5b7d3fbdef0bf12913e0eb9d47884c3e

Sharing

Copy URL Twitter E-mail

General

Target

5b7d3fbdef0bf12913e0eb9d47884c3e
Size

203KB
MD5

5b7d3fbdef0bf12913e0eb9d47884c3e
SHA1

5a1d2e3cd0eb5e6d1f59f7fb16cb20fc06094178
SHA256

d26252f92e07457a7be640c852ef8292c4f5d519b2913aa07f9a28c3d479fa80
SHA512

b023a492e4086952f457a8966673bb74d71975fdc0019c230649ace18ca00efb7d90690f1d96042f0f8652ba75771e2e0bc5b62521b1c94d81336964ec2626d3
SSDEEP

1536:6qYFwINJwBth3RJQH0zKeLl50AnHjFsEEuKop21MbcPukvRdEEvUAEZZkrYNoqEt:hYCIoBt9R+H0lwVRzUfZQaoqJE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b7d3fbdef0bf12913e0eb9d47884c3e

Files

5b7d3fbdef0bf12913e0eb9d47884c3e
.dll windows:4 windows x86 arch:x86

d24cac5273bf84d172a0503d95b59156

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
IsBadWritePtr
ReadProcessMemory
GetCurrentProcess
Beep
WriteProcessMemory
Sleep
CreateThread
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
CloseHandle
GetVersionExA
IsBadReadPtr
HeapValidate
GetCommandLineA
GetVersion
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
FatalAppExitA
HeapAlloc
HeapReAlloc
HeapFree
GetLastError
HeapDestroy
HeapCreate
VirtualFree
TerminateProcess
VirtualAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetConsoleCtrlHandler
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
SetFilePointer
RtlUnwind
LCMapStringA
LCMapStringW
SetStdHandle
FlushFileBuffers
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetEnvironmentVariableA

user32

SetTimer
SetWindowTextA
MessageBeep
GetAsyncKeyState
FindWindowA

Sections

.text
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d24cac5273bf84d172a0503d95b59156

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 164KB - Virtual size: 160KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 12KB - Virtual size: 16KB

.idata Size: 4KB - Virtual size: 2KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 164KB - Virtual size: 160KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 12KB - Virtual size: 16KB

.idata
Size: 4KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 5KB