c5bd4a6e3aed29e04d5ff716a2074d2682787c434b3347840f87ba2cd98686bf

Sharing

Copy URL Twitter E-mail

General

Target

c5bd4a6e3aed29e04d5ff716a2074d2682787c434b3347840f87ba2cd98686bf
Size

1.9MB
MD5

b622f5705a51a87c194847e3edbb1a6b
SHA1

c5107b625005e23864ae9c6a615b722bbaab4c63
SHA256

c5bd4a6e3aed29e04d5ff716a2074d2682787c434b3347840f87ba2cd98686bf
SHA512

68f062234cdbc4534e61d19d9eb28f5709110b81599ba52b001e8de8bece7700fd96e777ab94ab0215cb26141c697faf7289d3493c27aa0ec47c26ba0ebae331
SSDEEP

49152:cZzt/L3flmDsUeaZYqzD+ABKXq8PcarbH:AZD3NmDsxaJX+3dH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5bd4a6e3aed29e04d5ff716a2074d2682787c434b3347840f87ba2cd98686bf

Files

c5bd4a6e3aed29e04d5ff716a2074d2682787c434b3347840f87ba2cd98686bf
.dll windows:5 windows x86

35246799c9351842fa1b740935363f4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

ExcludeClipRect
SetColorAdjustment

msvcrt

isleadbyte
malloc

user32

GetMessageA
ShowWindow
UnregisterClassW
GetUpdateRgn
UpdateWindow
BeginDeferWindowPos
PostMessageA
WaitForInputIdle
ReplyMessage
PostQuitMessage

shlwapi

StrStrA

kernel32

LocalLock
GetExitCodeProcess
GetProcessHeap
InterlockedPushEntrySList
DeleteCriticalSection
GetSystemTimeAsFileTime
SetEvent
WaitForSingleObject
VerLanguageNameA
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
VirtualAlloc
GetModuleHandleA
LoadLibraryExA
GetUserDefaultLCID
LoadLibraryA
GetModuleFileNameA
GetBinaryTypeA
PulseEvent

advapi32

SetServiceStatus
RegDisablePredefinedCache
EnumDependentServicesA
WriteEncryptedFileRaw

oleaut32

SysStringLen
SafeArrayCreate
SysAllocStringLen

ole32

CLIPFORMAT_UserUnmarshal

setupapi

SetupDiDestroyDeviceInfoList

lz32

LZOpenFileW
LZOpenFileA
LZSeek

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PACK
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35246799c9351842fa1b740935363f4e

Headers

File Characteristics

Imports

gdi32

msvcrt

user32

shlwapi

kernel32

advapi32

oleaut32

ole32

setupapi

lz32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 96KB - Virtual size: 98KB

PACK Size: 112KB - Virtual size: 110KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 40KB - Virtual size: 39KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 96KB - Virtual size: 98KB

PACK
Size: 112KB - Virtual size: 110KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 40KB - Virtual size: 39KB