5d2fc267d9b48fa9744bbbf8c03cdc87e412051f6b82169000c8c9fe55f4d20e

Sharing

Copy URL Twitter E-mail

General

Target

5d2fc267d9b48fa9744bbbf8c03cdc87e412051f6b82169000c8c9fe55f4d20e
Size

4.0MB
MD5

4bd7ace6a46775559b89aaa82963ce51
SHA1

826f276e6bac89b18d64872ce949b226a812cdda
SHA256

5d2fc267d9b48fa9744bbbf8c03cdc87e412051f6b82169000c8c9fe55f4d20e
SHA512

c1e2112a6b501661a7cb0e3956f315ddeb931332b25f2455f4c96f2d56a32389fe06891cb299b1d0156d236fe3808cada81d2be594a835e87424490c23772d3c
SSDEEP

98304:m/Oo+mlt1Sqv0WYLAx/gGAb3EnAGEB+sh5DaCbNkv:Do+evTP2vGIUAD+K5DaGNkv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d2fc267d9b48fa9744bbbf8c03cdc87e412051f6b82169000c8c9fe55f4d20e

Files

5d2fc267d9b48fa9744bbbf8c03cdc87e412051f6b82169000c8c9fe55f4d20e
.exe windows:4 windows x86 arch:x86

f06953f6b88640e11df2e6ea8ff3a3aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

VariantInit

advapi32

RegCloseKey

user32

GetWindowLongW

kernel32

GetVersionExA
GetVersion
GetVersionExA
GetTimeZoneInformation
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

gdi32

SetBkColor

version

GetFileVersionInfoSizeA

mpr

WNetGetConnectionA

ole32

StringFromCLSID

comctl32

ImageList_GetBkColor

shell32

ShellExecuteA

comdlg32

GetOpenFileNameA

wsock32

getpeername

gdiplus

GdipSetInterpolationMode

Sections

`gFA\)Q5
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

wbGpado,
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

S;(B[0Hx
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

#]a-8;Z6
Size: - Virtual size: 72KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sDb'iPex
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_+E^g3I\
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

`xXqED"X
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

@21dX8BF
Size: - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Is 9ZdK'
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9Cqdp+qo
Size: 9KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f06953f6b88640e11df2e6ea8ff3a3aa

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

gdi32

version

mpr

ole32

comctl32

shell32

comdlg32

wsock32

gdiplus

Sections

`gFA\)Q5 Size: - Virtual size: 1.1MB

wbGpado, Size: - Virtual size: 8KB

S;(B[0Hx Size: - Virtual size: 68KB

#]a-8;Z6 Size: - Virtual size: 72KB

sDb'iPex Size: - Virtual size: 16KB

_+E^g3I\ Size: - Virtual size: 4KB

`xXqED"X Size: - Virtual size: 4KB

@21dX8BF Size: - Virtual size: 288KB

Is 9ZdK' Size: 3.5MB - Virtual size: 3.5MB

9Cqdp+qo Size: 9KB - Virtual size: 6.1MB

`gFA\)Q5
Size: - Virtual size: 1.1MB

wbGpado,
Size: - Virtual size: 8KB

S;(B[0Hx
Size: - Virtual size: 68KB

#]a-8;Z6
Size: - Virtual size: 72KB

sDb'iPex
Size: - Virtual size: 16KB

_+E^g3I\
Size: - Virtual size: 4KB

`xXqED"X
Size: - Virtual size: 4KB

@21dX8BF
Size: - Virtual size: 288KB

Is 9ZdK'
Size: 3.5MB - Virtual size: 3.5MB

9Cqdp+qo
Size: 9KB - Virtual size: 6.1MB