5e56c0fe3121e184647fa5e6c388530a716f4a3b5b1ac725805e6619aabfe963N

Sharing

Copy URL Twitter E-mail

General

Target

5e56c0fe3121e184647fa5e6c388530a716f4a3b5b1ac725805e6619aabfe963N
Size

194KB
MD5

7a105c86e6f75a7614c3f10bc1c68a90
SHA1

9f059bbb1c7d81cf90d59713b6d5e42ba69844d5
SHA256

5e56c0fe3121e184647fa5e6c388530a716f4a3b5b1ac725805e6619aabfe963
SHA512

aabbefdbaec3392b3a7c07bd8c6592eb90e1f8e5ac747af2311da9c3a44b0da5127d3aa77e1c25a96da100f2177b9ce320fdf413e3d0861f520921d76ff61a74
SSDEEP

6144:EALWPMbUKojV0pYXY2A4wWKeubTjMZ3VZX97:OMbUK4x8WAQpVZp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e56c0fe3121e184647fa5e6c388530a716f4a3b5b1ac725805e6619aabfe963N

Files

5e56c0fe3121e184647fa5e6c388530a716f4a3b5b1ac725805e6619aabfe963N
.exe windows:4 windows x86 arch:x86

d226d959b869dfa8ba1ea251a9aaa124

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetConsoleScreenBufferInfo
SetConsoleCtrlHandler
GetEnvironmentVariableA
GetStdHandle
GetModuleHandleA
SetConsoleMode
GetConsoleMode
WideCharToMultiByte
ExitProcess
GlobalFree
MultiByteToWideChar
GlobalAlloc
GetVersionExA
WriteFile
lstrlenW
HeapReAlloc
DeleteFileA
GetLocaleInfoW
GetLocaleInfoA
SetEnvironmentVariableW
SetEndOfFile
CreateProcessW
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
GetUserDefaultLCID
IsValidCodePage
IsValidLocale
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
LCMapStringW
LCMapStringA
GetCurrentProcessId
GetFileAttributesW
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetFileAttributesA
GetProcAddress
ReadFile
SetFilePointer
GetCommandLineA
GetVersion
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
Sleep
DuplicateHandle
GetCurrentProcess
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetModuleFileNameA
CloseHandle
GetStartupInfoA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
VirtualAlloc
FlushFileBuffers
SetStdHandle

user32

CharToOemA
LoadStringW
LoadStringA

odbc32

ord108
ord13
ord43
ord135
ord31
ord255
ord136
ord9
ord24
ord75
ord139
ord150
ord241
ord176
ord64
ord111
ord5
ord127
ord20
ord138
ord61
ord110
ord132

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d226d959b869dfa8ba1ea251a9aaa124

Headers

File Characteristics

Imports

kernel32

user32

odbc32

Sections

.text Size: 90KB - Virtual size: 90KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 17KB - Virtual size: 27KB

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 90KB - Virtual size: 90KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 17KB - Virtual size: 27KB

.rsrc
Size: 80KB - Virtual size: 80KB