b5a1eb10ae50d25b944c9fd040ab158b

Sharing

Copy URL

Twitter E-mail

General

Target

b5a1eb10ae50d25b944c9fd040ab158b
Size

170KB
MD5

b5a1eb10ae50d25b944c9fd040ab158b
SHA1

d39dc7448e50c2829a8259e5ffe54e6b301a8381
SHA256

e524d43681c4d20727a96c248b5d64e85a928e9672b9439ec005c40574389bdc
SHA512

8b05adde67128bb2e854f94a35fb58de506e91a059edd92340e91979745282736f6156f35b9c40f89fc0adf439ba43377bf93283269bf51de18407bc3f200100
SSDEEP

1536:P9iaeyD7aDUaYavcFjRo8ibiv414lEwoajX80iGBPTYTFaCsw1Tg0FUHlH1iQ9yn:FiajUQjS8qivll77EsTYBlsvt1iMyV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5a1eb10ae50d25b944c9fd040ab158b

Files

b5a1eb10ae50d25b944c9fd040ab158b
.exe windows:5 windows x86 arch:x86

37f76fe318b65bf05cf4bd4795013493

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetPixel
SetTextAlign
GetClipBox
PatBlt
GetTextMetricsA
LineTo
SaveDC
CreatePalette
SetTextColor
RestoreDC
GetObjectA
GetStockObject
CreatePen
CreateCompatibleDC
DeleteDC
SelectPalette
GetDeviceCaps
CreateSolidBrush
SelectObject
SetStretchBltMode
RectVisible
CreateFontIndirectA
DeleteObject
SetMapMode

kernel32

GetCurrentThreadId
GetWindowsDirectoryA
GetThreadLocale
GetModuleHandleW
lstrcmpA
IsDebuggerPresent
VirtualAlloc
SetCurrentDirectoryA
CopyFileA
QueryPerformanceCounter
GetACP
VirtualFree
GetModuleHandleA
lstrlenA
GlobalFindAtomA
GetVersion
lstrcmpiW
lstrlenW
GetStartupInfoA
DeleteFileW
DeleteFileA
GetCommandLineW
GlobalFindAtomW
MulDiv
GetConsoleOutputCP
GetUserDefaultLangID
GetTickCount
GetCurrentProcess
RemoveDirectoryA
GetCommandLineA
GetCurrentProcessId
lstrcmpiA
GetDriveTypeA
GetOEMCP
GetCurrentThread

user32

CharNextA
TranslateMessage
GetParent
GetSystemMetrics
GetDC
GetDesktopWindow

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Xtjgm, Y
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Bchqkaku
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37f76fe318b65bf05cf4bd4795013493

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

user32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Xtjgm, Y Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 25KB

Bchqkaku Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 31KB - Virtual size: 30KB

.text
Size: 10KB - Virtual size: 10KB

Xtjgm, Y
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 25KB

Bchqkaku
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 31KB - Virtual size: 30KB