5eb02d2c43820f78a38ad285a7a51156

Sharing

Copy URL Twitter E-mail

General

Target

5eb02d2c43820f78a38ad285a7a51156
Size

164KB
MD5

5eb02d2c43820f78a38ad285a7a51156
SHA1

6365da447cafa2a2ffb1e348c5a4cc1d0d9c1a3d
SHA256

e17558fcde60278b03814d87bec5db499f24f91c66ce347828ff995312d58030
SHA512

49941cee7d5d52ff4e38ae592a7dd2678b485fa75685f98bc007c403ff30cb11b7bf363c2bf794935acfdad972ca3ceedfa72763032067e0dd090f25c359b00f
SSDEEP

1536:WXL3Uh/S5bXh0HtImApI0Ls7zk8LHhjF5HpaGvKRtIXm4tw1/a8KIK/BYxH9f50Z:W2K+dC7onk8LHhB54pj4tQ/PE2HFngb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5eb02d2c43820f78a38ad285a7a51156

Files

5eb02d2c43820f78a38ad285a7a51156
.exe windows:5 windows x86 arch:x86

864d78c2421a2ca26948a9df22b0ea18

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetStockObject
CreateCompatibleDC
SelectPalette
GetTextMetricsA
CreatePen
GetClipBox
GetDeviceCaps
SetMapMode
CreatePalette
RestoreDC
LineTo
DeleteObject
GetObjectA
SetTextColor
SetStretchBltMode
PatBlt
CreateFontIndirectA
SelectObject
SetTextAlign
RectVisible
SaveDC
GetPixel
DeleteDC

kernel32

GetCurrentThread
IsDebuggerPresent
GetVersion
lstrcmpiW
GetWindowsDirectoryA
QueryPerformanceCounter
GetCommandLineW
GetUserDefaultLangID
GetModuleHandleW
GetOEMCP
GetDriveTypeA
GlobalFindAtomW
GetProcessHeap
lstrcmpiA
lstrcmpA
SetCurrentDirectoryA
GetACP
RemoveDirectoryA
GlobalFindAtomA
DeleteFileA
GetCurrentThreadId
GetStartupInfoA
GetConsoleOutputCP
DeleteFileW
GetModuleHandleA
lstrlenW
GetThreadLocale
GetCurrentProcessId
lstrlenA
GetTickCount
GetCurrentProcess
CopyFileA
GetCommandLineA
MulDiv
VirtualAlloc
VirtualFree

user32

GetParent
GetDC
CharNextA
TranslateMessage
GetSystemMetrics
GetDesktopWindow

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Pxhdq Oa
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Cqy, Qer
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

864d78c2421a2ca26948a9df22b0ea18

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

user32

glu32

Sections

.text Size: 10KB - Virtual size: 9KB

Pxhdq Oa Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 24KB

Cqy, Qer Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 27KB - Virtual size: 26KB

.text
Size: 10KB - Virtual size: 9KB

Pxhdq Oa
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 24KB

Cqy, Qer
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 27KB - Virtual size: 26KB