5fab39db595056532a2e728c942a26ab6ee297e6512e20fcdfbc750bd3630ced

Sharing

Copy URL Twitter E-mail

General

Target

5fab39db595056532a2e728c942a26ab6ee297e6512e20fcdfbc750bd3630ced
Size

2.3MB
MD5

4fbc07db1484dd0910a20812274d1bba
SHA1

eb6ff2857cdb5e1358b0e712725b845449443913
SHA256

5fab39db595056532a2e728c942a26ab6ee297e6512e20fcdfbc750bd3630ced
SHA512

20c8e590bd0becb98fa2ae08f0e9a403362aab8b20c1542a8447c4e34955a8f64ab843d96d87cb3716b0b8a9af5627b02543965961e230fff6895ac2552ea4da
SSDEEP

49152:JHw90w6I9t73r8b76TkrLWZOGITLIT9xOCaODv8Mg8VQ8cNQI:Lw6J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fab39db595056532a2e728c942a26ab6ee297e6512e20fcdfbc750bd3630ced

Files

5fab39db595056532a2e728c942a26ab6ee297e6512e20fcdfbc750bd3630ced
.dll windows:6 windows x64 arch:x64

e98ad97d8313e422963553c49928797f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
InitializeCriticalSection
CreateMutexW
WaitForSingleObject
ReleaseMutex
CloseHandle
FindFirstFileW
WideCharToMultiByte
LeaveCriticalSection
MultiByteToWideChar
EnterCriticalSection
FindClose
LocalAlloc
FindNextFileW
LocalFree
LCMapStringW
FreeLibrary
SetEvent
GetModuleHandleW
GetProcAddress
LoadLibraryA
GetModuleHandleA
CreateMutexA
GetCurrentProcessId
GetSystemTime
GetPrivateProfileIntA
GetCurrentThreadId
GetWindowsDirectoryA
GetCurrentProcess
Sleep
GetShortPathNameA
CreateEventW
CreateThread
GetSystemDirectoryW
GetModuleFileNameW
FindFirstFileA
GetModuleFileNameA
GetWindowsDirectoryW
SetEndOfFile
SetEnvironmentVariableA
GetStringTypeW
WriteConsoleW
CreateFileW
OutputDebugStringW
CompareStringW
HeapReAlloc
LoadLibraryExW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
FlushFileBuffers
GetTimeZoneInformation
CreateDirectoryW
DeleteFileW
TlsFree
DeleteCriticalSection
InitializeCriticalSectionEx
DecodePointer
GetLastError
RaiseException
TerminateThread
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
EncodePointer
HeapFree
HeapAlloc
ReadFile
FileTimeToLocalFileTime
GetFileInformationByHandle
GetFileType
PeekNamedPipe
FileTimeToSystemTime
GetFileAttributesExW
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
GetCommandLineA
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
ExitProcess
GetModuleHandleExW
AreFileApisANSI
HeapSize
GetProcessHeap
GetStdHandle
WriteFile
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFilePointerEx
GetStartupInfoW
SetStdHandle
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter

user32

MessageBoxW
DestroyWindow
GetWindowRect
GetMessageW
ChangeDisplaySettingsW
SetForegroundWindow
TrackMouseEvent
GetWindowLongPtrW
GetDC
ShowCursor
PeekMessageW
CreateWindowExA
SetWindowPos
ShowWindow
SetWindowLongPtrW
AdjustWindowRect
DefWindowProcW
EnumDisplaySettingsW
DispatchMessageW

gdi32

SetDIBitsToDevice

shell32

SHGetSpecialFolderPathA

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod

ole32

CoCreateInstance

Exports

Exports

Start

Sections

.text
Size: 918KB - Virtual size: 918KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e98ad97d8313e422963553c49928797f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

winmm

ole32

Exports

Exports

Sections

.text Size: 918KB - Virtual size: 918KB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 52KB - Virtual size: 64KB

.pdata Size: 42KB - Virtual size: 42KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 918KB - Virtual size: 918KB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 52KB - Virtual size: 64KB

.pdata
Size: 42KB - Virtual size: 42KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 10KB - Virtual size: 9KB