d5abb6bcabb7786d60ab0a39e5a1d6923448d5d6fe544615bb972684b8737fc5

General

Target

d5abb6bcabb7786d60ab0a39e5a1d6923448d5d6fe544615bb972684b8737fc5
Size

96KB
MD5

d80bc95719ac0779b252442158b90bf2
SHA1

f35185b28f6184838d46811fd775f5c187a82e26
SHA256

d5abb6bcabb7786d60ab0a39e5a1d6923448d5d6fe544615bb972684b8737fc5
SHA512

f466511568db1c88df781768967604a4144c32bf5da33b72277e29b0c6d254d43b264f2bbc2c6b4e4663c4266b066dca6aa787ed94abba37d17a3d2915f7ceb4
SSDEEP

768:ycqpBlOR8bvUvqwN60aiTL2drfqe6Xqlx2dl+j17SbAYAIfg1oDpWeBk:yc888ovRAuTLCzqe6Xqidl+p7QdCuPB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5abb6bcabb7786d60ab0a39e5a1d6923448d5d6fe544615bb972684b8737fc5

Files

d5abb6bcabb7786d60ab0a39e5a1d6923448d5d6fe544615bb972684b8737fc5
.dll windows:4 windows x86 arch:x86

b04e483e20989c8f23308921714b92d2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Module32First
GetExitCodeThread
TerminateThread
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapFree
IsBadReadPtr
GetTickCount
CloseHandle
GetTempPathA
CreateFileA
DeleteFileA
CopyFileA
SetFileAttributesA
FindClose
FindNextFileA
RemoveDirectoryA
FindFirstFileA
Sleep
FreeLibrary
GetProcAddress
LoadLibraryA
MoveFileA
CreateDirectoryA
WriteFile
CreateThread

user32

PeekMessageA
DispatchMessageA
wsprintfA
MessageBoxA
GetWindowThreadProcessId
GetMessageA
TranslateMessage

msvcrt

strchr
realloc
_ftol
srand
??3@YAXPAX@Z
strrchr
??2@YAPAXI@Z
free
malloc
sprintf
atoi
modf

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA

shlwapi

PathFileExistsA

Exports

Exports

AAA

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 910B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b04e483e20989c8f23308921714b92d2

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

shlwapi

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 64KB - Virtual size: 62KB

.rsrc Size: 4KB - Virtual size: 664B

.reloc Size: 4KB - Virtual size: 910B

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 64KB - Virtual size: 62KB

.rsrc
Size: 4KB - Virtual size: 664B

.reloc
Size: 4KB - Virtual size: 910B