d5e335e98d4dda4647be3b9ecedc5e4a356ffcb78b547ae581eec7cdd31f23cc

Sharing

Copy URL

Twitter E-mail

General

Target

d5e335e98d4dda4647be3b9ecedc5e4a356ffcb78b547ae581eec7cdd31f23cc
Size

301KB
MD5

8b7b39a22f88119b577d18f5203d3580
SHA1

d2dd1ce5afc18dbdd98d3d328f29863eaf84dc01
SHA256

d5e335e98d4dda4647be3b9ecedc5e4a356ffcb78b547ae581eec7cdd31f23cc
SHA512

f70acbb31b5777824fa861ce7d4df4b4fd5b64767be312b9167cbcf99545cc07d0bd445052e6dafb58a1af5f9ffe95e567501f0287b48b846002109e14c94a8f
SSDEEP

6144:Fmh8ukYHxfL62vUH4L3GvyFv+WxsVfsKE0VXQ9M0:Fk8uJL62MsGKBxwfspP9H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5e335e98d4dda4647be3b9ecedc5e4a356ffcb78b547ae581eec7cdd31f23cc

Files

d5e335e98d4dda4647be3b9ecedc5e4a356ffcb78b547ae581eec7cdd31f23cc
.exe windows:5 windows x86 arch:x86

39f7786559b1f7dcc6cf792aab85f184

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\ducetoved\xepabefofiv\fek\xabuk\hobe yas habare\sahifoviju.pdb

Imports

kernel32

GetPrivateProfileSectionNamesW
GetFileSize
FindFirstFileW
lstrlenA
SetComputerNameExA
SetEndOfFile
CallNamedPipeA
SetEnvironmentVariableW
GetModuleHandleExW
SetComputerNameW
SetVolumeMountPointW
FreeEnvironmentStringsA
EnumTimeFormatsA
WriteFile
SetCommState
TlsSetValue
GetPriorityClass
LoadLibraryW
GetConsoleMode
GetVersionExW
SetConsoleMode
VerifyVersionInfoA
WriteConsoleW
WritePrivateProfileSectionW
GetModuleFileNameW
CreateFileW
CompareStringW
LCMapStringA
CreateDirectoryA
InterlockedExchange
GlobalUnfix
SetThreadLocale
GetCPInfoExW
FillConsoleOutputCharacterW
GetHandleInformation
PulseEvent
GetCurrentDirectoryW
SetLastError
ReadConsoleOutputCharacterA
GetProcAddress
GetTapeStatus
WriteProfileSectionA
SetStdHandle
BuildCommDCBW
GetAtomNameA
LoadLibraryA
Process32FirstW
OpenMutexA
WriteConsoleA
OpenWaitableTimerW
LocalAlloc
GetExitCodeThread
AddAtomW
SetConsoleWindowInfo
FindAtomA
ContinueDebugEvent
VirtualProtect
CompareStringA
GetCurrentThreadId
OpenSemaphoreW
ReadConsoleInputW
LocalSize
GetWindowsDirectoryW
FileTimeToLocalFileTime
OpenFileMappingA
CopyFileExA
GetVolumeInformationW
GetLastError
GetComputerNameA
WideCharToMultiByte
DeleteFileA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
InterlockedIncrement
InterlockedDecrement
DecodePointer
GetModuleHandleW
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
GetStdHandle
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
TlsAlloc
TlsGetValue
TlsFree
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
GetFileType
GetConsoleCP
HeapValidate
IsBadReadPtr
RaiseException
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
DeleteCriticalSection
HeapCreate
IsProcessorFeaturePresent
OutputDebugStringA
OutputDebugStringW
RtlUnwind
LCMapStringW
MultiByteToWideChar
GetStringTypeW
SetFilePointer
HeapAlloc
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
CloseHandle
FlushFileBuffers

user32

GetComboBoxInfo
GetListBoxInfo

advapi32

ImpersonateSelf

Sections

.text
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39f7786559b1f7dcc6cf792aab85f184

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

Sections

.text Size: 175KB - Virtual size: 174KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 21KB - Virtual size: 40KB

.rsrc Size: 66KB - Virtual size: 66KB

.text
Size: 175KB - Virtual size: 174KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 21KB - Virtual size: 40KB

.rsrc
Size: 66KB - Virtual size: 66KB