5d465a817d233e052b96a6f212f96590

Sharing

Copy URL

Twitter E-mail

General

Target

5d465a817d233e052b96a6f212f96590
Size

13KB
MD5

5d465a817d233e052b96a6f212f96590
SHA1

41245ee3d345d339313ddead3b98de3c3e1da977
SHA256

70ecc96c895d9de3bd0d10889f34bd4e860151890609d1c51953f855793e5a8c
SHA512

b394b13502f72040ed26e49950cabe34ee60de948903eb5d8dfefc666322ea24588b2dfedbcd9e275f7a4c60b698eb1db5d1b42d6415b68e8a8270fe4860e3de
SSDEEP

192:SponilPk62HqQJB7tOtbslBjvsdc26reWwpYHqu:SpMilclHq87tOtbArEkeWwpYHq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d465a817d233e052b96a6f212f96590

Files

5d465a817d233e052b96a6f212f96590
.exe windows:6 windows x86 arch:x86

245f4035d417ee68bed1944e3fbb3812

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

lib.io.char

?create@CharWriter@@SA?AV?$Ref@VCharWriter@@@@V?$Ref@VStream@Interfaces@@@@I@Z
?create@CharPrinter@@SA?AV?$Ref@VCharPrinter@@@@V?$Ref@VCharWriter@@@@@Z
?str@StrConv@@SA?AV?$Ref@VString@@@@I@Z

svc.node

?create@Stream@Providers@Nodes@Services@@SA?AV?$Ref@VStream@Interfaces@@@@V?$Ref@VProvider@Nodes@Services@@@@@Z

lib.syslog

?procName@SysLog@@SAXV?$Ref@VString@@@@@Z
?thdName@SysLog@@SAXV?$Ref@VString@@@@@Z
?stdOutPrinter@SysLogStream@@SA?AV?$Ref@VSysLogStream@@@@XZ
?id@SysLogFilter@@SAII@Z
?reg@SysLogFilter@@SAIPBD@Z
?state@SysLogFilter@@SA_NI@Z
?level@SysLogFilter@@SAIXZ

svc.console

?create@TerminalMan@@SA?AV?$Ref@VTerminalMan@@@@V?$Ref@VString@@@@I@Z

system

?create@Chn@@SA?AV?$Ref@VChn@@@@V?$Ref@VConMan@@@@@Z
?cancelled@Thd@@SA_NXZ
?create@Thd@@SA?AV?$Ref@VThd@@@@V?$Ref@VExec@@@@IIIV?$Ref@VString@@@@@Z
?create@Mon@@SA?AV?$Ref@VMon@@@@I@Z
?create@OutMsg@@SA?AV?$Ref@VOutMsg@@@@XZ
?create@String@@SA?AV?$Ref@VString@@@@ABV?$Ref@VInMsg@@@@@Z
?create@String@@SA?AV?$Ref@VString@@@@PBDII@Z
??1Object@@MAE@XZ
?selfTest@Object@@UAE_NV?$Ref@VStream@Interfaces@@@@@Z
?dump@Object@@UAEXV?$Ref@VStream@Interfaces@@@@@Z
?_selfTest@Object@@UAE_NV?$Ref@VStream@Interfaces@@@@@Z
?_dump@Object@@UAEXV?$Ref@VStream@Interfaces@@@@@Z
?gcproxy@Object@@UAEPAVGcProxy@@XZ
?obj@Object@@UAE?AV?$Ref@VObject@@@@XZ
?counterRef@Object@@UAEIXZ
?unlockRef@Object@@UAEXXZ
?lockRef@Object@@UAEXXZ
?decRef@Object@@UAEXXZ
?incRef@Object@@UAEXXZ
??0Object@@QAE@XZ
?create@Chn@@SA?AV?$Ref@VChn@@@@V?$Ref@VConMan@@@@V?$Ref@VString@@@@@Z
?free@Heap@@SAXPAXI0@Z
?alloc@Heap@@SAPAXIIPAX@Z
??_7type_info@@6B@
?setExitCode@Proc@@SAII@Z
?lock@InitCode@@SAXXZ
?unlock@InitCode@@SAXXZ

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

245f4035d417ee68bed1944e3fbb3812

Headers

DLL Characteristics

File Characteristics

Imports

lib.io.char

svc.node

lib.syslog

svc.console

system

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 196B

.rsrc Size: 1024B - Virtual size: 960B

.reloc Size: 1024B - Virtual size: 612B

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 196B

.rsrc
Size: 1024B - Virtual size: 960B

.reloc
Size: 1024B - Virtual size: 612B