5e1e58537b64ec65e9e7b0468a74823d

Sharing

Copy URL Twitter E-mail

General

Target

5e1e58537b64ec65e9e7b0468a74823d
Size

60KB
MD5

5e1e58537b64ec65e9e7b0468a74823d
SHA1

20f6906d635c7e41661b4013af937ab229b050a4
SHA256

e19c54b5d12d56dc4136cb0aba613eb708b7e6ed0d8502b36492d7ef1d366678
SHA512

ec2e263519c54c1e7cc08177b7cc778a62585440d1882e3ca0b509eff3760188aae50d10917330c7aec55dc7b7db9ddd6d3a4291a0152c0091b3e707ac4fa56b
SSDEEP

1536:WtO7Zs4PfsScRl9HszPmjeEqiridmBxTwbVf7:xZsm2lV6Pmvqir+mBxsbVf7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e1e58537b64ec65e9e7b0468a74823d

Files

5e1e58537b64ec65e9e7b0468a74823d
.exe windows:4 windows x86 arch:x86

61a0826d078feb29f8624958ba9e3aec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDeviceCaps
GetTextMetricsA
GetClipBox
RestoreDC
SaveDC
RectVisible
PatBlt
SelectPalette
GetObjectA
CreateFontIndirectA
GetStockObject
GetPixel
SetMapMode
SetTextAlign
DeleteDC
LineTo
CreatePen
CreateSolidBrush
SetStretchBltMode
SelectObject
SetTextColor
CreatePalette
CreateCompatibleDC

user32

GetDesktopWindow
TranslateMessage
CharNextA
GetParent
GetDC
GetSystemMetrics

kernel32

SetCurrentDirectoryA
RemoveDirectoryA
GetCommandLineA
GetConsoleOutputCP
GetCurrentProcessId
QueryPerformanceCounter
GlobalFindAtomW
GetModuleHandleA
GetCurrentProcess
MulDiv
lstrlenW
GetVersion
GetTickCount
DeleteFileW
GetThreadLocale
GetDriveTypeA
lstrcmpA
GetModuleHandleW
GetCommandLineW
GetStartupInfoA
GetACP
DeleteFileA
VirtualAlloc
VirtualFree
GetCurrentThreadId
GetProcessHeap
GetWindowsDirectoryA
GetUserDefaultLangID
CopyFileA
GlobalFindAtomA
GetCurrentThread
lstrlenA
lstrcmpiA
lstrcmpiW
GetOEMCP
IsDebuggerPresent

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Xjttsu Y
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Yydengag
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61a0826d078feb29f8624958ba9e3aec

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Xjttsu Y Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 26KB

Yydengag Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 11KB - Virtual size: 11KB

Xjttsu Y
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 26KB

Yydengag
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 28KB - Virtual size: 28KB