5b18e1d5fbc6cc9350d767ce4c69e7d2

Sharing

Copy URL Twitter E-mail

General

Target

5b18e1d5fbc6cc9350d767ce4c69e7d2
Size

171KB
MD5

5b18e1d5fbc6cc9350d767ce4c69e7d2
SHA1

0e048d9247d8a25e60d34e2a1afd5bf6a94a793b
SHA256

b276c2cd62d95c264f639d47e88f829cc80e160dc42e91bf3bfcdb3782a6ef59
SHA512

419c3dbdc741459bcdfb8f737653e9c31923b845b836e3a3839bb28cab68e12dbd17ba2c666d67bb4a8fc9970b0c0b54c7535aacf87f9e32aebf5ad2ee8ff5b8
SSDEEP

3072:+KHcv3uP2pVnT4keESWrlH86DCKd409yvnDY:fcv3uP2pVnMkex6FdJ9EnDY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b18e1d5fbc6cc9350d767ce4c69e7d2

Files

5b18e1d5fbc6cc9350d767ce4c69e7d2
.exe windows:4 windows x86 arch:x86

a7faecfb7f9e61e97f2dff843c840261

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxW
GetWindowTextW
GetSysColor
LoadBitmapW
GetSystemMetrics
GetParent
GetDC
GetLastActivePopup
ModifyMenuW
ReleaseDC
EnableMenuItem
CheckMenuItem
LoadCursorW
EnableWindow
GetWindowLongW
GetMenuCheckMarkDimensions
IsWindowEnabled
GetSysColorBrush

ole32

CoCreateInstance
CoUninitialize
CoInitialize

shell32

SHGetSpecialFolderPathW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

kernel32

VirtualFree
GetCurrentProcessId
IsBadWritePtr
GetShortPathNameW
LCMapStringW
GetFileType
RtlUnwind
VirtualQuery
TerminateProcess
GetStringTypeW
HeapSize
GetProcessAffinityMask
SetFilePointer
GetCurrentProcess
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
GetStdHandle
HeapFree
GetModuleFileNameA
WriteFile
HeapDestroy
FlushFileBuffers
VirtualAlloc
GetCPInfo
GetSystemTimeAsFileTime
IsBadCodePtr
UnhandledExceptionFilter
GetEnvironmentStringsW
EnumResourceTypesW
SetHandleCount
SetStdHandle
LCMapStringA
GetFileAttributesA
HeapReAlloc
GetStringTypeA
GetSystemInfo
HeapCreate
VirtualProtect
GetEnvironmentStrings
HeapAlloc
GetTickCount
IsBadReadPtr
GetCommandLineA
GetOEMCP
QueryPerformanceCounter
GetStartupInfoA
ExitProcess

gdi32

SetWindowExtEx
Escape
ExtTextOutW
CreateBitmap
SetBkColor
DeleteObject
RectVisible
PtVisible
TextOutW
DeleteDC
SaveDC
ScaleWindowExtEx
SetTextColor
SetViewportExtEx
RestoreDC
GetDeviceCaps
ScaleViewportExtEx
SetViewportOrgEx
SetMapMode
OffsetViewportOrgEx
GetClipBox
SelectObject
GetStockObject

shlwapi

PathAppendW
PathFileExistsW
PathFindFileNameW
PathFindExtensionW

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7faecfb7f9e61e97f2dff843c840261

Headers

File Characteristics

Imports

user32

ole32

shell32

winspool.drv

advapi32

kernel32

gdi32

shlwapi

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 64KB - Virtual size: 64KB

.tls Size: 1024B - Virtual size: 252KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 64KB - Virtual size: 64KB

.tls
Size: 1024B - Virtual size: 252KB