5fc87095cf23bf41c61470e6ca51f669

Sharing

Copy URL Twitter E-mail

General

Target

5fc87095cf23bf41c61470e6ca51f669
Size

80KB
MD5

5fc87095cf23bf41c61470e6ca51f669
SHA1

ef8989e4d58941e58730ae6c01f9d0c7c6e13d68
SHA256

4cbcbebdd6cec6bab801311d3285b2cba5dcf36bc581012ff620c20c01cd1c0e
SHA512

44d1687803d2df8f519cf89be0813e5c802a254c685bf89c51a41ddd1b03b4098e49d58c8ea1338634d7240bfcb20a9a90e4e0a4c29be3e19260936473c04ce7
SSDEEP

768:DZv6Ep6+p9N0z131mEgJ9ABuDE2ABTC+HRFuBqJ8aTJkS4mUc:kG9M311gJ9ABCE2gLzQnaeS4Lc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fc87095cf23bf41c61470e6ca51f669

Files

5fc87095cf23bf41c61470e6ca51f669
.exe windows:4 windows x86 arch:x86

962d0feaf766a8fc2b42687928e20253

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
CopyFileExW
CreateProcessA
GetStdHandle
OpenFile
ExitThread
GetCommandLineA
GetFileSize
FindFirstFileA
Sleep
GlobalFree
GetFileTime
DeleteAtom
GetComputerNameA
DeleteAtom
CopyFileA
GetFileSize
ExitThread
FindFirstFileA
GetCPInfo
FindAtomA
CreateDirectoryA
ReadFile
CopyFileW
SetLastError
CopyFileA
FindFirstFileA
OpenFile
GetStdHandle
GetFileTime
DeleteAtom
OpenFileMappingA
DeleteFileW
FindAtomA
CreateDirectoryA
WriteFile
GetConsoleMode
CopyFileW
SetLastError
ReadConsoleA
Sleep
GetFileSize
CopyFileA
OpenFileMappingA
GetComputerNameA
GlobalFree
CopyFileExW
GetCPInfo
CopyFileExA
FindAtomA
ExitThread
DeleteAtom
CreateDirectoryA
ReadFile

user32

GetWindowTextLengthA
CopyIcon
DialogBoxParamA
CreateIcon
CloseWindow
GetMenu
DialogBoxParamW
DrawTextW
AlignRects
LoadCursorA
CopyRect
CalcMenuBar
IsWindow

advapi32

RegQueryValueExA
RegOpenKeyA
RegQueryValueW
RegDeleteKeyW
RegCreateKeyExW
RegLoadKeyW
RegReplaceKeyW
RegReplaceKeyA
RegLoadKeyA
RegDeleteValueW
RegQueryInfoKeyA
RegEnumKeyW
RegOpenKeyExW
RegEnumKeyExA
RegQueryInfoKeyW
RegQueryValueExW
RegFlushKey

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ixdata
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

962d0feaf766a8fc2b42687928e20253

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 4KB - Virtual size: 2KB

.ixdata Size: 52KB - Virtual size: 49KB

.tls Size: 4KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 5KB

.idata Size: 4KB - Virtual size: 2KB

.edata Size: 4KB - Virtual size: 28KB

.text
Size: 4KB - Virtual size: 2KB

.ixdata
Size: 52KB - Virtual size: 49KB

.tls
Size: 4KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 5KB

.idata
Size: 4KB - Virtual size: 2KB

.edata
Size: 4KB - Virtual size: 28KB