5a5b248c9d45ab796dae53e7cc7afddb4689d6a040381977aa5c85f4456a3dc2

Sharing

Copy URL Twitter E-mail

General

Target

5a5b248c9d45ab796dae53e7cc7afddb4689d6a040381977aa5c85f4456a3dc2
Size

6.7MB
MD5

5351247efc493f7db445e80ac2bc7cf1
SHA1

8fc3843a2d7572eab6a3a7f2fb0ad80e242ccc91
SHA256

5a5b248c9d45ab796dae53e7cc7afddb4689d6a040381977aa5c85f4456a3dc2
SHA512

89a077fcce5e42750b9974a25a1eef5c71ac79ae4d7c9b7c84bee786ba50ecd64b90ed203c9953b06e7ada3ad2e8b24f5f3088452318813f84907527f19044b7
SSDEEP

196608:Lys86sFchDjvgc4z2WloSnJdROcBANCGU:es8C9YcE2WpcG2C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a5b248c9d45ab796dae53e7cc7afddb4689d6a040381977aa5c85f4456a3dc2

Files

5a5b248c9d45ab796dae53e7cc7afddb4689d6a040381977aa5c85f4456a3dc2
.exe windows:5 windows x86

97ab3011c3ed54f1561d353193e158b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

LoadIconA
CharUpperBuffW

gdi32

GetTextMetricsA

winmm

midiStreamStop

winspool.drv

ClosePrinter

advapi32

RegQueryValueA

shell32

ShellExecuteA

ole32

CLSIDFromString

oleaut32

UnRegisterTypeLi

comctl32

ord17

ws2_32

inet_ntoa

comdlg32

GetSaveFileNameA

Sections

.text
Size: - Virtual size: 627KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 511KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HF'
Size: - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.:hn
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ZN:
Size: 6.7MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97ab3011c3ed54f1561d353193e158b5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

comdlg32

Sections

.text Size: - Virtual size: 627KB

.rdata Size: - Virtual size: 511KB

.data Size: - Virtual size: 247KB

.HF' Size: - Virtual size: 3.7MB

.:hn Size: 4KB - Virtual size: 2KB

.ZN: Size: 6.7MB - Virtual size: 6.7MB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: - Virtual size: 627KB

.rdata
Size: - Virtual size: 511KB

.data
Size: - Virtual size: 247KB

.HF'
Size: - Virtual size: 3.7MB

.:hn
Size: 4KB - Virtual size: 2KB

.ZN:
Size: 6.7MB - Virtual size: 6.7MB

.rsrc
Size: 12KB - Virtual size: 9KB