5d7588e79edfade3f39e02e65f6571d1

Sharing

Copy URL Twitter E-mail

General

Target

5d7588e79edfade3f39e02e65f6571d1
Size

327KB
MD5

5d7588e79edfade3f39e02e65f6571d1
SHA1

41eec77d3c66b66e4d05a05e0d856f908dd41bd7
SHA256

65d850d4961b199d22597914523844f957c15f21e3279b1adc14628095b17654
SHA512

e1aff221082be3e99b2b9513072e77d14639dd902bf490bda2fe58d9c7f9e85ae1d826d45f97f29b19a7bc86372166ea7a942e45b0e7a3e087df3ccaa61568a9
SSDEEP

3072:dxCFWiJ3CYMMvXSoYgFmf3zp9J25XnSgSJqji4EIXqiiEy2Mpy5c7Bpz:yLdJvX6cmvzp9Jd3MiPIXL6pyuV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d7588e79edfade3f39e02e65f6571d1

Files

5d7588e79edfade3f39e02e65f6571d1
.exe windows:4 windows x86 arch:x86

6099c1f08e28511e34f640ad6ca03edc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

CommandLineToArgvW
DragFinish
ExtractIconExW
SHGetDesktopFolder
SHGetPathFromIDList
SHGetPathFromIDListW

comctl32

ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_GetIcon
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetOverlayImage
InitCommonControls

gdi32

CreateCompatibleDC
CreateICA
CreatePatternBrush
CreatePen
EndDoc
Escape
GetCurrentObject
GetROP2
GetTextCharsetInfo
GetTextFaceW
GetViewportOrgEx
OffsetClipRgn
PatBlt
Polygon
PtInRegion
Rectangle
RestoreDC
SetBkMode
SetPixel
SetTextAlign
SetViewportExtEx
StrokePath
TranslateCharsetInfo

kernel32

CompareStringA
CopyFileA
DeviceIoControl
EnumCalendarInfoA
ExitProcess
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
GetExitCodeThread
GetFileSize
GetProcessHeap
GetSystemDirectoryW
GetTimeZoneInformation
GetUserDefaultLCID
LoadLibraryExA
LocalFree
SetEnvironmentVariableA
SetErrorMode
SetFileTime
Sleep
SystemTimeToFileTime

user32

DefWindowProcA
DestroyWindow
DispatchMessageA
DrawTextA
EnumWindows
GetCursorPos
GetMessagePos
GetWindow
GetWindowThreadProcessId
IsIconic
IsWindow
KillTimer
LoadIconA
OemToCharA
RedrawWindow
ScreenToClient

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Laowe2sE
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6099c1f08e28511e34f640ad6ca03edc

Headers

File Characteristics

Imports

shell32

comctl32

gdi32

kernel32

user32

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 98KB - Virtual size: 97KB

.rsrc Size: 18KB - Virtual size: 17KB

Laowe2sE Size: 120KB - Virtual size: 120KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 98KB - Virtual size: 97KB

.rsrc
Size: 18KB - Virtual size: 17KB

Laowe2sE
Size: 120KB - Virtual size: 120KB