d5f6b14c8beb22249a652234784732387df26b1ad1e28fdd23af569b4b82a379

Sharing

Copy URL

Twitter E-mail

General

Target

d5f6b14c8beb22249a652234784732387df26b1ad1e28fdd23af569b4b82a379
Size

387KB
MD5

6987d01341d312fa95852bd5b016540e
SHA1

b042876d224d616d1c094003e4cf527bff747c8d
SHA256

d5f6b14c8beb22249a652234784732387df26b1ad1e28fdd23af569b4b82a379
SHA512

28a79ea22e865406ad3cc0b59572a76215e3aa22e1d7f6eea547e6d7da8d6d5e80a1f157973ae58407d5166e9aae56e2c3fbf72abfd523d2dc57dbc5f74b6877
SSDEEP

6144:y40QpRh2NncFAzDWjXel44mw9OU3iY+i:yJi2NcyPWjXei4mZni

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5f6b14c8beb22249a652234784732387df26b1ad1e28fdd23af569b4b82a379

Files

d5f6b14c8beb22249a652234784732387df26b1ad1e28fdd23af569b4b82a379
.exe windows:5 windows x86 arch:x86

1991af52a6314ff5b23d44cf01c243a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleAliasExesA
CommConfigDialogA
SetEndOfFile
GetConsoleAliasExesLengthA
InterlockedIncrement
OpenJobObjectA
GetCurrentProcess
GetLogicalDriveStringsW
SetDefaultCommConfigW
GetSystemWindowsDirectoryW
SetEnvironmentVariableW
CreateJobObjectW
QueryDosDeviceA
InterlockedCompareExchange
SetVolumeMountPointW
UnlockFile
OpenSemaphoreA
_lcreat
GetTickCount
GetNumberFormatA
CreateActCtxW
SetFileShortNameW
LoadLibraryW
_hread
GetCalendarInfoA
CreateEventA
SetConsoleCP
GetFileAttributesA
VerifyVersionInfoA
GetShortPathNameA
GetLastError
SetLastError
GetProcAddress
CreateNamedPipeA
GlobalFree
SetThreadPriorityBoost
LoadLibraryA
LocalAlloc
GetNumberFormatW
SetConsoleWindowInfo
VirtualProtect
EnumDateFormatsW
SetProcessShutdownParameters
GetDiskFreeSpaceExA
ReadConsoleInputW
GetTempPathA
LCMapStringW
HeapSize
RtlUnwind
IsProcessorFeaturePresent
GetStringTypeW
WideCharToMultiByte
Sleep
MultiByteToWideChar
HeapAlloc
HeapReAlloc
GetCommandLineW
HeapSetInformation
GetStartupInfoW
GetModuleHandleW
ExitProcess
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCPInfo
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
HeapFree
RaiseException
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection

user32

ChangeMenuW
GetKeyNameTextA
GetWindowTextLengthA
DdeQueryStringW
LoadMenuW
GetMenuState
CharUpperW
GetSysColor
SetCaretPos
SetClipboardViewer

Sections

.text
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1991af52a6314ff5b23d44cf01c243a3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 234KB - Virtual size: 233KB

.data Size: 94KB - Virtual size: 1.7MB

.rsrc Size: 58KB - Virtual size: 58KB

.text
Size: 234KB - Virtual size: 233KB

.data
Size: 94KB - Virtual size: 1.7MB

.rsrc
Size: 58KB - Virtual size: 58KB