5ed944de1ae25667d58782a780067b40

General

Target

5ed944de1ae25667d58782a780067b40
Size

136KB
MD5

5ed944de1ae25667d58782a780067b40
SHA1

15be83dc3c0dfa7345b20d225f385404906d6d6e
SHA256

f014355fa0bacb4bd41895a2239e8e836fbf6b279ec03d778b6add0f3774ff46
SHA512

30269a607bacce583374a35a3d3050269040779943efbb272f3c6d893fea832bcc38526fb74197750f2cb3623c807588885793cac1d70a7db45d16a00fbcf05b
SSDEEP

3072:uyp/YfjY4JfGM4PRdq6EjHds7u3ZjkGY+5Ws84+6Sj:WfjX+vZd5j6jkGY+8sGxj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ed944de1ae25667d58782a780067b40

Files

5ed944de1ae25667d58782a780067b40
.exe windows:4 windows x86 arch:x86

f324df7e22ba66d1139f9494c98b2006

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

BitBlt
PtVisible
RectVisible
MaskBlt
SelectObject
SetBkColor
GetBrushOrgEx
SetMapMode
SetStretchBltMode
EndPage
GetStockObject
SetBkMode
SetColorSpace
CreatePatternBrush
DeleteDC
GetTextMetricsA
SetWindowExtEx
SelectClipPath
EndDoc
SetTextColor
DeleteObject
UnrealizeObject
GetPixel
MoveToEx
CreateBitmap
SetBrushOrgEx
SelectPalette
StretchBlt
ScaleViewportExtEx
SetDIBColorTable
ExcludeClipRect
CreateRectRgn
SetViewportOrgEx
SetROP2
SaveDC
LPtoDP
GetDeviceCaps
GetClipBox
Chord
GetEnhMetaFilePaletteEntries
LineTo
BeginPath
EndPath
GetPaletteEntries
StartPage
CreateCompatibleBitmap
IntersectClipRect
OffsetViewportOrgEx
GetDCOrgEx
DPtoLP
GetDIBColorTable
GetCharWidth32A
CreatePen
PlayEnhMetaFile
PatBlt

kernel32

GlobalFindAtomA
GlobalFindAtomW
lstrcmpiA
GetConsoleOutputCP
GetLastError
GetModuleHandleW
DeleteFileA
GetOEMCP
GetUserDefaultLangID
lstrlenW
MulDiv
lstrcmpA
GetTickCount
GetCommandLineA
GetACP
GetThreadLocale
GetCurrentThread
CopyFileA
GetProcessHeap
IsDebuggerPresent
lstrlenA
RemoveDirectoryA
GetCurrentThreadId
GetCommandLineW
DeleteFileW
SetCurrentDirectoryA
GetVersion
lstrcmpiW
SetLastError
GetModuleHandleA
GetCurrentProcess
VirtualAlloc

user32

CharNextA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f324df7e22ba66d1139f9494c98b2006

Headers

File Characteristics

Imports

gdi32

kernel32

user32

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 16KB - Virtual size: 80KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 16KB - Virtual size: 80KB