5fb02bdc4105e51718bdea21ed9df98b

Sharing

Copy URL

Twitter E-mail

General

Target

5fb02bdc4105e51718bdea21ed9df98b
Size

235KB
MD5

5fb02bdc4105e51718bdea21ed9df98b
SHA1

82d2402ec12d3918827aaf466f1eeea7ea80707b
SHA256

c1b5945b9b30501c9a8f9dd9719b4f73b803e3591ecc6c89691e5d1c29840c89
SHA512

4c79b8bc814c8b527e3772a5da5650769541fe20deab94b42bb3c056779239373a79bf9a7e905e03ef7ed91befd30be07e9e5ecf52d828f3c6c5f151c9092aa1
SSDEEP

3072:kwCcoQNSqb8/JBxbEbPb0bEK1Z4DEhBzwLflsqpVAx2j9pAoEAV/m0uZaOVu5maV:lgxEzb8v1ODEhyfF9pDqY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fb02bdc4105e51718bdea21ed9df98b

Files

5fb02bdc4105e51718bdea21ed9df98b
.dll windows:4 windows x86 arch:x86

bec80d5a77bbe88fb9d1eda8794d6401

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoSizeA
VerQueryValueA

kernel32

LoadLibraryA
VirtualAllocEx
GetModuleHandleA
LoadLibraryExA
GetVersionExA
ExitProcess
GetACP
GetProcAddress
ExitThread
GetCommandLineA

shell32

SHGetFileInfoA
SHGetFolderPathA
SHFileOperationA
SHGetDiskFreeSpaceA

gdi32

SetBkColor
GetDIBColorTable
CreateBrushIndirect
CreateFontIndirectA
GetPaletteEntries
GetRgnBox
GetPixel
GetBitmapBits
CopyEnhMetaFileA

user32

GetDlgItem
WaitMessage
ShowWindow
EnumWindows
GetCursor
GetSysColorBrush
SetMenu
IsWindowEnabled
OffsetRect
RegisterClipboardFormatA
ActivateKeyboardLayout
DefWindowProcA
SetScrollPos
GetKeyboardType
DeleteMenu
GetWindowPlacement

shlwapi

SHDeleteKeyA
SHStrDupA
SHSetValueA
SHDeleteValueA
PathGetCharTypeA
PathIsContentTypeA
SHEnumValueA
PathIsDirectoryA
SHGetValueA

ole32

PropVariantClear
StringFromIID
GetHGlobalFromStream
CoUnmarshalInterface
WriteClassStm
CoGetObjectContext
CreateStreamOnHGlobal
CoGetMalloc
StgCreateDocfileOnILockBytes
CoDisconnectObject

Sections

CODE
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.^data
Size: 1024B - Virtual size: 882B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 554B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bec80d5a77bbe88fb9d1eda8794d6401

Headers

File Characteristics

Imports

version

kernel32

shell32

gdi32

user32

shlwapi

ole32

Sections

CODE Size: 45KB - Virtual size: 45KB

.data Size: 166KB - Virtual size: 166KB

.idata Size: 5KB - Virtual size: 140KB

.rdata Size: 2KB - Virtual size: 1KB

.^data Size: 1024B - Virtual size: 882B

.rsrc Size: 13KB - Virtual size: 12KB

.reloc Size: 1024B - Virtual size: 554B

CODE
Size: 45KB - Virtual size: 45KB

.data
Size: 166KB - Virtual size: 166KB

.idata
Size: 5KB - Virtual size: 140KB

.rdata
Size: 2KB - Virtual size: 1KB

.^data
Size: 1024B - Virtual size: 882B

.rsrc
Size: 13KB - Virtual size: 12KB

.reloc
Size: 1024B - Virtual size: 554B