c5902e131eb3b142d05206dbe3e91d40

General

Target

c5902e131eb3b142d05206dbe3e91d40
Size

392KB
MD5

c5902e131eb3b142d05206dbe3e91d40
SHA1

5fe9319069567820c246765a2b3ca3e2f7ac656a
SHA256

eb6082c6a14d8e3b3138b59151aa2fe02a3ed6ffd75c8ab010f93d9282ac7ea9
SHA512

4a028a3093e373591b40b14e29a06bdf86e37fe4dc743653118828573db974e3305b70ee01253543579b38149184c6fb1db3c9c4cfdee8fab5fbeb5d35ea9df8
SSDEEP

12288:yuq3y1xrvHsQVqoV3Th+9kms0mSXKXWabO7:yuq3IVEorvFQamE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5902e131eb3b142d05206dbe3e91d40

Files

c5902e131eb3b142d05206dbe3e91d40
.exe windows:5 windows x86 arch:x86

ac5b596b27f6b5284beb062bbb361042

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleDuplicateData
CoDisableCallCancellation
IIDFromString
OleConvertIStorageToOLESTREAMEx
CoTestCancel
WriteOleStg
CoSuspendClassObjects

advapi32

LookupPrivilegeNameW
ConvertToAutoInheritPrivateObjectSecurity
LsaEnumeratePrivilegesOfAccount
BuildTrusteeWithObjectsAndSidA
WmiExecuteMethodA
DestroyPrivateObjectSecurity
LsaGetSystemAccessAccount
CryptHashData
SystemFunction017

kernel32

Process32NextW
SetTapePosition
SetEvent
BuildCommDCBW
CreateDirectoryA
GetOEMCP
GetQueuedCompletionStatus
VerLanguageNameW
FindAtomA
UnregisterConsoleIME
TransactNamedPipe
QueryInformationJobObject
AssignProcessToJobObject
GetNextVDMCommand
GetNumberFormatW

msvcrt

abs
_putch
_adj_fdiv_m32
_findnext
setvbuf
_fstat
longjmp
_assert
_getdrive
wcscmp

user32

SwitchDesktop
LoadStringA
GetMouseMovePointsEx
VkKeyScanA
TileChildWindows
IsWindowUnicode
DdeInitializeW
PostQuitMessage

gdi32

SetFontEnumeration
CreateBitmap
GdiEntry10
EngGetDriverName
EnumFontFamiliesExA
GetKerningPairsW

Sections

.text
Size: 388KB - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 557KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac5b596b27f6b5284beb062bbb361042

Headers

DLL Characteristics

File Characteristics

Imports

ole32

advapi32

kernel32

msvcrt

user32

gdi32

Sections

.text Size: 388KB - Virtual size: 388KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 557KB

.text
Size: 388KB - Virtual size: 388KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 557KB