5dcd07ab93faa79e2e6aad53e9c8440cf740f5de390e0cc3780541520387150b

Sharing

Copy URL

Twitter E-mail

General

Target

5dcd07ab93faa79e2e6aad53e9c8440cf740f5de390e0cc3780541520387150b
Size

2.3MB
MD5

0101afeef08d7c91bf8568c02c712ea3
SHA1

b9dcbd31640c520e8672a454496d4a6ec212f7b3
SHA256

5dcd07ab93faa79e2e6aad53e9c8440cf740f5de390e0cc3780541520387150b
SHA512

4d3005b967240214e7acc5ee4c796edde3c71d3e5586752da91b7cdc1ae5e544e26e6f4e508d1d98a1f4ab3ad94e1b8057e4bb388890b093bc5b49a968125271
SSDEEP

49152:mg8kQtIB3vYaUDWNzd1ReHmTWXXRFvyL889d/2/VXXaYSW:m3aB/sDq1R8VDvN89xmH7SW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5dcd07ab93faa79e2e6aad53e9c8440cf740f5de390e0cc3780541520387150b

Files

5dcd07ab93faa79e2e6aad53e9c8440cf740f5de390e0cc3780541520387150b
.dll windows:5 windows x86

c1ca0635f7fa6fd261294cda53fb1588

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

iswupper
putc

oleaut32

GetRecordInfoFromGuids
GetErrorInfo

crypt32

CryptVerifyDetachedMessageSignature

gdi32

GetTextColor
CombineRgn

kernel32

GetSystemTimeAsFileTime
InterlockedPushEntrySList
GetFileAttributesExA
GetStringTypeW
OutputDebugStringA
CloseHandle
GetModuleFileNameA
GetBinaryTypeA
GetModuleHandleA
GetProcAddress
GetNamedPipeInfo
GetConsoleWindow
GetThreadPriority
SetConsoleScreenBufferSize
GetModuleFileNameW

ws2_32

select

shell32

SHEnumerateUnreadMailAccountsW
ExtractAssociatedIconExW
DragAcceptFiles

wininet

HttpSendRequestW

rpcrt4

I_RpcReceive

version

VerQueryValueA

user32

WinHelpW
GetKeyboardLayoutList
FlashWindowEx
CreateMenu
GetMonitorInfoW
SetScrollRange
GetShellWindow
ChildWindowFromPoint
GetKeyState
IsCharAlphaNumericA
GetUpdateRgn
WindowFromPoint

advapi32

StartServiceCtrlDispatcherA
CryptExportKey
LookupAccountSidW

psapi

EnumProcessModules

rasapi32

RasGetConnectionStatistics

winmm

midiOutShortMsg
waveOutGetDevCapsA

clusapi

ClusterRegEnumValue

winspool.drv

EnumMonitorsW

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

+aZzAW
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1ca0635f7fa6fd261294cda53fb1588

Headers

File Characteristics

Imports

msvcrt

oleaut32

crypt32

gdi32

kernel32

ws2_32

shell32

wininet

rpcrt4

version

user32

advapi32

psapi

rasapi32

winmm

clusapi

winspool.drv

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 136KB - Virtual size: 136KB

+aZzAW Size: 2.0MB - Virtual size: 2.0MB

.rsrc Size: 4KB - Virtual size: 1000B

.reloc Size: 40KB - Virtual size: 36KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 136KB - Virtual size: 136KB

+aZzAW
Size: 2.0MB - Virtual size: 2.0MB

.rsrc
Size: 4KB - Virtual size: 1000B

.reloc
Size: 40KB - Virtual size: 36KB