5b1163be18794458dbb11797415111ab61d9cd946395ac417aa9a5b38ab75fd8[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

5b1163be18794458dbb11797415111ab61d9cd946395ac417aa9a5b38ab75fd8.exe
Size

10.1MB
MD5

41ba5678a81003f4f12cfda4c800f61f
SHA1

2a706504ab956cfaba611e9551111b7b004a0ed6
SHA256

5b1163be18794458dbb11797415111ab61d9cd946395ac417aa9a5b38ab75fd8
SHA512

ef9f906774ef70c758d300f0968e8be8b0503c572bd189f1db3fc88c9ccf574f51a29d5b6bc3a7d80864e2c928623c5f1966226f9bbd56f7e362f39fbd0a8b03
SSDEEP

98304:uclJnZAFxnizopE3Kn8209jHJZ4Ovwvlr51pUXGiQwFZ28VmC7QpE1VJsv6tWKFc:HlIFxjp4R2i2EueVJsv6tWKFdu9CiH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b1163be18794458dbb11797415111ab61d9cd946395ac417aa9a5b38ab75fd8.exe

Files

5b1163be18794458dbb11797415111ab61d9cd946395ac417aa9a5b38ab75fd8.exe
.exe windows:5 windows x86 arch:x86

d09b2488e5fb35b9b62702629e03a283

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libcurl

curl_global_cleanup
curl_slist_append
curl_slist_free_all
curl_easy_strerror
curl_easy_init
curl_easy_setopt
curl_easy_perform
curl_easy_cleanup
curl_global_init

gdi32

SelectObject
CreateDIBSection
GdiFlush
BitBlt
OffsetRgn
GetDeviceCaps
CreateCompatibleBitmap
CreateDCW
EnumFontFamiliesExW
CreateFontIndirectW
GetFontData
GetStockObject
AddFontResourceExW
RemoveFontResourceExW
SelectClipRgn
RemoveFontMemResourceEx
GetTextMetricsW
GetObjectW
GetTextFaceW
ChoosePixelFormat
DescribePixelFormat
GetPixelFormat
SetPixelFormat
SwapBuffers
GetBitmapBits
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetGlyphOutlineW
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetCharABCWidthsI
SetBkMode
SetGraphicsMode
SetTextColor
SetTextAlign
SetWorldTransform
ExtTextOutW
GetRegionData
GetDIBits
DeleteObject
DeleteDC
CreateRectRgn
CreateCompatibleDC
CombineRgn
AddFontMemResourceEx
CreateBitmap

ole32

OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
CoCreateGuid
CoInitialize
OleUninitialize
OleInitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
CoCreateInstance
DoDragDrop
CoTaskMemFree
ReleaseStgMedium
CoGetMalloc
CoTaskMemAlloc
StringFromGUID2
CoUninitialize
OleGetClipboard

imm32

ImmGetDefaultIMEWnd
ImmGetVirtualKey
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmNotifyIME
ImmGetCompositionStringW
ImmAssociateContext
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

oleaut32

SysAllocStringLen
SysFreeString
SystemTimeToVariantTime
VariantChangeType
VariantInit
SysStringLen
SysAllocString

shell32

CommandLineToArgvW
SHGetSpecialFolderPathW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
SHGetFileInfoW
ShellExecuteW

advapi32

RegSetValueExW
OpenProcessToken
CopySid
FreeSid
GetLengthSid
GetTokenInformation
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegFlushKey
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegEnumValueW
RegQueryInfoKeyW

