5437c7b78a87a6b0fd803f9067b3b6e1

General

Target

5437c7b78a87a6b0fd803f9067b3b6e1
Size

3.4MB
MD5

5437c7b78a87a6b0fd803f9067b3b6e1
SHA1

d95e6ef7de80874eb988e18b37cb89e3f3cd87e2
SHA256

ec8f7642a8b19185db2898d10db3fa2ad9acb9083b1730c9e97b88d779c32527
SHA512

3cb59131c8c512894194f8e8893703d052e2c7300ccb9c87c8832185f556d70da0aa4aebb39db40706debc0c58af92f0cfa5adad124b990a77b6f994e16208c7
SSDEEP

98304:OpPh1ip6NaUyfMBrK7pTAOWYQ+VQN/tRwGoKUpnK:Od8LUoMBrGsr+WxvJBUpnK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5437c7b78a87a6b0fd803f9067b3b6e1

Files

5437c7b78a87a6b0fd803f9067b3b6e1
.exe .ps1 windows:4 windows x86 arch:x86 polyglot

988f5d45f29b95ccf6df8ceb6b17a7f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetCurrentProcess
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetProcAddress
TerminateProcess
UnhandledExceptionFilter
Sleep
FreeLibrary
SetLastError
HeapAlloc
LocalFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
WriteFile
GetProcessHeap
GetCommandLineW
FindClose
ReadFile
SetEvent
FormatMessageW
TlsGetValue
HeapReAlloc
FlushFileBuffers
TlsAlloc
HeapSize
LoadLibraryW
CreateThread
GetCPInfo
TlsFree
LCMapStringW
GetOEMCP
GetEnvironmentStringsW
SetStdHandle
FreeEnvironmentStringsW
IsValidCodePage
DeleteFileW
VirtualAlloc
GetConsoleCP
LocalAlloc
GetCommandLineA
DecodePointer
ResetEvent
GetVersionExW
GetLocaleInfoW
CreateDirectoryW
UnmapViewOfFile
GetExitCodeProcess
CreateProcessW

user32

LoadStringW
DefWindowProcW
MessageBoxW
PostQuitMessage
SetWindowLongW
GetWindowLongW
GetMessageW
GetDlgItem
GetSystemMetrics
GetWindowRect
PostMessageW
SendMessageW
EnableWindow
IsWindow
LoadCursorW
GetParent
SetWindowTextW
SetTimer
LoadIconW
SetForegroundWindow
SetCursor
KillTimer
RegisterClassW
GetWindow
GetWindowTextW
SystemParametersInfoW
GetKeyState
MessageBoxA
ClientToScreen

Sections

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

988f5d45f29b95ccf6df8ceb6b17a7f1

Headers

File Characteristics

Imports

kernel32

user32

Sections

.rdata Size: 3.4MB - Virtual size: 3.4MB

.text Size: 6KB - Virtual size: 6KB

.data Size: - Virtual size: 612KB

.idata Size: 2KB - Virtual size: 1KB

.rdata
Size: 3.4MB - Virtual size: 3.4MB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: - Virtual size: 612KB

.idata
Size: 2KB - Virtual size: 1KB