c5341cb7a41de084c7d88b1bd5870a51

General

Target

c5341cb7a41de084c7d88b1bd5870a51
Size

73KB
MD5

c5341cb7a41de084c7d88b1bd5870a51
SHA1

cbd9fc84da5280909c214b03b864018909250088
SHA256

53d0ce7b2f10926ded6945bf7b8d22de6f9ee3df96e0f72e3472fece6333ff36
SHA512

d6e76d16e9006ea60bc67d06e944c5c92ff94cf54778820bf395743425b6d106c49db4e69ebd3a1738a1e4028d02b332aaedb969f4f615a25a2a4ca409a84d1c
SSDEEP

1536:0LEt4ihoKQt89qqmqlczmtEUqC2RJtJfZOrhkotHcLDHYg4YFw:IEt47989q+lA9ltdihnZcLgYy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5341cb7a41de084c7d88b1bd5870a51

Files

c5341cb7a41de084c7d88b1bd5870a51
.exe windows:5 windows x86 arch:x86

013afc2798118a697d210b1df03cfece

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetFileSecurityW
CryptVerifySignatureA
RegRestoreKeyA
RegQueryInfoKeyA
PrivilegeCheck
StartServiceA
LsaCreateAccount
WmiQuerySingleInstanceW
CryptEnumProvidersW

gdi32

GetOutlineTextMetricsA
CreateDCW
CreateFontIndirectExA
ResizePalette
AddFontResourceA
OffsetRgn

ole32

CoGetCallContext
CoTaskMemAlloc
StringFromCLSID
OleCreateLinkFromData
CoGetCancelObject
OleCreateEmbeddingHelper
HMETAFILE_UserMarshal

kernel32

VirtualBufferExceptionHandler
GetCommMask
CreateWaitableTimerW
GetConsoleNlsMode
SetWaitableTimer
FindNextChangeNotification
AssignProcessToJobObject
CreateVirtualBuffer
ResumeThread
SetTimeZoneInformation
UnregisterWait
WaitForSingleObject
ReadConsoleOutputAttribute
DisableThreadLibraryCalls
EnumDateFormatsA

user32

DdeGetQualityOfService
PostThreadMessageA
DdeAddData
IsWindowVisible
SetDebugErrorLevel
SetWindowContextHelpId
OemToCharW
TranslateMDISysAccel

msvcrt

_i64tow
__p__pctype
_sleep
_ultoa
strlen
ldexp
modf
_wtoi64
_strnicoll
getwc

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

013afc2798118a697d210b1df03cfece

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

gdi32

ole32

kernel32

user32

msvcrt

Sections

.text Size: 69KB - Virtual size: 69KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 121KB

.text
Size: 69KB - Virtual size: 69KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 121KB