d5932dab87944288b13df70198e76de9a8e9cd4297ca21e9a091f0b70df3d7c0

Sharing

Copy URL

Twitter E-mail

General

Target

d5932dab87944288b13df70198e76de9a8e9cd4297ca21e9a091f0b70df3d7c0
Size

368KB
MD5

f1f92dacdd2c85bf2692a458e9f8c740
SHA1

bfb344cfade27a568baafd180141c0a5cf96db3f
SHA256

d5932dab87944288b13df70198e76de9a8e9cd4297ca21e9a091f0b70df3d7c0
SHA512

53fefc13fe21205b8598bcf1a96283d3219e7ecc7368c2ab99c0c8d8dabe5deb5330dccfa498dc22168075ca79406ed78fc4b5015b23a538913a5620a53df109
SSDEEP

6144:bXnLCZgLjTZbZB8n0JLi1DDD3hhZ0qun7bch1nmMNvJW5wnvT:b3LZLjTFy0iDP3Zdun7bchJNUU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5932dab87944288b13df70198e76de9a8e9cd4297ca21e9a091f0b70df3d7c0

Files

d5932dab87944288b13df70198e76de9a8e9cd4297ca21e9a091f0b70df3d7c0
.exe windows:5 windows x86 arch:x86

fbfb2f7599ffcfbe8e56ac321b1a7a9b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TzSpecificLocalTimeToSystemTime
AddConsoleAliasA
LoadLibraryExW
SetComputerNameA
GetUserDefaultLangID
GetSystemDefaultLangID
IsBadStringPtrA
CreateDirectoryW
InterlockedCompareExchange
lstrcatA
GetDefaultCommConfigA
GetTickCount
GetLastError
VirtualProtect
LocalAlloc
WriteProcessMemory
FoldStringA
SetLastError
GetWindowsDirectoryW
GetNumberFormatA
GetCalendarInfoA
GetModuleFileNameW
CreateFileW
WriteConsoleW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
IsValidLocale
SetConsoleTextAttribute
SetFileAttributesW
BuildCommDCBA
OpenEventA
GetProcAddress
LoadLibraryW
FindFirstVolumeMountPointW
GetACP
QueryInformationJobObject
LoadLibraryA
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetLocaleInfoW
IsValidCodePage
GetOEMCP
GetSystemTimeAsFileTime
GetCurrentProcessId
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
InterlockedExchange
MultiByteToWideChar
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
HeapFree
RtlUnwind
RaiseException
HeapReAlloc
GetCommandLineW
HeapSetInformation
GetStartupInfoW
LCMapStringW
GetCPInfo
HeapAlloc
IsProcessorFeaturePresent
HeapCreate
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
GetCurrentThreadId
HeapSize
ExitProcess
SetFilePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
CloseHandle

user32

LoadMenuW
GetUserObjectSecurity
DrawCaption
DdeQueryStringA
GetKeyNameTextA
GetWindowTextLengthA
CloseWindow
DdeCmpStringHandles

gdi32

GetPixelFormat
GdiComment
DeleteMetaFile
GetCharacterPlacementW

advapi32

RegOpenKeyW
ReadEventLogA
ReadEventLogW
CloseEventLog
RegisterEventSourceW

ole32

CoMarshalHresult
CoRegisterPSClsid
CoGetClassObject

winhttp

WinHttpCheckPlatform
WinHttpWriteData

msimg32

AlphaBlend

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cepud
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbfb2f7599ffcfbe8e56ac321b1a7a9b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

winhttp

msimg32

Sections

.text Size: 85KB - Virtual size: 84KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 197KB - Virtual size: 2.4MB

.cepud Size: 1024B - Virtual size: 1024B

.rsrc Size: 62KB - Virtual size: 62KB

.text
Size: 85KB - Virtual size: 84KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 197KB - Virtual size: 2.4MB

.cepud
Size: 1024B - Virtual size: 1024B

.rsrc
Size: 62KB - Virtual size: 62KB