5ba96114ad7f1813b3bb486f4c03248a

General

Target

5ba96114ad7f1813b3bb486f4c03248a
Size

36KB
MD5

5ba96114ad7f1813b3bb486f4c03248a
SHA1

c2d0ac1439b4cc1c2ef9d26453448622a22d2787
SHA256

429d25d5e3e5a4262dd30e6911f5ea79eda4ad71982696328a951c82ae1fcc2f
SHA512

4ff2bf20833076dd3fb3250c65134a396129daf279919a71e0eb3257de8eb43a4f5d0e0c83e520d8a2b93f2aa9e0e6c1bbbc4442c08fa05f1f9b0b54e8ae8b73
SSDEEP

384:7UCGErMZbdncU45FH9LrEvmA3XsjrBGtUYnK1c:7ZG/RcVH9Sm6XsfB6pK1c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ba96114ad7f1813b3bb486f4c03248a

Files

5ba96114ad7f1813b3bb486f4c03248a
.exe windows:4 windows x86 arch:x86

346fe8b35b8f488552a75c375248907e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
CreateFileA
GetSystemDirectoryA
FreeLibrary
GetModuleHandleA
Module32Next
lstrcmpA
Module32First
CreateToolhelp32Snapshot
GetCurrentProcessId
GlobalFree
MapViewOfFile
CreateThread
WriteFile
ReadFile
GetFileSize
GetProcAddress
LoadLibraryA
GetModuleFileNameA
IsDebuggerPresent
SetUnhandledExceptionFilter
RtlUnwind
ReadProcessMemory
WriteProcessMemory
UnmapViewOfFile
GetVersionExA
lstrlenA
GetCurrentProcess
CloseHandle
GlobalAlloc
lstrcatA
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime

user32

wsprintfA
MessageBoxA

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegCreateKeyExA

ws2_32

select
recv
WSACleanup
htons
inet_addr
WSAStartup
ioctlsocket
listen
bind
connect
__WSAFDIsSet
closesocket
send
accept
socket

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

SCRYPT
Size: 93B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

346fe8b35b8f488552a75c375248907e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 132KB

.CRT Size: 4KB - Virtual size: 8B

.rsrc Size: 4KB - Virtual size: 176B

SCRYPT Size: 93B - Virtual size: 4KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 132KB

.CRT
Size: 4KB - Virtual size: 8B

.rsrc
Size: 4KB - Virtual size: 176B

SCRYPT
Size: 93B - Virtual size: 4KB