5ea3747645a908d3c660be23a2bd7253

General

Target

5ea3747645a908d3c660be23a2bd7253
Size

48KB
MD5

5ea3747645a908d3c660be23a2bd7253
SHA1

91009fcb942a8cf591c9f3ab016b1af4aff7b0ce
SHA256

8f76ecc1fe2a1ab15c0038676f9079a5de296f83fb8851cf755ec6b85a07052c
SHA512

7e23a431e19e2edef018e27b6b5f143867c72d16b089251f270cb7d685043d22d7bfef95d28d9de8dbb19b7fab63af65246fa38f9266d3271fa6966bbe4fafbe
SSDEEP

768:IQIRzB1CgEElIA9KalSE1iLiB9jZjISuFPbdok94P:SRB1jBKOSEnjhujoko

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ea3747645a908d3c660be23a2bd7253

Files

5ea3747645a908d3c660be23a2bd7253
.exe windows:4 windows x86 arch:x86

4d1c38dc8c4f80fb48dcac8bcf19e28a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetLastError
Sleep
OutputDebugStringA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
CreateMutexA
CloseHandle
DeleteCriticalSection
FreeLibrary
CreateThread
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
SetPriorityClass
GetProcAddress
LoadLibraryA
LCMapStringA
SetStdHandle
GetOEMCP
WaitForMultipleObjects
TerminateThread
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetFilePointer
FlushFileBuffers
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
LCMapStringW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
WriteFile
ExitProcess
TerminateProcess
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc

user32

LoadStringA
wsprintfA

gdi32

GetBkMode

wpcap

pcap_stats
pcap_open_live
pcap_compile
pcap_setfilter
pcap_sendpacket
pcap_loop
pcap_freealldevs
pcap_findalldevs
pcap_close

ws2_32

inet_addr
ntohs
WSACleanup
htonl
WSAStartup
htons

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d1c38dc8c4f80fb48dcac8bcf19e28a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

wpcap

ws2_32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 136B

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 136B