5b72f235b385143f4afa2736b0f41d0d

General

Target

5b72f235b385143f4afa2736b0f41d0d
Size

184KB
MD5

5b72f235b385143f4afa2736b0f41d0d
SHA1

a76f9988f0849dbfc2082492460183d49f9e1b44
SHA256

bdcb710ae56667b018713ad19f432c21b39b88a3b3138b6b472ab0128ea46879
SHA512

77bf18fc51ef9a39c73cac6663152e144bef65fdfd826d18da0bf433fe1d93cef5c0dfd8103a605c7248e2eb000972237efdd6841620ce24d0b523b123ee6bdd
SSDEEP

3072:NuxTc/3F9wZFJfoxxXLaekKQZ7nydEu3myyM7NE9ap9VBciNxBhdmgzH8Km30q:NuOUZFJfoxxXLaekKQg3my9vp9VP7BLI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b72f235b385143f4afa2736b0f41d0d

Files

5b72f235b385143f4afa2736b0f41d0d
.exe windows:4 windows x86 arch:x86

ad025e3745286c8c625875e852e2a591

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CloseHandle
lstrlenA
CreateFileA
WriteFile
WaitForSingleObject
CreateProcessA
FreeResource
GetVersionExA
SizeofResource
LoadResource
FindResourceA
GetWindowsDirectoryA
GetSystemDirectoryA
DeleteFileA
RemoveDirectoryA
CreateDirectoryA
GetLocaleInfoA
GetACP
LockResource
GetSystemInfo
VirtualProtect
GetStringTypeW
GetStringTypeA
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
TerminateProcess
GetCurrentProcess
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
LoadLibraryA
GetOEMCP
GetCPInfo
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
LCMapStringA
MultiByteToWideChar
LCMapStringW
VirtualQuery

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

shell32

ShellExecuteA

wininet

InternetGetCookieA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad025e3745286c8c625875e852e2a591

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

wininet

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 148KB - Virtual size: 148KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 148KB - Virtual size: 148KB