kernel32

LoadLibraryExW
SetLastError
GetCommandLineA
ExitThread
FreeLibraryAndExitThread
GetConsoleMode
ReadConsoleW
InitializeCriticalSectionAndSpinCount
EncodePointer
RtlUnwind
RaiseException
InitializeSListHead
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
CreateMutexW
ReleaseMutex
GetConsoleOutputCP
SetFileAttributesW
SetStdHandle
HeapFree
HeapAlloc
DecodePointer
HeapReAlloc
GetLastError
GetVolumeInformationW
GetProcAddress
lstrcmpW
GetLongPathNameW
GetDriveTypeW
GetCurrentThreadId
GetModuleHandleW
LocalFree
FormatMessageW
IsValidLanguageGroup
IsValidLocale
SetErrorMode
ExpandEnvironmentStringsW
CloseHandle
CreateProcessW
GetUserDefaultLangID
CheckRemoteDebuggerPresent
EnumSystemLocalesW
GlobalAlloc
GlobalLock
GlobalUnlock
GetLocaleInfoW
LoadLibraryA
GlobalSize
GetCurrentProcessId
CreateFileW
ReadFile
SetFilePointer
WriteFile
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
WideCharToMultiByte
GetConsoleWindow
ExitProcess
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
OutputDebugStringW
CompareStringW
GetUserDefaultLCID
GetSystemTime
GetLocalTime
GetCommandLineW
SetEvent
WaitForSingleObjectEx
CreateEventW
DuplicateHandle
WaitForSingleObject
Sleep
WaitForMultipleObjects
GetCurrentProcess
SwitchToThread
CreateThread
GetCurrentThread
SetThreadPriority
GetThreadPriority
TerminateThread
ResumeThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemInfo
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount
GetSystemDirectoryW
LoadLibraryW
LCMapStringW
ResetEvent
GetDateFormatW
GetTimeFormatW
GetCurrencyFormatW
GetUserDefaultUILanguage
GetFileAttributesExW
GetCurrentDirectoryW
CreateDirectoryW
DeleteFileW
FindClose
FindFirstFileW
GetFileAttributesW
GetFileInformationByHandle
GetFullPathNameW
GetLogicalDrives
RemoveDirectoryW
GetTempPathW
DeviceIoControl
CopyFileW
MoveFileW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
FlushFileBuffers
GetFileType
SetEndOfFile
SetFilePointerEx
MoveFileExW
GetStartupInfoW
GetModuleFileNameW
HeapSize
FreeEnvironmentStringsW
GetStdHandle
ConnectNamedPipe
CreateNamedPipeW
TerminateProcess
GetExitCodeProcess
GetProcessId
MultiByteToWideChar
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextChangeNotification
FindFirstFileExW
FindNextFileW
FreeLibrary
GetModuleHandleExW
GetTimeZoneInformation
GetGeoInfoW
GetUserGeoID
ReadFileEx
PeekNamedPipe
CancelIo
SleepEx
GetModuleHandleA
WriteFileEx
GetFileSizeEx
GetCPInfo
IsValidCodePage
GetACP
GetOEMCP
SetEnvironmentVariableW
GetProcessHeap
GetStringTypeW
WriteConsoleW
OpenProcess
GetEnvironmentStringsW

user32

SetForegroundWindow
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
SetWindowTextW
GetWindowRect
AdjustWindowRectEx
SetCursor
ClientToScreen
ScreenToClient
GetWindowLongW
SetWindowLongW
GetParent
SetParent
GetWindowThreadProcessId
DestroyCursor
DestroyIcon
GetAncestor
GetKeyboardLayoutList
UnregisterClassW
GetClassInfoW
RegisterClassExW
GetFocus
GetClientRect
GetCursorPos
ChildWindowFromPointEx
GetSysColorBrush
LoadImageW
GetMonitorInfoW
EnumDisplayMonitors
LoadIconW
SetClipboardViewer
ChangeClipboardChain
RegisterClipboardFormatW
GetAsyncKeyState
GetKeyboardLayout
RegisterWindowMessageW
CreateCaret
DestroyCaret
HideCaret
SetCaretPos
PeekMessageW
IsZoomed
GetKeyState
GetKeyboardState
GetForegroundWindow
ToUnicode
MapVirtualKeyW
GetMenu
TrackPopupMenuEx
SetMenuItemInfoW
NotifyWinEvent
SetCursorPos
GetCursor
LoadCursorW
CreateCursor
CreateIconIndirect
GetIconInfo
GetCursorInfo
RegisterClassW
GetClipboardFormatNameW
TrackMouseEvent
GetMessageExtraInfo
GetWindowTextW
EnumWindows
RealGetWindowClassW
MessageBoxW
DrawIconEx
TranslateMessage
DispatchMessageW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
PostThreadMessageW
CharNextExA
IsWindow
GetDoubleClickTime
ReleaseCapture
SetCapture
GetCapture
SetFocus
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindowEx
ShowWindow
IsChild
SetWindowRgn
DestroyWindow
DefWindowProcW
SystemParametersInfoW
GetSysColor
GetSystemMetrics
EnableMenuItem
GetSystemMenu
ReleaseDC
GetDC
CreateWindowExW
AttachThreadInput
PostMessageW
SendMessageW
GetDesktopWindow
GetCaretBlinkTime
ToAscii
MessageBeep

ws2_32

WSAAsyncSelect

Sections

.text
Size: 6.7MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d09b2488e5fb35b9b62702629e03a283

Headers

DLL Characteristics

File Characteristics

Imports

libcurl

gdi32

ole32

imm32

winmm

oleaut32

shell32

advapi32

kernel32

user32

ws2_32

Sections

.text Size: 6.7MB - Virtual size: 6.7MB

.rdata Size: 3.0MB - Virtual size: 3.0MB

.data Size: 111KB - Virtual size: 150KB

.qtmetad Size: 2KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 13B

.gfids Size: 512B - Virtual size: 364B

_RDATA Size: 1024B - Virtual size: 560B

.rsrc Size: 60KB - Virtual size: 59KB

.reloc Size: 214KB - Virtual size: 213KB

.text
Size: 6.7MB - Virtual size: 6.7MB

.rdata
Size: 3.0MB - Virtual size: 3.0MB

.data
Size: 111KB - Virtual size: 150KB

.qtmetad
Size: 2KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 13B

.gfids
Size: 512B - Virtual size: 364B

_RDATA
Size: 1024B - Virtual size: 560B

.rsrc
Size: 60KB - Virtual size: 59KB

.reloc
Size: 214KB - Virtual size: 213KB