5b5f8c9d55228d04df202f04b5ee4744

Sharing

Copy URL Twitter E-mail

General

Target

5b5f8c9d55228d04df202f04b5ee4744
Size

76KB
MD5

5b5f8c9d55228d04df202f04b5ee4744
SHA1

68e3acafa4301743fe08deb9e9fe9020147cf261
SHA256

1bf30117b13bd35d53bfc79416318fcdfef31811f727a59940d3e74373fd7ae8
SHA512

573ab8c466e2b521433db09dbdf4748646e56742bcdcb4aa2b5bc92a1b7ff9c7cb04c29b8aacb08cebb548272c3ca6cef7e29e6d9100665f7b551a4919306dbd
SSDEEP

1536:IZiS1UDduLnrnxKjjImkB2xNU2tprrZgLGCcjoPnQxxCJ0Scl:IZi/6oj8BkLtYS4QxxCJ0Scl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b5f8c9d55228d04df202f04b5ee4744

Files

5b5f8c9d55228d04df202f04b5ee4744
.exe windows:4 windows x86 arch:x86

42bd06c2f41fd5cc9b46f34c2c4a038b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoA
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetOpenA
InternetConnectA

ws2_32

gethostbyname
WSAStartup
WSACleanup

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

shlwapi

PathAppendA

kernel32

GetACP
GetLocaleInfoA
GetLastError
GetFileAttributesA
GetModuleFileNameA
GetTempPathA
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentProcess
GetCurrentThread
TerminateProcess
OpenProcess
Sleep
GetOEMCP
CreateProcessA
SetThreadPriority
SetPriorityClass
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
GetCurrentProcessId
GetCPInfo
GetStringTypeW
GetStringTypeA
GetSystemInfo
VirtualProtect
MultiByteToWideChar
CreateFileA
InitializeCriticalSection
VirtualQuery
InterlockedExchange
RtlUnwind
FlushFileBuffers
LCMapStringA
LCMapStringW
GetTimeZoneInformation
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
SetEndOfFile
HeapSize
CompareStringA
CompareStringW
ResumeThread
HeapAlloc
SetStdHandle
GetEnvironmentStringsW
HeapFree
DeleteFileA
MoveFileA
SetEnvironmentVariableA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
ExitThread
GetCurrentThreadId
CreateThread
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
ReadFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
WriteFile
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetFullPathNameA
GetCurrentDirectoryA
ExitProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte

user32

DefWindowProcA
SendMessageA
PostQuitMessage
PostMessageA
wsprintfA
GetMessageA
DispatchMessageA
CreateWindowExA
FindWindowA
IsIconic
ShowWindow
SetForegroundWindow
RegisterClassExA

advapi32

OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
OpenThreadToken

ole32

StringFromGUID2

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42bd06c2f41fd5cc9b46f34c2c4a038b

Headers

File Characteristics

Imports

wininet

ws2_32

version

shlwapi

kernel32

user32

advapi32

ole32

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 456B

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 456B