b5da7baab1d82fe96459087a0f484a9f81dffa8b7df330092f8302e1f5578b30

Sharing

Copy URL Twitter E-mail

General

Target

b5da7baab1d82fe96459087a0f484a9f81dffa8b7df330092f8302e1f5578b30
Size

90KB
MD5

0601d106f838b9a3a2fd4eb696c12b62
SHA1

032b3b8118fb3243993618e8f9f465435998e024
SHA256

b5da7baab1d82fe96459087a0f484a9f81dffa8b7df330092f8302e1f5578b30
SHA512

b391e72c79a61ce7e2eb4cd82ca7f5520630ed993323b9593be4c999c24191077557fab90b0a1bd302be269f1a59413695742c9099599435632507ee95396321
SSDEEP

1536:ubhXZl/fegOIh+jTjxAz7S1knxpQYZkVzYu8vDC4Q+qp8lQ:AdZpfeC+jTlA7S1kngYZkute4Q+qmlQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5da7baab1d82fe96459087a0f484a9f81dffa8b7df330092f8302e1f5578b30

Files

b5da7baab1d82fe96459087a0f484a9f81dffa8b7df330092f8302e1f5578b30
.exe windows:6 windows x64

ce4cf013ef12f60fb7ebf35de198aadd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WriteFile
GetProcAddress
LoadLibraryA
GetModuleFileNameA
CloseHandle
HeapAlloc
EncodePointer
DecodePointer
ReadFile
GetCommandLineA
RtlPcToFileHeader
RaiseException
RtlLookupFunctionEntry
RtlUnwindEx
IsDebuggerPresent
IsProcessorFeaturePresent
GetLastError
ExitProcess
GetModuleHandleExW
AreFileApisANSI
MultiByteToWideChar
GetStdHandle
GetModuleFileNameW
GetProcessHeap
HeapSize
Sleep
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetConsoleMode
ReadConsoleW
HeapFree
SetFilePointer
SetFilePointerEx
GetFileType
DeleteCriticalSection
InitOnceExecuteOnce
GetStartupInfoW
SetLastError
GetCurrentThreadId
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetCurrentProcess
TerminateProcess
GetModuleHandleW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
OutputDebugStringW
LoadLibraryW
HeapReAlloc
SetStdHandle
LCMapStringEx
FlushFileBuffers
GetConsoleCP
GetStringTypeW
CreateFileW
WriteConsoleW
SetEndOfFile

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce4cf013ef12f60fb7ebf35de198aadd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 53KB - Virtual size: 52KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 5KB - Virtual size: 14KB

.pdata Size: 3KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 488B

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 53KB - Virtual size: 52KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 5KB - Virtual size: 14KB

.pdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 3KB - Virtual size: 3KB