b5b92b73d6c19bc4fc29724cc18fc92e

Sharing

Copy URL

Twitter E-mail

General

Target

b5b92b73d6c19bc4fc29724cc18fc92e
Size

378KB
MD5

b5b92b73d6c19bc4fc29724cc18fc92e
SHA1

bbef7e16aa4e0f8c19423e6fd76c874ae6ec07fc
SHA256

818df247c1a13426b772af67746cd59762b8ea032c0d5d228b762fc034c17130
SHA512

a707a2c3b219db79efb431fc29df6d8434550c19f65121acfd63dbc33ab5e99c7403146aebb4de7411e27da94b4a7853b78a34e55b1375a0290c708984923051
SSDEEP

6144:/4zTcm6V87qHQHfuxUucegnTWBRKd7WocNsvEKGt90b49RTCdkL3RW03O6RM6mH9:uTF92MegTghocNsRLbici31O6M6mGw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5b92b73d6c19bc4fc29724cc18fc92e

Files

b5b92b73d6c19bc4fc29724cc18fc92e
.exe windows:4 windows x86 arch:x86

274e3f9be92fad11d1b2baacb97e8353

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
TransmitCommChar
EnumCalendarInfoExW
DuplicateHandle
SignalObjectAndWait
GetStartupInfoW
SetTimeZoneInformation
SetComputerNameW
EnumTimeFormatsA
GetLargestConsoleWindowSize
FindResourceExA
CreateDirectoryExW
FillConsoleOutputAttribute
LocalSize
SetSystemTimeAdjustment
LocalLock
Module32Next
GetSystemPowerStatus
FindNextFileW
TlsGetValue
FindResourceW
Heap32ListFirst
GetPrivateProfileIntW
TryEnterCriticalSection
GlobalFindAtomA
GetTempPathW
ConnectNamedPipe
WaitForMultipleObjectsEx
WriteConsoleW
GetLocalTime
WriteConsoleOutputAttribute
WritePrivateProfileSectionW
ReadConsoleOutputAttribute
GlobalGetAtomNameW
EnumSystemLocalesA
SetFileAttributesW
WaitForMultipleObjects
OpenEventA
GetDateFormatW
GetSystemInfo
SetLocaleInfoA
ResetWriteWatch
GlobalAddAtomA
GetDateFormatA
lstrcpynA
FindFirstChangeNotificationA
SetThreadPriority
EnumSystemCodePagesW
FillConsoleOutputCharacterW
GetThreadLocale
GetShortPathNameA
GetConsoleCursorInfo
EnterCriticalSection
SetHandleCount
GetMailslotInfo
GetCalendarInfoA
OpenFileMappingA
CreateEventA
LocalCompact
InitAtomTable
LoadLibraryExW
MapViewOfFile
GetUserDefaultLangID
EnumCalendarInfoW
MoveFileW
WriteProfileSectionA
SetConsoleCtrlHandler
GetProcessPriorityBoost
WriteConsoleA
VirtualFree
WritePrivateProfileSectionA
SetConsoleTitleW
EnumResourceNamesA
WriteProfileSectionW
GetDriveTypeW
FlushFileBuffers
IsValidLocale
WriteConsoleOutputW
FindFirstFileA
GetPriorityClass
UpdateResourceW
RtlFillMemory
CreateSemaphoreW
SearchPathA
EnumDateFormatsExW
WaitForSingleObject
GetPrivateProfileStringW
WaitForSingleObjectEx
RemoveDirectoryA
CreateFileW
UnlockFile
FindResourceExW
MoveFileExA
lstrcpyA
GetNumberFormatW
FlushViewOfFile
GetEnvironmentStringsA
MulDiv
GetPrivateProfileSectionA
GlobalReAlloc
TerminateThread
EscapeCommFunction
GetCurrentDirectoryA
GetTempFileNameA
GetVersion
UnmapViewOfFile
CloseHandle
SetEnvironmentVariableA
ReleaseMutex
LocalShrink
GetStdHandle
InterlockedIncrement
WriteFile
SetEvent
EnumDateFormatsA
WinExec
GlobalLock
HeapDestroy
GetFileAttributesA
WriteConsoleOutputA
FindNextFileA
FindFirstFileW
SetLocalTime
EnumDateFormatsW
GetSystemDirectoryW
GetSystemTime
SetCurrentDirectoryA
GetEnvironmentStrings
ReadFileEx
FileTimeToDosDateTime
CreateTapePartition
Heap32Next
VirtualQueryEx
BeginUpdateResourceA
SetConsoleCursorInfo
LocalFileTimeToFileTime
UnlockFileEx
GetDriveTypeA
lstrcmpW
FindCloseChangeNotification
WriteConsoleInputA
GetConsoleCP
GetLongPathNameW
OutputDebugStringA
GlobalMemoryStatus
GetEnvironmentVariableW
GetTempFileNameW
EnumResourceNamesW
GetFileTime
LoadResource
GetVolumeInformationA
GetLastError
GetEnvironmentStringsW
GetDiskFreeSpaceA
SetConsoleActiveScreenBuffer
ReadConsoleA
GetProcessShutdownParameters
HeapValidate
VirtualProtectEx
DeleteFiber
EnumTimeFormatsW
DefineDosDeviceW
GetProfileSectionA
GetStringTypeA
lstrlen
MapViewOfFileEx
RtlMoveMemory
SetThreadExecutionState
VirtualFreeEx
SetConsoleTextAttribute
Toolhelp32ReadProcessMemory
ReadProcessMemory
FindFirstFileExA
ResetEvent
GetAtomNameW
GetConsoleTitleA
GetModuleHandleW
GetSystemDirectoryA
GetCurrencyFormatW
GetShortPathNameW
TlsSetValue
RemoveDirectoryW
lstrcpyn
WriteProcessMemory
WaitNamedPipeA
GetConsoleMode
GetFileAttributesW
GetNamedPipeInfo
GetStartupInfoA
GetSystemDefaultLCID
GetCurrentDirectoryW
LockResource
CreateNamedPipeW
ResumeThread
GetProcessHeap
WritePrivateProfileStructA
GetThreadTimes
InitializeCriticalSection
lstrcpy
GetCompressedFileSizeW
GetTimeFormatA
lstrcatA
ReadDirectoryChangesW
GlobalGetAtomNameA
CreateWaitableTimerA
InterlockedDecrement
WriteProfileStringA
CreatePipe
Sleep

shell32

ExtractIconA
SHQueryRecycleBinA
SHFileOperationW
SHGetNewLinkInfo

advapi32

CryptEnumProvidersW
CryptEnumProviderTypesA
RegEnumKeyW
CryptAcquireContextW

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

274e3f9be92fad11d1b2baacb97e8353

Headers

File Characteristics

Imports

kernel32

shell32

advapi32

Sections

.text Size: 82KB - Virtual size: 82KB

.data Size: 277KB - Virtual size: 277KB

.reloc Size: 11KB - Virtual size: 11KB

.bss Size: 5KB - Virtual size: 5KB

.text
Size: 82KB - Virtual size: 82KB

.data
Size: 277KB - Virtual size: 277KB

.reloc
Size: 11KB - Virtual size: 11KB

.bss
Size: 5KB - Virtual size: 5KB