lua5[.]1[.]exe

General

Target

lua5.1.exe
Size

17KB
MD5

f58f5a2bb8f0e0e8313efb77b372ee14
SHA1

97e770e4d7b101318d11ca457b105bafa69b1d34
SHA256

c9bf063327f6a719aa2d2c25a13a6fb006eba3f23b53bcd6a629dc04507c18b6
SHA512

621dad923bcc07ebd83e173af4952ebded5315748aed593e7a2a6c33921c3d8006e1a645e246fb3a3372cb890e76a04618e362a3670c6c00bb34baee3cdfca2c
SSDEEP

192:SDstvI9gTIPGyTSL1poOTLidOtB/8K3uBe0gY/Cggqi3pTyGPSiLGEI2:ZBI9gTIPGymLg+WotpWfgY/CgU3nSxEh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
lua5.1.exe

Files

lua5.1.exe
.exe windows:4 windows x64 arch:x64

ed891056c65e8cfc9802cb1541aec1d6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

lua5.1

luaL_loadfile
lua_pcall
lua_pushcclosure
lua_setfield
lua_type
luaL_checkstack
lua_createtable
luaL_newstate
lua_tolstring
lua_touserdata
lua_rawseti
luaL_error
luaL_loadbuffer
lua_isstring
lua_pushlstring
lua_settop
lua_insert
lua_gettop
lua_concat
lua_pushfstring
lua_pushvalue
lua_close
lua_getfield
luaL_openlibs
lua_gc
lua_pushstring
lua_pushinteger
lua_sethook
lua_remove
lua_call
lua_objlen
lua_cpcall

msvcr80

_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
__crt_debugger_hook
__set_app_type
_encode_pointer
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
exit
signal
fflush
fgets
fprintf
_fileno
getenv
_isatty
fputs
strstr
__iob_func
_amsg_exit
__getmainargs
__C_specific_handler
_XcptFilter
_exit
_cexit

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed891056c65e8cfc9802cb1541aec1d6

Headers

DLL Characteristics

File Characteristics

Imports

lua5.1

msvcr80

kernel32

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1024B - Virtual size: 540B

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 540B

.rsrc
Size: 3KB - Virtual size: 2KB