1-0

_findfirst64i32

api-ms-win-crt-stdio-l1-1-0

fread

api-ms-win-crt-heap-l1-1-0

_callnewh

api-ms-win-crt-runtime-l1-1-0

exit

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memcmp

d3d9

Direct3DCreate9

dsound

ord11

msacm32

acmStreamConvert

dinput8

DirectInput8Create

msvcp140

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAK@Z

ole32

CoInitialize

shell32

ShellExecuteA

gdi32

SelectObject

user32

TranslateMessage

kernel32

GetSystemFirmwareTable

Sections

.text
Size: - Virtual size: 20.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vdata
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 14.7MB - Virtual size: 14.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01c07c2f5cdd5846d7617e0dda4525f7

Headers

DLL Characteristics

File Characteristics

Imports

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

vcruntime140_1

vcruntime140

d3d9

dsound

msacm32

dinput8

msvcp140

ole32

shell32

gdi32

user32

kernel32

Sections

.text Size: - Virtual size: 20.2MB

.rdata Size: - Virtual size: 3.0MB

.data Size: - Virtual size: 4.0MB

.pdata Size: - Virtual size: 2.9MB

.vdata Size: - Virtual size: 17KB

.text Size: - Virtual size: 3.6MB

.data Size: - Virtual size: 77KB

.text Size: 14.7MB - Virtual size: 14.7MB

.data Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 104B

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: - Virtual size: 20.2MB

.rdata
Size: - Virtual size: 3.0MB

.data
Size: - Virtual size: 4.0MB

.pdata
Size: - Virtual size: 2.9MB

.vdata
Size: - Virtual size: 17KB

.text
Size: - Virtual size: 3.6MB

.data
Size: - Virtual size: 77KB

.text
Size: 14.7MB - Virtual size: 14.7MB

.data
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 104B

.rsrc
Size: 17KB - Virtual size: 17KB