5b43135b93e533ea7dc7475f70609799

Sharing

Copy URL Twitter E-mail

General

Target

5b43135b93e533ea7dc7475f70609799
Size

62KB
MD5

5b43135b93e533ea7dc7475f70609799
SHA1

8eb74dc71a54a18de9bbe9d547fe6713c457ac13
SHA256

9556a46395bfece7ed91b0d8b6f21d2fb45999b8653cbc3e1752e17c0f60b179
SHA512

fb92b43306c9184412812d2ac26bfd95b246d019e168510014f0b81a9aac5efb59aec9553aa38629277d333c5ab021032b2556fb6777686bc703fe0d940d43a8
SSDEEP

768:yFx5jJeNnA7LKj5LhpYI2yVaPU2lnM/0sZSq4zlEi+UHTK6Yh2Wz4JC67h+yQ48:ybzBLKjN7YI2/BpCQ+EKsWzt6cj4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b43135b93e533ea7dc7475f70609799

Files

5b43135b93e533ea7dc7475f70609799
.exe windows:4 windows x86 arch:x86

21fb31a2a957ce3188b012e97c4376b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueW
RegReplaceKeyW
RegCreateKeyExW
RegGetKeySecurity
RegEnumKeyW
RegQueryValueW
RegEnumKeyExA
RegQueryInfoKeyW
RegOpenKeyW
RegDeleteKeyW
RegCreateKeyW
RegDeleteValueA
RegLoadKeyW
RegOpenKeyExA
RegQueryValueExA
RegQueryValueA
RegCreateKeyExA
RegOpenKeyExW
RegLoadKeyA

user32

GetMenu
LoadCursorA
IsWindow
InsertMenuA
DrawTextW
AlignRects
BlockInput
EndDialog
GetCursor
DrawIcon
CreateIcon
CalcMenuBar
GetDlgItem
DialogBoxParamA
DrawTextA
DialogBoxParamW
GetWindowTextLengthA
GetDC
LoadMenuA
IsMenu
GetFocus

gdi32

GetClipBox
AddFontResourceW
AddFontResourceExW
BeginPath
GetPixel
ExcludeClipRect
GetDCOrgEx
CancelDC
ClearBrushAttributes
GetPixel
CloseMetaFile
SetTextColor
DeleteDC
AddFontMemResourceEx
ClearBitmapAttributes
GetBitmapBits
AddFontResourceTracking

kernel32

SetLastError
GlobalFree
ReadConsoleA
GetFileSize
ReadFile
DeleteFileA
GetFileTime
GetComputerNameA
GetCPInfo
OpenFileMappingA
ExitThread
GetCommandLineA
GetStdHandle
CreateProcessA
GetConsoleMode
OpenFile
CopyFileExA
FindAtomA
Sleep
WriteFile
DeleteAtom
CreateDirectoryA

comctl32

ImageList_GetDragImage
ImageList_Destroy
ImageList_Draw
ImageList_DragShowNolock
ImageList_GetImageRect
ImageList_LoadImageW
ImageList_DrawIndirect
ImageList_DragMove
ImageList_Read
ImageList_Copy
ImageList_Remove
ImageList_Merge
ImageList_ReplaceIcon
ImageList_EndDrag
InitCommonControls
ImageList_AddMasked
ImageList_Create
ImageList_DragEnter
ImageList_LoadImageA
ImageList_GetIconSize

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21fb31a2a957ce3188b012e97c4376b0

Headers

File Characteristics

Imports

advapi32

user32

gdi32

kernel32

comctl32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 53KB - Virtual size: 87KB

.rsrc Size: 1024B - Virtual size: 544B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 53KB - Virtual size: 87KB

.rsrc
Size: 1024B - Virtual size: 544B