5bbb3f30fd2cdab696f7ee94ef0c0cfb

Sharing

Copy URL Twitter E-mail

General

Target

5bbb3f30fd2cdab696f7ee94ef0c0cfb
Size

166KB
MD5

5bbb3f30fd2cdab696f7ee94ef0c0cfb
SHA1

0e54cb10b9259a2b31ea5a51293d08441817caf5
SHA256

8602bb781a39b2ab99aaf8a4f2565ec5b62f808c9b5b138f231ad42d45c98abe
SHA512

0b3095561ca95af6ce508c9e46b5b415804420138b1c552ece9258be1b21fead0b7604c57c4c9505fa0ed685c13820a28dd5dd609bbcd86801608abe599591db
SSDEEP

3072:LrJrurwsaTSpkRFTuJOGbR9Y0IYVjMy14Y3tfD/ZX3MPM:fJrwws2SK6bR9Y0IYVdd7/F8P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bbb3f30fd2cdab696f7ee94ef0c0cfb

Files

5bbb3f30fd2cdab696f7ee94ef0c0cfb
.exe windows:4 windows x86 arch:x86

704e1fdf4bd09bc40f594b19e53be6df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

user32

GetWindowTextW
GetSysColor
LoadCursorW
CheckMenuItem
IsWindowEnabled
GetParent
EnableWindow
EnableMenuItem
ModifyMenuW
GetMenuCheckMarkDimensions
GetLastActivePopup
ReleaseDC
LoadBitmapW
MessageBoxW
GetWindowLongW
GetSystemMetrics
GetDC
GetSysColorBrush

shlwapi

PathFileExistsW
PathAppendW
PathFindFileNameW
PathFindExtensionW

kernel32

QueryPerformanceCounter
GetCPInfo
GetFileType
UnhandledExceptionFilter
HeapReAlloc
HeapAlloc
GetCommandLineA
GetShortPathNameW
VirtualFree
GetTickCount
LCMapStringW
VirtualAlloc
HeapFree
GetCurrentProcessId
VirtualProtect
TerminateProcess
GetProcessAffinityMask
SetUnhandledExceptionFilter
HeapSize
GetOEMCP
VirtualQuery
EnumResourceTypesW
LCMapStringA
GetCurrentProcess
SetStdHandle
RtlUnwind
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadWritePtr
GetFileAttributesA
SetFilePointer
WriteFile
GetSystemInfo
FreeEnvironmentStringsW
HeapDestroy
GetStringTypeA
FlushFileBuffers
GetModuleFileNameA
IsBadReadPtr
GetSystemTimeAsFileTime
GetStdHandle
GetStartupInfoA
HeapCreate
GetStringTypeW
SetHandleCount
IsBadCodePtr
ExitProcess

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

shell32

SHGetSpecialFolderPathW

ole32

CoCreateInstance
CoUninitialize
CoInitialize

gdi32

CreateBitmap
PtVisible
TextOutW
SetWindowExtEx
RectVisible
SetViewportOrgEx
RestoreDC
ExtTextOutW
SetBkColor
GetClipBox
SetTextColor
OffsetViewportOrgEx
SelectObject
DeleteObject
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
Escape
DeleteDC
GetDeviceCaps
SetViewportExtEx
SetMapMode
GetStockObject

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

704e1fdf4bd09bc40f594b19e53be6df

Headers

File Characteristics

Imports

advapi32

user32

shlwapi

kernel32

winspool.drv

shell32

ole32

gdi32

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 66KB - Virtual size: 65KB

.tls Size: 1024B - Virtual size: 104KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 66KB - Virtual size: 65KB

.tls
Size: 1024B - Virtual size: 104KB