5e88cc3c52fd7fdcbe65a9d7dca1db4b

General

Target

5e88cc3c52fd7fdcbe65a9d7dca1db4b
Size

219KB
MD5

5e88cc3c52fd7fdcbe65a9d7dca1db4b
SHA1

dd501697b2391c3105e428c208e132f7bb36686f
SHA256

29f803bec5bd1908d5d08ae7c523382febc61b8598285c4c54c070fb2a693dcc
SHA512

3bde0e9df7e221c36273f73f8092cc329050f0016795c513ea8915e314973d08e10ea77aebdae2ef8f4b1bf1649b923654a92afa2bd90328433fee718620ce0b
SSDEEP

3072:LyvafjVauqPVtGsTtpWn1ynqTqrlDpYd2x0zUAvWR4swXK:L9hqPyOt5QKlDpYd2xKdyPw6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e88cc3c52fd7fdcbe65a9d7dca1db4b

Files

5e88cc3c52fd7fdcbe65a9d7dca1db4b
.exe windows:5 windows x86 arch:x86

b4fbbb890bb480277f9b57ea85266215

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

CopyBindInfo
HlinkNavigateMoniker
FindMediaType

kernel32

InterlockedIncrement
EnumResourceTypesA
WriteFileGather
SetVolumeMountPointA
GetWriteWatch
GetFileSize
GetCommandLineA
HeapSetInformation
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
WideCharToMultiByte
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapFree
Sleep
WriteConsoleW
MultiByteToWideChar
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
CompareStringW
SetEnvironmentVariableA
LoadLibraryW
HeapAlloc
HeapReAlloc
CreateFileW
CloseHandle
GetStringTypeW
IsProcessorFeaturePresent
LCMapStringW
HeapSize

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4fbbb890bb480277f9b57ea85266215

Headers

DLL Characteristics

File Characteristics

Imports

urlmon

kernel32

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 6KB - Virtual size: 9KB

.rsrc Size: 165KB - Virtual size: 165KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 6KB - Virtual size: 9KB

.rsrc
Size: 165KB - Virtual size: 165KB