5bde967ce39565e4b944bd0f72dd22b3

Sharing

Copy URL Twitter E-mail

General

Target

5bde967ce39565e4b944bd0f72dd22b3
Size

377KB
MD5

5bde967ce39565e4b944bd0f72dd22b3
SHA1

f5e1bdee9c84f494ef3207f763ae493bf871c91f
SHA256

c61f5eb62330d056eda3a4a2c25290f30822a8482a560038ca41102eed4d4235
SHA512

3418733269525dd07a32494094e5b6cf6f62fec0dd743409aeaa3c782c76d486cd655e740300906c94a79a66c4a60e7ee7957bd2b51d8f50e259e5624912d301
SSDEEP

6144:iEDXYp8PxGu3pXPkCTPCdQJTefJ7qey7B9kHeVWfSQqPmA7feTpoXGTd1NHbzd30:hrYp85v5/RGuBefJWey7B9TAVqRTWTdK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bde967ce39565e4b944bd0f72dd22b3

Files

5bde967ce39565e4b944bd0f72dd22b3
.exe windows:1 windows x86 arch:x86

45f3bc2dfff26da98fd0934c70367fe9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHGetSpecialFolderPathW
SHQueryRecycleBinW
SHGetFileInfo
SHGetUnreadMailCountW
SHGetImageList
SHGetDiskFreeSpaceA
SHGetDesktopFolder
SHLoadInProc
SHGetInstanceExplorer
SHGetDataFromIDListA
SHGetSpecialFolderLocation
SHQueryRecycleBinA

rtutils

RouterGetErrorStringA
TraceDeregisterExW
TraceVprintfExW
RouterLogEventStringW
TracePutsExA
RouterGetErrorStringW

gdi32

GetStockObject
CreateCompatibleBitmap
GetTextExtentPoint32W

glu32

gluPickMatrix
gluPwlCurve
gluErrorUnicodeStringEXT
gluEndCurve
gluNurbsCallback
gluDisk
gluNurbsSurface
gluBuild2DMipmaps
gluProject
gluQuadricOrientation
gluNurbsProperty
gluQuadricTexture

user32

DrawFrameControl
RegisterWindowMessageW
DeferWindowPos
GetIconInfo
LoadCursorW
GetMessagePos
GetSystemMetrics
FillRect
GetWindowLongW
MoveWindow
PostQuitMessage
LoadBitmapW
ReleaseCapture
SetParent
GetWindowThreadProcessId
GetNextDlgTabItem
EndDeferWindowPos
LoadAcceleratorsW
SetWindowLongW
GetDoubleClickTime
GetDC
EnableWindow
GetFocus
SetWindowPos
CharNextW
MessageBeep
IsWindowEnabled

apphelp

ApphelpGetFileAttributes
SdbGetStandardDatabaseGUID
ApphelpQueryModuleData
SdbReadStringTagRef
SdbQueryData
ShimFlushCache
SdbReadBinaryTag
SdbGetMsiPackageInformation
SdbFindNextTag
SdbGetTagFromTagID
SdbReadEntryInformation
SdbFindFirstTag
SdbGrabMatchingInfoEx
ApphelpCheckIME
ApphelpGetNTVDMInfo
SdbGetDatabaseMatch

kernel32

CloseHandle
lstrcpyW
VirtualFree
HeapSetInformation
lstrcmpiW
GetFileSize
DeleteFileW
GetStartupInfoW
HeapQueryInformation
VirtualAlloc
lstrcmpW
GetCommandLineW
LocalFree
AddAtomW
HeapCreate
SetCurrentDirectoryW
CreateDirectoryW

msvcrt

wcschr
_controlfp
_adjust_fdiv
wcstoul
_ultow
__p__fmode
wcsrchr
_onexit
_c_exit
??1type_info@@UAE@XZ
iswdigit
_cexit
swprintf
__p__commode
_exit
?what@exception@@UBEPBDXZ

Sections

.text
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 796KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45f3bc2dfff26da98fd0934c70367fe9

Headers

DLL Characteristics

File Characteristics

Imports

shell32

rtutils

gdi32

glu32

user32

apphelp

kernel32

msvcrt

Sections

.text Size: 197KB - Virtual size: 197KB

.data Size: 7KB - Virtual size: 7KB

.rsrc Size: 171KB - Virtual size: 796KB

.text
Size: 197KB - Virtual size: 197KB

.data
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 171KB - Virtual size: 796KB