b5ff65e2a3bfb5bbfb96cd1b678df9ba

Sharing

Copy URL Twitter E-mail

General

Target

b5ff65e2a3bfb5bbfb96cd1b678df9ba
Size

200KB
MD5

b5ff65e2a3bfb5bbfb96cd1b678df9ba
SHA1

9d6260f87422577d3bde001abe27c675d430d002
SHA256

6474e08824dbb4a7f2a22e181b95ec9aab42d190cfb200625869ffce3932d446
SHA512

d0e7a5cef0af6f6c6a98f583374a2d7644548dc1e38cee83cecfa89ba953c1b6eda1711defc69215b579efbe5f7b4fe1724741992ce18688009fe25c12f3ec61
SSDEEP

3072:um9mZDjAgHIDjCRFPQK8p2Lo0Kx5gokMqqDLy/nAoftc9fLKQiKx3S:agKdRF1+24vqqDLunpQ0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5ff65e2a3bfb5bbfb96cd1b678df9ba

Files

b5ff65e2a3bfb5bbfb96cd1b678df9ba
.dll windows:4 windows x86 arch:x86

8d4acad3ca5c073aebf6c8e3f3e009e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadResource
FindResourceExW
GetProcAddress
InterlockedCompareExchange
lstrlenW
DisableThreadLibraryCalls
LoadLibraryW
CreateThread
WaitForMultipleObjects
ResetEvent
SetEvent
lstrcmpiW
GlobalSize
GlobalLock
MulDiv
LockResource
GetTimeFormatW
FindResourceW
GetDateFormatW
GlobalUnlock
GetLocalTime
DeleteFileW
MoveFileW
GetFileAttributesW
GetVersionExW
GetVersion
CreateDirectoryW
ResumeThread
CompareStringW
GetModuleHandleW
GetCommandLineW
GetStringTypeA
OutputDebugStringA
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
VirtualAlloc
HeapAlloc
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
GetModuleHandleA
ExitProcess
RtlUnwind
FreeLibrary
LoadLibraryExW
GetStringTypeW
GlobalFree
GlobalAlloc
CloseHandle
WideCharToMultiByte
InterlockedExchange
Sleep
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetCommandLineA
SetUnhandledExceptionFilter
LCMapStringW
VirtualProtect

user32

GetSubMenu
GetParent
InvalidateRect
GetSysColor
ShowWindow
PostQuitMessage
ReleaseCapture
DefWindowProcW
InflateRect
EndPaint
BeginPaint
SetWindowLongW
PeekMessageW
PtInRect
TrackMouseEvent
IsWindowEnabled
CopyRect
OffsetRect
UnionRect
SetScrollInfo
GetWindowLongW
GetClientRect
MapWindowPoints
ReleaseDC
GetDC
EqualRect
SendMessageW
DestroyWindow
KillTimer
FillRect
LoadStringW
UpdateWindow
EnableWindow
RegisterClipboardFormatW
SetWindowTextW
UnregisterClassW
GetWindowPlacement
EnableMenuItem
MessageBoxW
SetWindowRgn
SetFocus
CheckMenuItem
LoadMenuW
GetMenuState
SetCursor
GetDesktopWindow
RegisterClassW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
LoadAcceleratorsW
SetForegroundWindow
FindWindowW
SystemParametersInfoW
GetDlgItem
GetScrollInfo

advapi32

RegCloseKey

gdi32

CreateDIBSection
StretchBlt
SelectObject
SetStretchBltMode
GetDeviceCaps
RealizePalette
SelectPalette
DeleteEnhMetaFile
GetEnhMetaFileHeader
CombineRgn
CreateSolidBrush
DeleteObject

ole32

CoUninitialize
CoInitializeSecurity
OleUninitialize
CoInitialize
OleFlushClipboard
RevokeDragDrop
CoTaskMemFree
CoCreateInstance
CoWaitForMultipleHandles
IIDFromString
StringFromGUID2

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d4acad3ca5c073aebf6c8e3f3e009e6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 60KB - Virtual size: 102KB

.rsrc Size: 44KB - Virtual size: 41KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 60KB - Virtual size: 102KB

.rsrc
Size: 44KB - Virtual size: 41KB

.reloc
Size: 8KB - Virtual size: 5KB