5b1e5fcfff986457c4ad0986637911b5

Sharing

Copy URL Twitter E-mail

General

Target

5b1e5fcfff986457c4ad0986637911b5
Size

228KB
MD5

5b1e5fcfff986457c4ad0986637911b5
SHA1

f15f8d962660733bb5d6f841c1c8ee1fc26d3bf8
SHA256

72856d5c41923b78874f2116c3ad1139f1d5592bdedd562dc09024b1e467cbc2
SHA512

f856b8748dffccc67abd6ffa27d803ad23f6dd4cf4a1333a72718cce03f0d5bf9ea6317a2390f86d9c1364005ac1d3e54d7099119cb8bccad06bd810d254d739
SSDEEP

3072:9ZDUEEWAHx1cLdWD+H6vH6uev0+w88QDt3UNDmEAW8hE7rOGCQXaUvdbCf+RAg08:fAEEWAHLV0tkBpA1E7rxXV9WeAOXcZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b1e5fcfff986457c4ad0986637911b5

Files

5b1e5fcfff986457c4ad0986637911b5
.dll windows:4 windows x86 arch:x86

fcc2d9311ad6d2b1d1825e040c8292c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateProcessA
FileTimeToSystemTime
FindNextFileA
FindFirstFileA
IsBadCodePtr
UnmapViewOfFile
MapViewOfFile
SetFileAttributesA
GetFileAttributesA
IsBadReadPtr
GetProcAddress
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
FindClose
GetDriveTypeA
ReadFile
WaitForSingleObject
WriteFile
GetLastError
CreatePipe
ReleaseMutex
FreeLibraryAndExitThread
SetFileTime
GetFileTime
WinExec
GetStartupInfoA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetFileInformationByHandle
SystemTimeToFileTime
CompareStringW
CompareStringA
GetTempPathA
GetTickCount
OpenFileMappingA
CreateFileMappingA
GetSystemDirectoryA
CopyFileA
DeleteFileA
LoadLibraryA
Sleep
GetComputerNameA
CreateDirectoryA
DeviceIoControl
CloseHandle
GetModuleFileNameA
CreateThread
CreateFileA
GetFileSize
LockFile
GetWindowsDirectoryA
ExitThread
GetLocalTime
SetFilePointer
GetLocaleInfoW
HeapSize
SetEndOfFile
GetTimeZoneInformation
GetSystemInfo
VirtualProtect
IsValidCodePage
IsValidLocale
HeapAlloc
HeapFree
RtlUnwind
ExitProcess
GetCurrentThreadId
GetCommandLineA
GetVersionExA
FatalAppExitA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetConsoleCtrlHandler
GetStdHandle
RaiseException
SetHandleCount
GetFileType
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetACP
GetOEMCP
GetCPInfo
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
InterlockedExchange
VirtualQuery
SetUnhandledExceptionFilter
SetStdHandle
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
SetEnvironmentVariableA

user32

GetDesktopWindow

advapi32

CryptDecrypt
RegDeleteKeyA
CryptAcquireContextA
CryptImportKey
CryptReleaseContext
CryptDestroyKey
CryptEncrypt
RegEnumKeyExA
RegDeleteValueA
RegEnumValueA
StartServiceA
OpenSCManagerA
EnumServicesStatusExA
OpenServiceA
ControlService
RegQueryInfoKeyA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

shlwapi

PathFileExistsA

ws2_32

__WSAFDIsSet

iphlpapi

GetUdpTable
GetTcpTable
GetAdaptersInfo

Sections

.text
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.plugins
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fcc2d9311ad6d2b1d1825e040c8292c0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

ws2_32

iphlpapi

Sections

.text Size: 160KB - Virtual size: 157KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 8KB - Virtual size: 18KB

.plugins Size: 4KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 160KB - Virtual size: 157KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 8KB - Virtual size: 18KB

.plugins
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 8KB