5bcbce45b63d82717411cd7e7566d5a27d2303fcf4b8259b4245e14c4706d99b

Sharing

Copy URL Twitter E-mail

General

Target

5bcbce45b63d82717411cd7e7566d5a27d2303fcf4b8259b4245e14c4706d99b
Size

2.5MB
MD5

1db657ed4097ca4e0a6cdba360aea0d1
SHA1

d450bcc4d5ded0b825e286c17b0555cbb0869c0c
SHA256

5bcbce45b63d82717411cd7e7566d5a27d2303fcf4b8259b4245e14c4706d99b
SHA512

651b29d774896fad68bd759c1646637dc4ad2da80bc13d87840e7dbbdeb3bdae46adc9c2e0aae786813ddca4af7beada0131f931d98b7dff0544a2d4a70e56e5
SSDEEP

49152:lEzqmDJ4dNsimV8ej+822FxT6rvkZ3VBy/AomQcIAW1gKkpUQAjE+qoup:eGmDJ4Qfa8csZ3VBy/AomQcIAW1gKkp9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bcbce45b63d82717411cd7e7566d5a27d2303fcf4b8259b4245e14c4706d99b

Files

5bcbce45b63d82717411cd7e7566d5a27d2303fcf4b8259b4245e14c4706d99b
.exe windows:4 windows x86

2105ef12f12909f97e833064226f8e95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryA
GetFileAttributesA
GetFullPathNameA
GetSystemTime
FileTimeToSystemTime
GetTimeZoneInformation
GetProcAddress
LoadLibraryA
AreFileApisANSI
CloseHandle
GetLastError
WaitForSingleObject
GetExitCodeProcess
OpenProcess
FreeLibrary
GetStdHandle
GetConsoleMode
Sleep
VerSetConditionMask
IsWow64Process
FormatMessageA
GetProfileStringA
VerifyVersionInfoW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CreateDirectoryA
CreateFileA
DeleteFileA
RemoveDirectoryA
SetFileTime
FlushFileBuffers
GetFileSizeEx
GetFileTime
ReadFile
SetEndOfFile
SetFilePointer
WriteFile
ExitProcess
TlsAlloc
TlsGetValue
TlsSetValue
LocalAlloc
LocalFree
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
OpenFileMappingA
GetPrivateProfileIntA
GetEnvironmentVariableA
WritePrivateProfileStringA
GetPrivateProfileSectionA
WritePrivateProfileSectionA
CreateEventA
WaitForMultipleObjects
IsBadWritePtr
GetSystemTimeAsFileTime
FindClose
FindFirstFileA
FindNextFileA
ReleaseSemaphore
CreateSemaphoreA
OpenSemaphoreA
FlushInstructionCache
VirtualProtect
DeviceIoControl
LockFile
UnlockFile
IsBadStringPtrA
IsBadStringPtrW
GetDriveTypeA
WideCharToMultiByte
MultiByteToWideChar
MapViewOfFileEx
ReleaseMutex
CreateMutexA
SwitchToThread
GetProcessTimes
SetEnvironmentVariableA
ReadConsoleW
CreateFileW
WriteConsoleW
SetStdHandle
OutputDebugStringW
SetFilePointerEx
GetCurrentProcess
GetConsoleCP
HeapReAlloc
GetModuleFileNameW
GetOEMCP
IsValidCodePage
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetModuleHandleW
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
IsBadReadPtr
GetComputerNameA
GetWindowsDirectoryA
GetSystemDirectoryA
GetSystemInfo
SetLastError
GetModuleHandleA
GetModuleFileNameA
VirtualQuery
SetPriorityClass
TlsFree
SetThreadPriority
GetCurrentThread
TerminateProcess
GetProcessHeap
HeapFree
HeapAlloc
GetCurrentDirectoryA
SetConsoleCtrlHandler
OpenEventA
SetEvent
GetACP
SystemTimeToFileTime
GetTempPathA
GetLocalTime
GetDiskFreeSpaceA
GetUserDefaultUILanguage
GetExitCodeThread
GetCurrentThreadId
DuplicateHandle
GetTickCount
GetVersionExA
GetVersion
GetCurrentProcessId
GetPrivateProfileStringA
IsDebuggerPresent
LoadLibraryExW
GetCPInfo
GetModuleHandleExW
GetStartupInfoW
GetFileType
RtlUnwind
RaiseException
GetStringTypeW
DecodePointer
EncodePointer

user32

GetSystemMenu
AppendMenuA
LoadStringA
wsprintfA
DrawMenuBar
TranslateMessage
DispatchMessageA
GetSystemMetrics
MessageBoxA
CharLowerBuffA
CharUpperBuffA
CallMsgFilterA
PeekMessageA

shell32

ShellExecuteExA

advapi32

ReadEventLogA
StartServiceA
QueryServiceStatus
QueryServiceConfigA
OpenServiceA
OpenSCManagerA
CloseServiceHandle
RegFlushKey
RegDeleteKeyA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
GetUserNameA
ConvertStringSecurityDescriptorToSecurityDescriptorA
SetSecurityDescriptorSacl
GetSecurityDescriptorSacl
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
OpenEventLogA
CloseEventLog

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

ws2_32

WSAStartup
freeaddrinfo
getaddrinfo
gethostname
WSACleanup
gethostbyname
sendto
recvfrom
inet_addr
bind
getpeername
WSAGetLastError
socket
shutdown
setsockopt
send
select
recv
getsockopt
ioctlsocket
connect
closesocket
accept
__WSAFDIsSet
gethostbyaddr
inet_ntoa
htons

Sections

__wibu00
Size: 764KB - Virtual size: 760KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

__wibu01
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu02
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

__wibu03
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 272KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu04
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

__wibu05
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

__wibu06
Size: 48KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

__wibu07
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2105ef12f12909f97e833064226f8e95

Headers

File Characteristics

Imports

kernel32

user32

shell32

advapi32

version

ws2_32

Sections

__wibu00 Size: 764KB - Virtual size: 760KB

__wibu01 Size: 148KB - Virtual size: 146KB

__wibu02 Size: 12KB - Virtual size: 15KB

__wibu03 Size: 24KB - Virtual size: 22KB

.rsrc Size: 272KB - Virtual size: 269KB

__wibu04 Size: 1.3MB - Virtual size: 1.3MB

__wibu05 Size: 8KB - Virtual size: 8KB

__wibu06 Size: 48KB - Virtual size: 68KB

__wibu07 Size: 24KB - Virtual size: 24KB

__wibu00
Size: 764KB - Virtual size: 760KB

__wibu01
Size: 148KB - Virtual size: 146KB

__wibu02
Size: 12KB - Virtual size: 15KB

__wibu03
Size: 24KB - Virtual size: 22KB

.rsrc
Size: 272KB - Virtual size: 269KB

__wibu04
Size: 1.3MB - Virtual size: 1.3MB

__wibu05
Size: 8KB - Virtual size: 8KB

__wibu06
Size: 48KB - Virtual size: 68KB

__wibu07
Size: 24KB - Virtual size: 24KB