b5fb19fca767b32e70115e5669adca3ef5f8cbb02aab99ad70f9916d0972b2dd

Sharing

Copy URL Twitter E-mail

General

Target

b5fb19fca767b32e70115e5669adca3ef5f8cbb02aab99ad70f9916d0972b2dd
Size

116KB
MD5

7f759ac50a73327664a830e558c7ef42
SHA1

19d9cc56c5e591c926c0b0251ef3a84c2978ad5a
SHA256

b5fb19fca767b32e70115e5669adca3ef5f8cbb02aab99ad70f9916d0972b2dd
SHA512

3c408fb9cd4c2e002c445512695e323485fb257bebc060a37779084b9463070c8ed25158d4e4408c3cf0c71f56d7ac79937952bafc0764bbd7f26b25e5b24431
SSDEEP

3072:bF8i+7uODmNXND+h3fqGSHdS1SH94YoQ/zWFRFgiJ+FV+dDe58YnbGLjaqdxd1K:x8i5xqzcc1SH94YY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5fb19fca767b32e70115e5669adca3ef5f8cbb02aab99ad70f9916d0972b2dd

Files

b5fb19fca767b32e70115e5669adca3ef5f8cbb02aab99ad70f9916d0972b2dd
.exe windows:5 windows x64

3732879eae6ac9ecd9bc071df7ddae71

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

BeginPaint
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
EndDialog
wsprintfW
UpdateWindow
TranslateMessage
TranslateAcceleratorW
ShowWindow
SetTimer
SetRect
SetCapture
SendMessageW
ReleaseDC
ReleaseCapture
RegisterClassExW
RedrawWindow
PtInRect
PostQuitMessage
MoveWindow
MonitorFromRect
LoadStringW
LoadImageW
LoadIconW
LoadCursorW
LoadBitmapW
LoadAcceleratorsW
IntersectRect
GetMonitorInfoW
GetSystemMetrics
GetSysColorBrush
GetMessageW
GetMenu
GetDC
EndPaint
DispatchMessageW
DialogBoxParamW
DefWindowProcW
CreateWindowExW
CheckMenuItem
AdjustWindowRect

gdi32

BitBlt
DeleteDC
DeleteObject
SelectObject
CreateCompatibleDC

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW

shell32

ShellAboutW

msvcrt

_wcmdln
__winitenv
_initterm
_fpreset
_cexit
exit
__lconv_init
malloc
signal
__setusermatherr
memcmp
__set_app_type
__wgetmainargs
time
rand
srand
memset
memcpy
strcpy
strcmp
strlen
memmove
strchr
strcspn
bsearch
sprintf
_amsg_exit

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
Sleep
SetUnhandledExceptionFilter
GetStartupInfoW
GetProcAddress
SetLastError
LocalReAlloc
QueryPerformanceCounter
LocalAlloc
GetLastError
GetEnvironmentVariableA
lstrlenW
lstrcpynW
InitializeCriticalSection
TlsGetValue
LeaveCriticalSection
ExitProcess
GetTickCount
GetModuleHandleA
LoadLibraryW
DeleteCriticalSection
LocalFree
EnterCriticalSection

ntdll

vDbgPrintExWithPrefix

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3732879eae6ac9ecd9bc071df7ddae71

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

advapi32

shell32

msvcrt

kernel32

ntdll

Sections

.text Size: 27KB - Virtual size: 26KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 8KB

.pdata Size: 1024B - Virtual size: 804B

.rsrc Size: 80KB - Virtual size: 80KB

.reloc Size: 512B - Virtual size: 60B

.text
Size: 27KB - Virtual size: 26KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 8KB

.pdata
Size: 1024B - Virtual size: 804B

.rsrc
Size: 80KB - Virtual size: 80KB

.reloc
Size: 512B - Virtual size: 60B