5871c582f62a0875b26039bcfab1837a

General

Target

5871c582f62a0875b26039bcfab1837a
Size

9KB
MD5

5871c582f62a0875b26039bcfab1837a
SHA1

b4de3ae6499731bf7cfd819349de33330f0e8d41
SHA256

98d8832d5455e0faab6cd3e356aa0517bf4e45f38e6315120a421f4ba1cdefb3
SHA512

9ecaba6a5ec517f200aea403aff1fdfd268f2c35c4b63d1061135eb69b5356ea30a3c15ddcb3e071d79dee773379276b260b9efd02908ecb7eceae21f50d0f97
SSDEEP

192:bd6DHx3hfgh7mGWsOdVqM2eaT38aW5VcRWuaxOB:4JBgh71pOdoM2egOVcRWVx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5871c582f62a0875b26039bcfab1837a

Files

5871c582f62a0875b26039bcfab1837a
.exe windows:4 windows x86 arch:x86

98e4bf1ffc7d27781d20139789cb57c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
MoveFileExA
CreateDirectoryA
Sleep
lstrcmpiA
DeleteFileA
FreeLibrary
GetTempFileNameA
GetSystemDirectoryA
GetTempPathA
GetLastError
CreateMutexA
ExitProcess
GetCurrentProcessId
lstrcatA
GetThreadPriority
GetTickCount
GetCurrentThread
GetACP
CancelIo
GetStartupInfoA
CreateProcessA
GetProcAddress
FindFirstFileA
GetModuleFileNameA
GetShortPathNameA
CreateFileA
GetCurrentProcess
GetFileInformationByHandle
SetFilePointer
ReadFile
CloseHandle
GetCurrentThreadId
HeapAlloc
GetProcessHeap
HeapFree
GetFileSize

user32

GetCursor
SetActiveWindow
wsprintfA
GetActiveWindow
GetTopWindow
GetCapture
GetCaretBlinkTime
DestroyCaret
GetCaretPos
ClientToScreen
ClipCursor
GetClipCursor

gdi32

CreateCompatibleBitmap
BeginPath
AbortDoc
UnrealizeObject
GdiFlush
EndPage
CreateCompatibleDC
CancelDC
GetColorSpace
GetBkMode
EndPath
PathToRegion
GetBrushOrgEx
AbortPath
WidenPath
GdiGetBatchLimit
CloseFigure
GdiSetBatchLimit
EndDoc
StrokeAndFillPath
StartPage
FillPath
StrokePath
FlattenPath

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 371B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 858B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98e4bf1ffc7d27781d20139789cb57c8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 371B

.reloc Size: 1024B - Virtual size: 858B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 371B

.reloc
Size: 1024B - Virtual size: 858B