5eb386a85912a7561131368d6f8c50a9

Sharing

Copy URL Twitter E-mail

General

Target

5eb386a85912a7561131368d6f8c50a9
Size

167KB
MD5

5eb386a85912a7561131368d6f8c50a9
SHA1

1c66e0aabecad24876a637236d16335b127c6004
SHA256

e0925691b1550bd7c5092e23b57beb3b05118cb523e171a6a3e8be673c455879
SHA512

89e98969c0ded7bcce3e0d360dad0ab23ba07be1a8e1d725214d7ebed048beea8e732e798814124494d82481c0d0ffcca98474abdd90b565137ec517ba9ec73c
SSDEEP

3072:rlRK83J5zUelGmScP2cFMFMcXTMjp+Z9vhHWyJnDWuh1Yjaoid:rlRK8TXlSAspXTCkvw4DO0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5eb386a85912a7561131368d6f8c50a9

Files

5eb386a85912a7561131368d6f8c50a9
.exe windows:4 windows x86 arch:x86

d147ef5d73e7bf5568a9e1ff29ee3a34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CoCreateGuid
CoUninitialize
StringFromGUID2
CoInitialize
CoSetProxyBlanket

kernel32

GetFileType
GetCPInfo
HeapAlloc
GetProcAddress
LCMapStringA
LoadLibraryA
SetHandleCount
GetACP
GetCurrentThreadId
TlsFree
RaiseException
IsValidCodePage
FreeEnvironmentStringsW
MultiByteToWideChar
GetSystemTimeAsFileTime
GetThreadPriority
TlsGetValue
GetModuleFileNameA
CreateFileA
IsDebuggerPresent
TlsAlloc
GetModuleHandleA
GetConsoleMode
GetCommandLineA
SetCommTimeouts
VirtualFree
TerminateProcess
GetOEMCP
GetFullPathNameW
GetProcessHeap
GetLastError
HeapSize
GetLocaleInfoA
EnumSystemLocalesA
InterlockedDecrement
InterlockedIncrement
RtlUnwind
DeleteCriticalSection
GetModuleFileNameW
SetFilePointer
WriteConsoleW
LCMapStringW
EnumResourceNamesA
GetCurrentProcess
HeapFree
SetStdHandle
GetStringTypeW
GlobalAlloc
VirtualAlloc
GetCurrentDirectoryW
GetUserDefaultLCID
SetUnhandledExceptionFilter
GetStdHandle
GetEnvironmentStrings
UnhandledExceptionFilter
GetStartupInfoA
ExitProcess
ReadFile
SetLastError
GetEnvironmentStringsW
TlsSetValue
HeapDestroy
FreeEnvironmentStringsA
WideCharToMultiByte
LeaveCriticalSection
Sleep
HeapReAlloc
GetLocaleInfoW
InitializeCriticalSection
QueryPerformanceCounter
ExitProcess
FlushFileBuffers
GetCurrentProcessId
EnterCriticalSection
WriteConsoleA
GetConsoleOutputCP
GetVersionExA
WriteFile
CloseHandle
IsValidLocale
SetEndOfFile
GetStringTypeA
GetTickCount
GetConsoleCP
HeapCreate
GetFullPathNameA

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

shlwapi

SHDeleteKeyW

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

user32

GetClassLongA
MessageBoxW

rpcrt4

UuidCreate

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d147ef5d73e7bf5568a9e1ff29ee3a34

Headers

File Characteristics

Imports

ole32

kernel32

shell32

shlwapi

advapi32

user32

rpcrt4

Sections

.text Size: 135KB - Virtual size: 135KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 27KB - Virtual size: 27KB

.crt Size: 512B - Virtual size: 76KB

.text
Size: 135KB - Virtual size: 135KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 27KB - Virtual size: 27KB

.crt
Size: 512B - Virtual size: 76KB