5304334a0a262a4f13ec14bda9fadcbc

Sharing

Copy URL Twitter E-mail

General

Target

5304334a0a262a4f13ec14bda9fadcbc
Size

103KB
MD5

5304334a0a262a4f13ec14bda9fadcbc
SHA1

c6a700fa011cb3d14ddce9d5759d76e476608410
SHA256

33767d1ab1211e36dcaef671b136f2206f28f55684acc1df2a2743a2c963d89d
SHA512

f79e58ce9c9d568499e588e5328af551bceb90bc850d741b89f4bb9b85789dc4360a372f891d97f4a652ff715af2b87da63051d06bf68a541a51abb7a20c0c53
SSDEEP

1536:M3mRVaG1NGCmu306doyBCjLbVprSP72fiT0l0i7qKOW+v5vshpZfdWu:M3mK2kS3qFpuBT0l077KZfd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5304334a0a262a4f13ec14bda9fadcbc

Files

5304334a0a262a4f13ec14bda9fadcbc
.dll windows:4 windows x86 arch:x86

c7b518cc830ecf99f8b047d09ff77aa1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
LoadLibraryW
lstrlenW
WaitForSingleObject
CloseHandle
ReadFile
GetFileInformationByHandle
MultiByteToWideChar
lstrlenA
GetModuleHandleA
GetModuleHandleW
GetFileAttributesExA
CompareFileTime
FindNextChangeNotification
CreateEventA
FindFirstChangeNotificationA
SetEvent
WaitForMultipleObjects
CreateFileA
InterlockedExchange
DisableThreadLibraryCalls
GetLocaleInfoA
GetSystemTimeAsFileTime
GetProcAddress
InterlockedDecrement
InterlockedIncrement
GetCurrentThread
GetCommandLineA
GetModuleFileNameA
VirtualProtect
GetCurrentProcessId
GetSystemInfo
GetCurrentThreadId
GetTickCount
RtlUnwind
GetVersionExA
VirtualQuery
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
UnhandledExceptionFilter
HeapAlloc
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
LoadLibraryA
HeapSize
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
QueryPerformanceCounter

user32

LoadStringA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyExA
RegDeleteKeyA

ole32

CoCreateFreeThreadedMarshaler
StringFromCLSID
CoTaskMemFree

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7b518cc830ecf99f8b047d09ff77aa1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 54KB - Virtual size: 54KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 36KB - Virtual size: 69KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 54KB - Virtual size: 54KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 36KB - Virtual size: 69KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB