5b1a551b311ac87bdbec2446f04bb5e0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

5b1a551b311ac87bdbec2446f04bb5e0N.exe
Size

422KB
MD5

5b1a551b311ac87bdbec2446f04bb5e0
SHA1

3e9cc4ab7faf1f5197aed3253aaa0405c30eaae0
SHA256

8379c70a7a3087e195fdf942002701cc8ba665ca896bddd4d1d5aeceb257755e
SHA512

a184bf20c1d5e9cd86e6f32430ef9e0c9031bc19c23d77d1b3e359d690f03b9952d6e816630ad3e22cf3104e91e0ee6b29c91136805e40cd102643ebe469b740
SSDEEP

6144:03ym5cKLGH663R+bMfV+ZsTagiwmm2y7uOghmxGelf21t/dLBo+wqsMGiT4KuehE:ox55e6HyV+ZsTpiwjuHclfGtF65jz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b1a551b311ac87bdbec2446f04bb5e0N.exe

Files

5b1a551b311ac87bdbec2446f04bb5e0N.exe
.exe windows:4 windows x86 arch:x86

56d2eefe8bac95a0e1294f2e7e825880

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PrintDlgA
GetOpenFileNameA
FindTextA

kernel32

LeaveCriticalSection
GetCurrentThread
LCMapStringA
GetUserDefaultLCID
CompareStringW
HeapSize
GetSystemTimeAsFileTime
Sleep
GetStartupInfoA
SetEndOfFile
GetACP
GetLastError
GetStringTypeW
FreeLibrary
TransmitCommChar
GetStdHandle
LockFile
GetDateFormatA
GetModuleFileNameA
InterlockedIncrement
GetLocaleInfoW
GetTimeZoneInformation
GetOEMCP
GetTickCount
EnterCriticalSection
LoadLibraryA
EnumTimeFormatsW
SetUnhandledExceptionFilter
TlsSetValue
GetLocaleInfoA
GetProcAddress
RtlUnwind
TlsFree
CompareStringA
FileTimeToSystemTime
GetEnvironmentStringsW
InterlockedExchange
HeapDestroy
TlsAlloc
TerminateProcess
SetThreadIdealProcessor
InterlockedDecrement
HeapFree
GetCurrentThreadId
GetCurrentProcess
VirtualAlloc
EnumSystemLocalesA
SetLastError
SetHandleCount
WriteFile
GetFileType
SetConsoleCtrlHandler
WideCharToMultiByte
GetStringTypeA
LCMapStringW
IsDebuggerPresent
FreeLibraryAndExitThread
UnhandledExceptionFilter
GetModuleHandleA
VirtualQuery
GetTimeFormatA
IsValidLocale
VirtualFree
DeleteCriticalSection
HeapReAlloc
QueryPerformanceCounter
HeapAlloc
IsValidCodePage
GetStartupInfoW
ExitProcess
FreeEnvironmentStringsW
GetCurrentProcessId
GetCommandLineW
WriteConsoleOutputCharacterA
SetEnvironmentVariableA
GetModuleFileNameW
HeapCreate
GetModuleHandleW
InitializeCriticalSectionAndSpinCount
GetCPInfo
MultiByteToWideChar
TlsGetValue

user32

LoadCursorFromFileW
DdeCreateDataHandle
SetDeskWallpaper
InvalidateRect
EnableScrollBar
CreateIconFromResource
GetDCEx
AnyPopup
ScrollWindow
CharPrevA

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56d2eefe8bac95a0e1294f2e7e825880

Headers

File Characteristics

Imports

comdlg32

kernel32

user32

Sections

.text Size: 125KB - Virtual size: 125KB

.rdata Size: 8KB - Virtual size: 27KB

.data Size: 277KB - Virtual size: 276KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 125KB - Virtual size: 125KB

.rdata
Size: 8KB - Virtual size: 27KB

.data
Size: 277KB - Virtual size: 276KB

.rsrc
Size: 10KB - Virtual size: 10KB