5d03cfacb8ab66539da34e01f768bdd87288670e5eca429f3759b06a2e2b0562

General

Target

5d03cfacb8ab66539da34e01f768bdd87288670e5eca429f3759b06a2e2b0562
Size

292KB
MD5

0e9f86f3458f4ace5e134f7d0892a3a8
SHA1

e9880e17c32f3315214eb28cdc39fa9f43f85d06
SHA256

5d03cfacb8ab66539da34e01f768bdd87288670e5eca429f3759b06a2e2b0562
SHA512

753880ad6fe70bc0ef7e82b70d9b0804049f35906bea9488cf4176a4cbadf50b76b79b148c61b3a6af45348af66bd08f3565b1c662c664a0beec02346e928183
SSDEEP

6144:CTgFA7en1gI5fuJDL8sdwVCRMb1jVPZvoLGdJJV3b5mXp:t/1gsfuJDLhdG6MRjVPZvoC7V3Fm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d03cfacb8ab66539da34e01f768bdd87288670e5eca429f3759b06a2e2b0562

Files

5d03cfacb8ab66539da34e01f768bdd87288670e5eca429f3759b06a2e2b0562
.exe windows:5 windows x64 arch:x64

2c3a34c87d1a5a72279d165a75e702d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

VirtualAlloc
Sleep
GetCommandLineW
GetStartupInfoW
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
RtlUnwindEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
EncodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
GetLastError
FlsAlloc
HeapSetInformation
GetVersion
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
TerminateProcess
GetCurrentProcess
HeapFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WideCharToMultiByte
HeapSize
HeapAlloc
HeapReAlloc
LCMapStringW
MultiByteToWideChar
GetStringTypeW

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c3a34c87d1a5a72279d165a75e702d8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 216KB - Virtual size: 215KB

.data Size: 4KB - Virtual size: 8KB

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 48KB - Virtual size: 48KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 216KB - Virtual size: 215KB

.data
Size: 4KB - Virtual size: 8KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 48KB - Virtual size: 48KB

.reloc
Size: 1KB - Virtual size: 1KB