5bdc659cb35e3b14156552326c992337

Sharing

Copy URL Twitter E-mail

General

Target

5bdc659cb35e3b14156552326c992337
Size

1.3MB
MD5

5bdc659cb35e3b14156552326c992337
SHA1

a942dd83a10736a7b0db0ab764efb9948aee4ea3
SHA256

8bffd7221ecef0bf2fe78460e64b7e46ea5c9075625a486b540eebb79e84789a
SHA512

19bb90ba601198e51468a6b51c54b5c4fb7d13fea1a2a6e7a841ae6eacc3969c97ea07ac7caae64eacb03f66e2fb855f36fbe96ae66e010dd54aae2a5e6044e3
SSDEEP

24576:oCKUDD6ccZNlSW82H+kZo9DBWo1Qj0rUwn0xl/oUK/fBsdquKglZc:o9A63BJeWGCpwyiBuJ7c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bdc659cb35e3b14156552326c992337

Files

5bdc659cb35e3b14156552326c992337
.exe windows:4 windows x86 arch:x86

93b2271f2fd40cae446bbb9074ab2cf5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess
GetStartupInfoA
SetConsoleCtrlHandler
GetVersion
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
GetCurrentProcessId
GlobalLock
GetWindowsDirectoryW
LockFile
GetComputerNameW
InitializeCriticalSection
GetCurrentProcess
GetTimeZoneInformation
GetModuleHandleA
GetCurrentThreadId
GetACP
GetDriveTypeA
GetFileSize
InterlockedDecrement
GetFileType
GetTempPathW
GetCommandLineA
VirtualProtect
HeapAlloc
LoadResource
SetConsoleCP
DisableThreadLibraryCalls
GetStdHandle
GetOEMCP
SetStdHandle
lstrlenA
GetFileAttributesW
GetCommandLineW
CopyFileW
GetLastError
GlobalFree
GetProcessHeap

gdi32

GetObjectA
GetStockObject
CreateDIBitmap

msvcrt

?terminate@@YAXXZ

ole32

CoTaskMemFree
CoTaskMemAlloc
CoMarshalHresult

advapi32

RegCloseKey

user32

InvalidateRect
DrawIconEx
SetActiveWindow
SetWindowLongW
EnumThreadWindows
SetTimer
MessageBoxW
GetMessageW
MessageBoxA
DeleteMenu
MsgWaitForMultipleObjects
GetDC

lz32

LZDone

version

GetFileVersionInfoA

Sections

.text
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93b2271f2fd40cae446bbb9074ab2cf5

Headers

File Characteristics

Imports

kernel32

gdi32

msvcrt

ole32

advapi32

user32

lz32

version

Sections

.text Size: 182KB - Virtual size: 182KB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.idata Size: 512B - Virtual size: 1.5MB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 512B - Virtual size: 268B

.text
Size: 182KB - Virtual size: 182KB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.idata
Size: 512B - Virtual size: 1.5MB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 512B - Virtual size: 268B