5e449339a4cef321ae50e5827dcaabfd

General

Target

5e449339a4cef321ae50e5827dcaabfd
Size

13KB
MD5

5e449339a4cef321ae50e5827dcaabfd
SHA1

65d3c58f0dfc7cb487dc980b8521c16fdc0d2bc3
SHA256

8f8f8523b2ef72cf8f1617f7a34c82b61fb8920dc2a553039d10c304a1d59731
SHA512

e83a064535b3a9ce61692080e2a8d3038ac629a0bb8ba242e69e461df6947d7380d3ecbba520d8189af521cc288e00bd83be7a92795d0cde557d32ca1c8559ac
SSDEEP

192:tw6h+AKbjHTEKn0SGiKvJMR6h8PNY68y0I1uN5U05ZeHdKsscTMW91/v:twaDSHEpSdb51YFcTMW9hv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e449339a4cef321ae50e5827dcaabfd

Files

5e449339a4cef321ae50e5827dcaabfd
.exe windows:4 windows x86 arch:x86

7b383ab90251e996f851ae6816a26bd2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleA
GetCommandLineA
GetModuleFileNameA
SetLocalTime
GetLocalTime
GetTempFileNameA
GetTempPathA
GetCurrentProcess
VirtualAlloc
ExpandEnvironmentStringsA
GetFileAttributesA
CopyFileA
CreateFileA
GetFileSize
GlobalAlloc
ReadFile
CloseHandle
DeleteFileA
GlobalFree
LoadLibraryA
GetProcAddress
WinExec
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree

user32

wsprintfA

advapi32

RegOpenKeyA
RegDeleteValueA
RegCloseKey

Sections

pp1
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

pp2
Size: 512B - Virtual size: 353B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

pp3
Size: 512B - Virtual size: 87B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

pp0
Size: 1024B - Virtual size: 687B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7b383ab90251e996f851ae6816a26bd2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

pp1 Size: 512B - Virtual size: 272B

pp2 Size: 512B - Virtual size: 353B

pp3 Size: 512B - Virtual size: 87B

pp0 Size: 1024B - Virtual size: 687B

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 328B

pp1
Size: 512B - Virtual size: 272B

pp2
Size: 512B - Virtual size: 353B

pp3
Size: 512B - Virtual size: 87B

pp0
Size: 1024B - Virtual size: 687B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 328B