5ba87c487d4e437c9a50a5a067d8ea5e556bf32418c6a95ee00ae2a2bc8a5c4e

General

Target

5ba87c487d4e437c9a50a5a067d8ea5e556bf32418c6a95ee00ae2a2bc8a5c4e
Size

282KB
MD5

e375cbc63cc1061f6839226e91f49948
SHA1

dde4f3149308919b135f25b72b2e6236d91121df
SHA256

5ba87c487d4e437c9a50a5a067d8ea5e556bf32418c6a95ee00ae2a2bc8a5c4e
SHA512

355c459dcda272d723fdb73bb3d50e75fff8e8362c2049e31f7436a23a21b5e96c96e4a17d8d775486c8790a1e754b81524707505a60e5bb690ba1f4ea0855df
SSDEEP

6144:p7A3WtsxLDZMx4ZAqGdatky3brvqRQ0VUBi:pkqsBdW4ZAqGdaOijuHVUB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ba87c487d4e437c9a50a5a067d8ea5e556bf32418c6a95ee00ae2a2bc8a5c4e

Files

5ba87c487d4e437c9a50a5a067d8ea5e556bf32418c6a95ee00ae2a2bc8a5c4e
.exe windows:4 windows x86 arch:x86

84b0e9c36b489774babc072c89a53f5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathW

kernel32

VirtualAlloc
GetStdHandle
GetLocaleInfoA
AddAtomA
TlsAlloc
GetEnvironmentStringsW
FreeEnvironmentStringsA
IsBadWritePtr
VirtualQuery
InterlockedExchange
TlsSetValue
UnhandledExceptionFilter
SetLastError
GetSystemTimeAsFileTime
TlsGetValue
GetCPInfo
GetSystemInfo
HeapDestroy
SetHandleCount
EnumResourceNamesA
QueryPerformanceCounter
FreeEnvironmentStringsW
GetFileType
HeapCreate
GetModuleFileNameA
GetACP
GetVersionExA
lstrcatA
VirtualFree
HeapSize
GetCurrentProcessId
GetOEMCP
WriteFile
TerminateProcess
TlsFree
GetEnvironmentStrings
GetCurrentProcess
SetEndOfFile
GetStartupInfoA
SetUnhandledExceptionFilter

newdev

UpdateDriverForPlugAndPlayDevicesW

setupapi

CM_Get_Global_State
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

user32

IsWindow
EnumChildWindows
SendMessageA
DestroyWindow
CreateWindowExW
GetDlgItem
GetWindowThreadProcessId

iphlpapi

GetIpAddrTable

Sections

.text
Size: 139KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84b0e9c36b489774babc072c89a53f5e

Headers

File Characteristics

Imports

shell32

kernel32

newdev

setupapi

mprapi

user32

iphlpapi

Sections

.text Size: 139KB - Virtual size: 275KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 139KB - Virtual size: 139KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 139KB - Virtual size: 275KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 139KB - Virtual size: 139KB

.rsrc
Size: 512B - Virtual size: 4KB