5b37f0f78cccd7d8566b090ce6c0722c

Sharing

Copy URL Twitter E-mail

General

Target

5b37f0f78cccd7d8566b090ce6c0722c
Size

48KB
MD5

5b37f0f78cccd7d8566b090ce6c0722c
SHA1

a326fd2adbb21051035b0cc0293817b4358eff14
SHA256

dcb4de059b7341c99d950bf3c708a6c7908ede37621d296a2dd290f09aa06b04
SHA512

6ceb82216edce3f2634562db36468e84bcd1a61463b8b7963d1f5a4ef46f6238afbab3e9489924e65ef9c3b975e6654a317e1d6847ed412422f172e6c2a1bc8d
SSDEEP

768:L27LQ53lTiDy3yPLxmLanHL9QL9241unaEOxDv:LL53wAyzxmLanHLKLcZ6D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b37f0f78cccd7d8566b090ce6c0722c

Files

5b37f0f78cccd7d8566b090ce6c0722c
.dll windows:4 windows x86 arch:x86

73c394a131d480551e70fffc286a334e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
CloseHandle
GetModuleFileNameA
OpenProcess
GetSystemInfo
VirtualProtect
HeapSize
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
InitializeCriticalSection
HeapReAlloc
VirtualAlloc
GetCPInfo
GetOEMCP
GetACP
EnterCriticalSection
LeaveCriticalSection
VirtualQuery
InterlockedExchange
ExitProcess
GetCurrentThreadId
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
LoadLibraryA
RtlUnwind

user32

SetWindowsHookExA
CallNextHookEx
GetForegroundWindow
ChangeDisplaySettingsA
SetTimer
SendMessageA
CopyIcon
LoadIconA
GetWindowLongA
UnhookWindowsHookEx
DefWindowProcA
SetCapture
GetClientRect
CallWindowProcA
GetWindowThreadProcessId
GetWindowTextA
KillTimer
MessageBoxA
GetWindow
GetMenu
AdjustWindowRectEx
SetWindowPos
ShowCursor
ShowWindow
SetWindowLongA
RegisterWindowMessageA
ReleaseCapture

shell32

Shell_NotifyIconA
SHGetFileInfoA

Exports

Exports

IH
SR
UIH

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARE
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73c394a131d480551e70fffc286a334e

Headers

File Characteristics

Imports

kernel32

user32

shell32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 4KB

.SHARE Size: 4KB - Virtual size: 24B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 4KB

.SHARE
Size: 4KB - Virtual size: 24B

.reloc
Size: 4KB - Virtual size: 3KB