5e9ed31b7509f67317b4955eaeac26cd

Sharing

Copy URL Twitter E-mail

General

Target

5e9ed31b7509f67317b4955eaeac26cd
Size

53KB
MD5

5e9ed31b7509f67317b4955eaeac26cd
SHA1

5f679a3935b5ee5f53a94341920720ff9c5f5d57
SHA256

e09638304419d81c8735fcf51e9f51bce8a4438f595edf52804faceab15b9d71
SHA512

f34518c0a073a8564550a4b3607e4eb33ff5aa835c493891edef4d2fa2075a0a3983369d977cfbbb59c6b35d2457c3abd37909727bfc29484975a124ee6413d1
SSDEEP

1536:MvrHm9JV06E6m0EmkBmkZ1aAEcX0CI8Ef1:IC9Jjm0EmkSuBI8A1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e9ed31b7509f67317b4955eaeac26cd

Files

5e9ed31b7509f67317b4955eaeac26cd
.exe windows:4 windows x86 arch:x86

18f545dcc4e72fa1cb23ccb816327da3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AllocateAndInitializeSid
CloseServiceHandle
DeleteService
OpenSCManagerA
QueryServiceConfig2A
RegDeleteKeyA
RegEnumKeyExA
RegFlushKey
RegQueryValueExA
StartServiceA

kernel32

CompareStringA
CreateEventA
CreateFileA
CreateMutexA
CreateToolhelp32Snapshot
DeleteFileA
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
ExitThread
FileTimeToLocalFileTime
FindFirstFileA
FreeLibrary
GetACP
GetConsoleCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsA
GetFileSize
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetOEMCP
GetPrivateProfileSectionNamesA
GetProcessHeap
GetShortPathNameA
GetStringTypeA
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetThreadTimes
GetUserDefaultLCID
GetVersionExA
GetWindowsDirectoryA
GlobalLock
GlobalUnlock
HeapFree
HeapReAlloc
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
IsBadWritePtr
IsDebuggerPresent
IsValidCodePage
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LocalFree
MapViewOfFile
QueryPerformanceCounter
RaiseException
ReadFile
ReadProcessMemory
ReleaseMutex
RtlUnwind
SearchPathA
SetEnvironmentVariableA
SetErrorMode
SetFilePointer
SetLastError
SetUnhandledExceptionFilter
SizeofResource
SystemTimeToFileTime
TerminateProcess
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualProtect
VirtualQuery
WideCharToMultiByte
WritePrivateProfileStringA
lstrcmpA
lstrcmpiA
lstrlenA

user32

CharLowerA
CharPrevA
ClientToScreen
CreatePopupMenu
DestroyIcon
DrawFocusRect
DrawIcon
EnableMenuItem
GetAsyncKeyState
GetDesktopWindow
GetDlgItem
GetDlgItemTextA
GetForegroundWindow
GetKeyState
GetMessagePos
GetProcessWindowStation
GetWindowTextA
GetWindowTextLengthA
LoadBitmapA
LoadIconA
MessageBeep
MessageBoxA
MsgWaitForMultipleObjects
ReleaseCapture
SendMessageA
SetMenu
SetWindowRgn
SystemParametersInfoA
TrackPopupMenu

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.INIT
Size: 13KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18f545dcc4e72fa1cb23ccb816327da3

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 18KB - Virtual size: 20KB

.INIT Size: 13KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 16KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 18KB - Virtual size: 20KB

.INIT
Size: 13KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 16KB

.rsrc
Size: 1024B - Virtual size: 4KB