f5ef9545ee74273d3d314d4c94c0884427f51fcc6927114ba2527e43875b9b27

Sharing

Copy URL Twitter E-mail

General

Target

f5ef9545ee74273d3d314d4c94c0884427f51fcc6927114ba2527e43875b9b27
Size

4.3MB
MD5

8682a3c5ee7adb1b29d94acf5108bbe8
SHA1

cb03aceb5428c951aa44950cc7c67665c58de27c
SHA256

f5ef9545ee74273d3d314d4c94c0884427f51fcc6927114ba2527e43875b9b27
SHA512

3da66098c0b22a7e8f3da11e879e2898a14740ece266c5154562a4500d19a0561e818a36cc236a6371365035471d1e1a0fd0ec4ab7c4d64000fbec5e7694e941
SSDEEP

49152:k5LDMCyCFZNrraB9HySG2Gm1JtLsAgwQgf1+/+/f38sVEIfTopppppyWtG9a:kdDMCyCFZi5cpppppyWtGc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5ef9545ee74273d3d314d4c94c0884427f51fcc6927114ba2527e43875b9b27

Files

f5ef9545ee74273d3d314d4c94c0884427f51fcc6927114ba2527e43875b9b27
.exe windows:4 windows x86 arch:x86

d028a998367c4df74e1931710fff1956

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\dev3\benchmarks\x32\release\Benchmarks32.pdb

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

VirtualFree
VirtualUnlock
VirtualLock
VirtualAlloc
Sleep
SetThreadAffinityMask
CloseHandle
WaitForMultipleObjects
ResumeThread
CreateThread
GetCurrentThread
SetProcessWorkingSetSize
GetProcessWorkingSetSize
GetCurrentProcess
ReadFile
CreateFileA
GetLastError
GetVersionExA
FreeLibrary
GetProcAddress
LoadLibraryA
ExitProcess
GetHandleInformation
GetSystemInfo
QueryPerformanceCounter
SetPriorityClass
GetPriorityClass
GetProcessAffinityMask
SetProcessAffinityMask
QueryPerformanceFrequency
CreateMutexA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
SetThreadPriority
InterlockedExchangeAdd
InterlockedDecrement
InterlockedCompareExchange
SuspendThread
SetEndOfFile
GetLocaleInfoA
GlobalMemoryStatus
UnhandledExceptionFilter
RtlUnwind
HeapAlloc
HeapFree
RaiseException
GetCommandLineA
GetProcessHeap
TerminateProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
SetFilePointer
HeapReAlloc
HeapDestroy
HeapCreate
GetModuleFileNameA
HeapSize
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetStdHandle
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
InitializeCriticalSection
GetStringTypeA
GetStringTypeW

user32

RegisterWindowMessageA
RegisterClassA
CreateWindowExA
DefWindowProcA
PostMessageA
DispatchMessageA
PeekMessageA
MsgWaitForMultipleObjects

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

viahwsha
Size: 4KB - Virtual size: 141B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

viahwaes
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

viahwran
Size: 4KB - Virtual size: 64B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

segm1
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 240KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 101B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d028a998367c4df74e1931710fff1956

Headers

File Characteristics

PDB Paths

Imports

version

kernel32

user32

advapi32

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

viahwsha Size: 4KB - Virtual size: 141B

viahwaes Size: 8KB - Virtual size: 5KB

viahwran Size: 4KB - Virtual size: 64B

segm1 Size: 8KB - Virtual size: 6KB

.rdata Size: 240KB - Virtual size: 236KB

.data Size: 1.3MB - Virtual size: 1.4MB

.tls Size: 4KB - Virtual size: 101B

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 2.7MB - Virtual size: 2.7MB

viahwsha
Size: 4KB - Virtual size: 141B

viahwaes
Size: 8KB - Virtual size: 5KB

viahwran
Size: 4KB - Virtual size: 64B

segm1
Size: 8KB - Virtual size: 6KB

.rdata
Size: 240KB - Virtual size: 236KB

.data
Size: 1.3MB - Virtual size: 1.4MB

.tls
Size: 4KB - Virtual size: 101B

.rsrc
Size: 4KB - Virtual size: 1KB