5b70748a1c82e58043fa3b73bcbd131a

General

Target

5b70748a1c82e58043fa3b73bcbd131a
Size

429KB
MD5

5b70748a1c82e58043fa3b73bcbd131a
SHA1

97aa4b491ad2bce91d3a37bd75a3e413d8cf0098
SHA256

3045c94ab7e0c7b605295a2655c7fcf97397a4447fc63af8493fa8caec234891
SHA512

8ee08eced2fb4eb5bb13b9134d48dc83e7e1ac2f35cbdfdae9ef382eabca747c0ccd7dbba81e99d4f1f092e02e9472be24495c4aaf627e37ae20a9b450b01ddb
SSDEEP

12288:/IYPbeCKRGgP/oMMtJ9ZgkZHsGkyLBr1:zSCRg6JDgkiy1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b70748a1c82e58043fa3b73bcbd131a

Files

5b70748a1c82e58043fa3b73bcbd131a
.exe windows:4 windows x86 arch:x86

0d57b251f0c96e9fb320e625ed617d62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
LCMapStringA
LeaveCriticalSection
UnhandledExceptionFilter
GetProcAddress
MultiByteToWideChar
HeapReAlloc
WideCharToMultiByte
GetCommandLineA
HeapCreate
GetCurrentProcessId
HeapAlloc
EnumSystemLocalesA
GetProcessHeap
TlsAlloc
GetModuleHandleA
SetConsoleCtrlHandler
DosDateTimeToFileTime
LockFile
Sleep
GetStringTypeA
IsDebuggerPresent
GetDateFormatA
InterlockedIncrement
SetHandleCount
EnterCriticalSection
GetUserDefaultLCID
CompareStringW
GlobalHandle
ExitProcess
GetTickCount
CompareStringA
WriteFile
HeapFree
GetLastError
GetModuleFileNameA
InitializeCriticalSection
LoadLibraryA
QueryPerformanceCounter
GetFileType
VirtualAlloc
EnumDateFormatsA
GetCurrentThread
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetLocaleInfoA
GetStartupInfoA
GetTimeFormatA
TlsFree
DeleteFileA
LCMapStringW
GetEnvironmentStrings
GetSystemTimeAsFileTime
GetLocaleInfoW
FreeLibrary
SetConsoleCP
GetOEMCP
GetStdHandle
FreeEnvironmentStringsW
TlsSetValue
SetLastError
InterlockedDecrement
FreeEnvironmentStringsA
GetStringTypeW
TlsGetValue
DeleteCriticalSection
IsValidLocale
VirtualFree
GetTimeZoneInformation
EnumResourceNamesA
InterlockedExchange
HeapDestroy
GetVersionExA
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetCPInfo
GetACP
SetEnvironmentVariableA
IsValidCodePage

comdlg32

GetSaveFileNameW
ReplaceTextA
PageSetupDlgW
ChooseFontW
GetOpenFileNameA
ChooseFontA
ReplaceTextW
ChooseColorA
LoadAlterBitmap
PrintDlgA
GetFileTitleA
GetSaveFileNameA
PageSetupDlgA

Sections

.text
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d57b251f0c96e9fb320e625ed617d62

Headers

File Characteristics

Imports

kernel32

comdlg32

Sections

.text Size: 154KB - Virtual size: 153KB

.data Size: 273KB - Virtual size: 272KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 154KB - Virtual size: 153KB

.data
Size: 273KB - Virtual size: 272KB

.rsrc
Size: 1KB - Virtual size: 1KB