5f03e66eab809602e8ccec2a563936be

Sharing

Copy URL Twitter E-mail

General

Target

5f03e66eab809602e8ccec2a563936be
Size

847KB
MD5

5f03e66eab809602e8ccec2a563936be
SHA1

77a06d1628c47dbca8d63fd63f08cebd7d1eb6c3
SHA256

17e04523de8e3894917cbf96866428210c4ea17e5e529c88ac3a930ad29dc2a9
SHA512

a55d6aea9a75148f2224e550b610e083fe3c3f20f781fb175808700e9e3530a3f227f68a16d1abd369b683b6ed2e4864640f7ca94afc12383776f4d8adf98e1f
SSDEEP

24576:d4BTgyFlmk/pqqoSsgasOMKpKHqBfbn68DHFFE6IxnbOI:aBTgr/Ssgarr9rRzE6mbOI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f03e66eab809602e8ccec2a563936be

Files

5f03e66eab809602e8ccec2a563936be
.exe windows:5 windows x86 arch:x86

655ab7358b6f843796212e0b8106ca44

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

cfgmgr32

CM_Get_Sibling
CMP_WaitServicesAvailable
CM_Get_Device_ID_Size
CM_Get_Sibling_Ex
CM_Set_DevNode_Registry_Property_ExW
CM_Set_HW_Prof_FlagsA
CM_Get_Hardware_Profile_Info_ExA
CM_Set_HW_Prof_Flags_ExA
CM_Get_Device_ID_ExW
CM_Get_Device_ID_List_SizeW
CM_Get_Class_Registry_PropertyA
CMP_Report_LogOn
CM_Add_Range
CM_Get_DevNode_Registry_Property_ExW
CM_Get_Device_Interface_ListA
CMP_UnregisterNotification
CM_Set_HW_Prof_Ex

kernel32

GetDefaultCommConfigW
CancelWaitableTimer
AddRefActCtx
SetThreadLocale
IsValidLocale
FormatMessageW
SetConsoleCursorMode
CreateProcessInternalW
SetConsoleCursorPosition
ReadConsoleOutputW
ReadConsoleOutputAttribute
LCMapStringW
GetTickCount
GetNumaAvailableMemoryNode
LoadLibraryA
SuspendThread
SetSystemPowerState
Beep
ClearCommBreak
SetCriticalSectionSpinCount
GlobalFindAtomW
WriteConsoleA
GetAtomNameW
RtlFillMemory
GetCommMask
GetTempPathW
WriteProfileStringW
InitializeCriticalSection
BeginUpdateResourceA
UnregisterWait
GetCommTimeouts
CreateJobSet
GetCompressedFileSizeW
VirtualAlloc
WriteFile
ConsoleMenuControl
GetConsoleInputExeNameA
IsValidCodePage
SystemTimeToTzSpecificLocalTime
GetUserDefaultLCID
SleepEx
FreeUserPhysicalPages
GetVolumePathNameW

wsock32

WSACleanup
inet_addr
inet_ntoa
setsockopt
htons
dn_expand
listen
WSAStartup
WSACancelBlockingCall
ioctlsocket
GetTypeByNameA
WSAIsBlocking
WSASetBlockingHook
gethostname
shutdown
getservbyport
recvfrom
TransmitFile
EnumProtocolsW
getprotobynumber
getsockname
WSAAsyncGetServByName
bind
WSARecvEx

ole32

CreateFileMoniker
OleInitializeWOW
OleDuplicateData
CoDeactivateObject
CoInitializeSecurity
CoGetProcessIdentifier
OleCreateLinkFromDataEx
FreePropVariantArray
CoGetCancelObject
OleMetafilePictFromIconAndLabel
StgCreateDocfileOnILockBytes
CoInitializeWOW
CreateGenericComposite
IsValidIid
OleCreateLinkToFileEx
CoReleaseMarshalData
OleConvertOLESTREAMToIStorage
CoDisableCallCancellation
CoRegisterChannelHook
CoGetCallContext

atl

AtlModuleExtractCreateWndData
AtlModuleAddCreateWndData
AtlModuleInit
AtlUnadvise
AtlModuleRegisterWndClassInfoW
AtlModuleRevokeClassObjects
AtlModuleRegisterWndClassInfoA
AtlIPersistPropertyBag_Save
AtlModuleUnregisterServerEx
AtlWaitWithMessageLoop
AtlComQIPtrAssign
AtlModuleUnRegisterTypeLib
AtlRegisterClassCategoriesHelper
AtlAxCreateControl
AtlAxDialogBoxW
AtlIPersistStreamInit_Save
AtlAxCreateDialogW

Sections

.text
Size: 715KB - Virtual size: 714KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

655ab7358b6f843796212e0b8106ca44

Headers

DLL Characteristics

File Characteristics

Imports

cfgmgr32

kernel32

wsock32

ole32

atl

Sections

.text Size: 715KB - Virtual size: 714KB

.rdata Size: 124KB - Virtual size: 123KB

.data Size: 5KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 972B

.text
Size: 715KB - Virtual size: 714KB

.rdata
Size: 124KB - Virtual size: 123KB

.data
Size: 5KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 972B