d5c0f7b0ec41be8249de6bf2098f2340N

General

Target

d5c0f7b0ec41be8249de6bf2098f2340N
Size

54KB
MD5

d5c0f7b0ec41be8249de6bf2098f2340
SHA1

23ab93629cce34238e79c3caac0a4ae289ed4ea3
SHA256

e97a35fd6a77f7aff30e52943c0e2a55db7a71972d1db61d03016355c08ff83c
SHA512

db4d317b39b3677f35f76c2db7b77d10a738cbe70718ba7a3b5038d3eda86e617d30681e570a5a026f69d371e7d11be89dedbdbaf25f36a07b42f2b5d0b9af5a
SSDEEP

768:zuZwARLvYtTPNkwK6xGP99SPtK03CgrZ2iW/sV64ltCcg/r3SunVg9+4:CyAUJvA9KtPSwU/I6mtey

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5c0f7b0ec41be8249de6bf2098f2340N

Files

d5c0f7b0ec41be8249de6bf2098f2340N
.exe windows:4 windows x86 arch:x86

48b7096532dec065813f2098afc13aeb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CallNamedPipeW
CreateIoCompletionPort
EnterCriticalSection
ExitProcess
GetComputerNameA
GetCurrencyFormatA
GetModuleFileNameA
GetNamedPipeHandleStateA
Heap32Next
LockResource
SearchPathW
WriteConsoleA
lstrcmpi

advapi32

ConvertAccessToSecurityDescriptorA
CryptAcquireContextW
CryptDestroyHash
CryptDuplicateHash
CryptEnumProviderTypesW
DeleteAce
GetKernelObjectSecurity
GetTrusteeNameW
IsValidSecurityDescriptor
LookupPrivilegeDisplayNameW
OpenBackupEventLogA
OpenSCManagerA
RegRestoreKeyA
SetEntriesInAclW
SetSecurityInfoExA

user32

DdeAddData
DdeCreateStringHandleA
DeleteMenu
DlgDirSelectExA
DrawCaptionTempA
IsCharAlphaNumericA
LoadCursorFromFileW
SetMessageQueue

shell32

Control_FillCache_RunDLL
DllGetClassObject
ExtractIconW
PrintersGetCommand_RunDLLA
RealShellExecuteA
RealShellExecuteExW
RealShellExecuteW
RegenerateUserEnvironment
SHBrowseForFolder
SHGetPathFromIDListW
SHHelpShortcuts_RunDLL
SheChangeDirW
SheShortenPathW
ShellAboutW
ShellExecuteEx

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

48b7096532dec065813f2098afc13aeb

Headers

File Characteristics

Imports

kernel32

advapi32

user32

shell32

Sections

.text Size: 512B - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 51KB - Virtual size: 52KB

.text
Size: 512B - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 51KB - Virtual size: 52KB