5ac4f53cc39e1f9adc1ca1d47dcca97c

General

Target

5ac4f53cc39e1f9adc1ca1d47dcca97c
Size

100KB
MD5

5ac4f53cc39e1f9adc1ca1d47dcca97c
SHA1

56a9b113d681dbf372fecbb29ca254d8552e3231
SHA256

aa5b9754c1356a22c31158ef09972fd295056eb22422848269fc3d68f7ef1795
SHA512

97d5233672dd5dcf58a10f40c41226b2451ae3aaedc47b677ae8eba6d98c3a3319a84b066ddc76206b15869d4769c9a4b24ae2bd7dbd755678f07f497a31e8c1
SSDEEP

1536:/bV89wX0xb2WlVG2tILwu9xllZmCstcV8h0sIOm9z/FDT:jXE2WlVPPu9xcGNOm9DFDT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ac4f53cc39e1f9adc1ca1d47dcca97c

Files

5ac4f53cc39e1f9adc1ca1d47dcca97c
.exe windows:4 windows x86 arch:x86

b3153955fc66d2d6e92e7a0c454e11ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
InitializeCriticalSection
DeleteCriticalSection
LoadResource
FindResourceA
SizeofResource
LockResource
FreeResource
CloseHandle
WriteFile
GetFileAttributesA
SetErrorMode
DeleteFileA
MoveFileA
CreateFileA
VirtualProtect
GetStringTypeW
GetLocaleInfoA
GetACP
GetSystemDirectoryA
InterlockedExchange
GetStringTypeA
LCMapStringW
ExitProcess
RtlUnwind
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
VirtualQuery
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetProcAddress
TerminateProcess
GetCurrentProcess
HeapSize
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
LoadLibraryA
GetOEMCP
GetCPInfo
LCMapStringA
MultiByteToWideChar
GetSystemInfo

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3153955fc66d2d6e92e7a0c454e11ef

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 64KB - Virtual size: 63KB

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 64KB - Virtual size: 63KB