5f11ad49ad1ed5049de8ea13860f5b42

General

Target

5f11ad49ad1ed5049de8ea13860f5b42
Size

133KB
MD5

5f11ad49ad1ed5049de8ea13860f5b42
SHA1

82af82a0b31adbd84df8f5e97f36ba66c345d81b
SHA256

98bbad53d8b470bff32d269215341008ee4e214137698b17a72a81189da35d1e
SHA512

77891c861c95ce6b5dba831cc07759b45cd9ee837dd44285588ebe1fc5090fff8e7bc1de99cf9a12500f82bbc5be50e9bb6ff91f7d68ac64fdb79764548dd6e1
SSDEEP

3072:wlBMAC2KxVH6CRbTqAIfP+aG/MrqZzp6fc:rA3KzH6CTVWVGBBX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f11ad49ad1ed5049de8ea13860f5b42

Files

5f11ad49ad1ed5049de8ea13860f5b42
.exe windows:4 windows x86 arch:x86

33cc542e20f268b26623d86d717ceec7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

CreateThread
ConvertFiberToThread
FreeLibrary
CreateNamedPipeA
SwitchToThread
CreateDirectoryW
CreateSemaphoreA
GetOverlappedResult
LoadLibraryA
FlushFileBuffers
WaitForMultipleObjects
lstrcatA
TlsAlloc
GetFileInformationByHandle
GetSystemTimeAsFileTime
DeleteCriticalSection
SetFilePointer
GetCurrentProcess
CreateFileW
MoveFileW
Sleep
MultiByteToWideChar
FreeEnvironmentStringsA
GetSystemDirectoryA
FindNextChangeNotification
GetFullPathNameW
InterlockedCompareExchange
QueryPerformanceCounter
ReleaseSemaphore
WaitForSingleObject
SetUnhandledExceptionFilter
TlsSetValue
EnumResourceNamesA
CreateEventA
ResetEvent
GetCurrentProcessId
WriteFile
TerminateProcess
GetTickCount
GetCurrentThreadId
GetStartupInfoA
FindNextFileW
PeekNamedPipe
WideCharToMultiByte
FindCloseChangeNotification
InterlockedExchange
GetDriveTypeW
GetLocalTime
SetEndOfFile
LocalAlloc
InitializeCriticalSection
GetSystemDirectoryW
CloseHandle
GetLastError
LocalFree
RemoveDirectoryW
FindFirstChangeNotificationW
TlsGetValue
IsDebuggerPresent
ExitProcess
ReadFile
TlsFree
GetModuleFileNameW
EnterCriticalSection
DisconnectNamedPipe
lstrlenA
DeleteFileW
GetProcAddress
GetVersionExA
GetCurrentThread
SetEvent
LeaveCriticalSection
GetUserDefaultLCID
LoadLibraryW
FindFirstFileW
FindClose
UnhandledExceptionFilter
ConnectNamedPipe

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33cc542e20f268b26623d86d717ceec7

Headers

File Characteristics

Imports

oleacc

kernel32

Sections

.text Size: 105KB - Virtual size: 105KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 23KB - Virtual size: 23KB

.rsrc Size: 1024B - Virtual size: 212KB

.text
Size: 105KB - Virtual size: 105KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 23KB - Virtual size: 23KB

.rsrc
Size: 1024B - Virtual size: 212KB