d5283314f547bd4ac3ce08ed81d35e4a7c60454ea1b503f104e8a5c4ead7359d

Sharing

Copy URL Twitter E-mail

General

Target

d5283314f547bd4ac3ce08ed81d35e4a7c60454ea1b503f104e8a5c4ead7359d
Size

382KB
MD5

0910f4807b624fcc9b5f6338832d7e1a
SHA1

018738cc015bdcfcb4658315967511537ecd1463
SHA256

d5283314f547bd4ac3ce08ed81d35e4a7c60454ea1b503f104e8a5c4ead7359d
SHA512

45b935b780094a2b632ab47eafdb848e47238dbbdebe74ff889b2dda37789b6806ead14469f852a32ece996d306e80e5f43d4dc27fc33dfe7b4084e63751351e
SSDEEP

6144:18eMEX9TTAP/Te+RN5M15S/pSK4w3MV36i+KeAO7ageETBkqHGT1+dOT1+dBK:1TF90/Te+RN5M1UpMV36lHcgeETWq21T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5283314f547bd4ac3ce08ed81d35e4a7c60454ea1b503f104e8a5c4ead7359d

Files

d5283314f547bd4ac3ce08ed81d35e4a7c60454ea1b503f104e8a5c4ead7359d
.exe windows:6 windows x86 arch:x86

09cc97667368ee6b7c526ba8ad1c5c18

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
FindNextFileW
GetCurrentProcess
WriteFile
GetModuleHandleExW
TerminateProcess
GetModuleFileNameW
LeaveCriticalSection
InitializeCriticalSection
FindClose
GetLocaleInfoW
WaitForSingleObject
CreateFileW
GetCurrentThreadId
GetFileAttributesExW
SetEvent
GetCurrentThread
QueryPerformanceFrequency
CloseHandle
GetProcAddress
DeleteCriticalSection
ExitProcess
CreateProcessW
GetModuleHandleW
FreeLibrary
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
FlushFileBuffers
GetExitCodeProcess
HeapSize
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
ReadFile
GetLastError
Sleep
lstrlenW
CreateEventW
SetLastError
FreeEnvironmentStringsW
GetEnvironmentStringsW
FindFirstFileExW
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleCP
GetOEMCP
GetACP
IsValidCodePage
HeapReAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileType
HeapFree
HeapAlloc
GetCommandLineW
GetCommandLineA
GetStdHandle
GetTimeZoneInformation
RaiseException
RtlUnwind
WriteConsoleW
LoadLibraryExW
GetThreadTimes
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
GetCPInfo
GetStringTypeW
LCMapStringW
CompareStringW
MultiByteToWideChar
DecodePointer
EncodePointer
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount

setupapi

CM_Locate_DevNodeW
SetupDiGetDevicePropertyW
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
CM_Reenumerate_DevNode
SetupDiCallClassInstaller
CM_Get_Device_IDW
SetupDiGetClassDevsW
SetupDiRemoveDevice

newdev

DiUninstallDevice

winmm

timeGetTime
timeBeginPeriod

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09cc97667368ee6b7c526ba8ad1c5c18

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

setupapi

newdev

winmm

Sections

.text Size: 166KB - Virtual size: 166KB

.rdata Size: 124KB - Virtual size: 124KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 76KB - Virtual size: 75KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 166KB - Virtual size: 166KB

.rdata
Size: 124KB - Virtual size: 124KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 76KB - Virtual size: 75KB

.reloc
Size: 10KB - Virtual size: 9KB