5a9b761e9c96dbedd82a73763a9dbd8f

Sharing

Copy URL Twitter E-mail

General

Target

5a9b761e9c96dbedd82a73763a9dbd8f
Size

184KB
MD5

5a9b761e9c96dbedd82a73763a9dbd8f
SHA1

c348e9d2f3b293714ef023d70e4f649a561e1350
SHA256

e3982aa9bb888cf4fc3c36ab2c4b84f5d32277d79ff7deb5616ad00505aef169
SHA512

cd9f9c0046ceb23710d70168d0c26b33f02ec5b899ffc982eb332e1ebf33f20c0e147fdbd0f201b0e1cb5db4d55ebb8c088e0046106cdc54300ed7df7612a834
SSDEEP

3072:L2w3U0qPvsLxmEUxUFdNVjR0y2Db1dLQku+z+S2SVn+fQ5ercN9hFM:L2wLCvAxTUxcrj6zDbDLQ3i+y9+Y0OM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a9b761e9c96dbedd82a73763a9dbd8f

Files

5a9b761e9c96dbedd82a73763a9dbd8f
.exe windows:4 windows x86 arch:x86

41d0498ff5a41e7d87c7feb45a0ab5fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

psapi

GetProcessMemoryInfo

kernel32

InterlockedCompareExchange
_lclose
GetFullPathNameA
GetStringTypeExW
GetCurrentProcess
CreateFiberEx
RaiseException
AreFileApisANSI
SetUnhandledExceptionFilter
Sleep
GetFileSize
FindResourceExW
FindNextFileW
DeleteCriticalSection
HeapSize
lstrlenW
QueryPerformanceCounter
SetFileAttributesW
GetVersionExW
SetFileAttributesA
EnumResourceTypesW
FreeResource
LoadLibraryExA
RemoveDirectoryW
ReadFile
EnumResourceNamesW
InterlockedExchange
HeapReAlloc
GetCurrentDirectoryW
GetLocaleInfoA
GetTickCount
InterlockedIncrement
GetLastError
FindClose
GetFileAttributesW
EscapeCommFunction
LockResource
CloseHandle
GetEnvironmentVariableA
GetCurrentThreadId
EnterCriticalSection
HeapAlloc
GlobalAlloc
CreateFileMappingA
GetSystemDirectoryA
HeapFree
GetACP
CreateFileA
IsDebuggerPresent
lstrlenA
UnhandledExceptionFilter
LeaveCriticalSection
FreeLibrary
EnumResourceNamesA
CreateDirectoryA
SizeofResource
CopyFileW
lstrcmpiA
GetOEMCP
MultiByteToWideChar
GetTempPathW
DeleteFileW
DebugBreak
_lread
TerminateProcess
MapViewOfFile
GetThreadLocale
GetProcessHeap
GetModuleHandleW
LoadResource
InterlockedDecrement
SetEndOfFile
FatalExit
FindResourceW
SetLastError
ExitProcess
GlobalLock
CopyFileA
SetFilePointer
DeleteFileA
GetCommandLineW
FormatMessageW
LocalFree
MoveFileW
CreateDirectoryW
RemoveDirectoryA
CreateFileW
UpdateResourceW
OutputDebugStringA
GlobalUnlock
GetProcAddress
InitializeCriticalSection
EndUpdateResourceW
_llseek
GlobalFree
HeapDestroy
LoadLibraryA
FindFirstFileA
GetSystemTimeAsFileTime
WriteFile
UnmapViewOfFile
FindNextFileA
BeginUpdateResourceW
GetTempFileNameW
GetCurrentProcessId
_lwrite
WideCharToMultiByte
FindFirstFileW
EnumResourceLanguagesW
GetVersion
LoadLibraryExW
GetVersionExA
GetFileInformationByHandle
GetFileAttributesA
GetFullPathNameW
lstrcpyA

user32

MonitorFromWindow
wsprintfW
CharNextA
CharNextW

advapi32

CryptHashData
CryptCreateHash
CryptReleaseContext
CryptAcquireContextA
CryptGetHashParam
CryptDestroyHash

shell32

CommandLineToArgvW

imagehlp

ImageNtHeader
ImageGetDigestStream
ImageRvaToVa
ImageDirectoryEntryToData

msvfw32

ICInfo

Sections

.text
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41d0498ff5a41e7d87c7feb45a0ab5fe

Headers

File Characteristics

Imports

psapi

kernel32

user32

advapi32

shell32

imagehlp

msvfw32

Sections

.text Size: 162KB - Virtual size: 162KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 15KB

.lib Size: 512B - Virtual size: 76KB

.text
Size: 162KB - Virtual size: 162KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 15KB

.lib
Size: 512B - Virtual size: 76KB