5952dee2554c631d57a885a41bd148b18d15cebdece6df6dc11870e8ce25f2a7

Sharing

Copy URL

Twitter E-mail

General

Target

5952dee2554c631d57a885a41bd148b18d15cebdece6df6dc11870e8ce25f2a7
Size

290KB
MD5

b159fd7a71b9fa4b7741fc5b6480b015
SHA1

753508d337aed1fdb5d9bec89d53ac91e26ccd53
SHA256

5952dee2554c631d57a885a41bd148b18d15cebdece6df6dc11870e8ce25f2a7
SHA512

3e95e0bbc7afe3218efe5615786f13a03735d337b7a6d62cecf65e93e6ca4263f1f7f696e0af1e32fa616d4c2975412c515ca977b73d01c8f2addee5be9c23aa
SSDEEP

3072:67+kKcbyRoiOqtVyBsQGGxagtclc+pF5Nczdh0Em+z+rgsq98RKTGHTq4Y8WYAgI:3oiFtVyB1agGK+HMzdhsrgMfHrQHr2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5952dee2554c631d57a885a41bd148b18d15cebdece6df6dc11870e8ce25f2a7

Files

5952dee2554c631d57a885a41bd148b18d15cebdece6df6dc11870e8ce25f2a7
.exe windows:5 windows x86 arch:x86

e1b3ca54a69e36ae6b29aaf272675684

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\nejalumumixu\mapasiruzepuz-58\canonij.pdb

Imports

kernel32

SetSystemTimeAdjustment
FindNextVolumeA
LeaveCriticalSection
GetNamedPipeHandleStateA
FileTimeToLocalFileTime
ExitProcess
GetCurrentProcessId
GetVersionExW
EnumDateFormatsExW
FillConsoleOutputCharacterA
EnumResourceNamesA
FindNextFileA
CopyFileExW
BuildCommDCBAndTimeoutsA
SetDefaultCommConfigA
WritePrivateProfileStructW
HeapSetInformation
CreateTimerQueue
ReadConsoleInputA
GetVersionExA
GetSystemDirectoryW
GetDriveTypeA
VirtualProtect
LoadLibraryA
GlobalAlloc
VerifyVersionInfoA
GetBinaryTypeA
GetProfileSectionW
InterlockedDecrement
ReadConsoleOutputCharacterA
FindFirstChangeNotificationW
FormatMessageA
SetDllDirectoryW
GetQueuedCompletionStatus
WritePrivateProfileStringA
GetConsoleAliasesLengthW
GetProcessHeap
OpenWaitableTimerA
UnlockFile
InterlockedIncrement
GetStartupInfoW
GetSystemWow64DirectoryW
GetConsoleAliasExesW
ContinueDebugEvent
EndUpdateResourceA
SetLastError
FatalAppExitA
SetSystemTime
OpenFileMappingA
lstrcmpW
TerminateThread
SetConsoleActiveScreenBuffer
SetDefaultCommConfigW
VirtualFree
InterlockedCompareExchange
GlobalUnfix
GetSystemWindowsDirectoryA
CopyFileW
TerminateProcess
GetACP
FindAtomA
lstrcatW
HeapWalk
SetMailslotInfo
CreateActCtxA
_lread
GetOverlappedResult
CreateNamedPipeW
GetAtomNameA
SetConsoleScreenBufferSize
EnumResourceTypesW
lstrlenA
WriteConsoleA
lstrcpyA
ReadConsoleOutputA
SetThreadContext
BuildCommDCBW
ReleaseActCtx
GetStringTypeW
GetPrivateProfileStringW
GetFileAttributesW
GetVolumePathNameA
MoveFileW
SetCommMask
SetFileShortNameA
VerLanguageNameA
LockFile
EndUpdateResourceW
EnumDateFormatsA
ProcessIdToSessionId
PostQueuedCompletionStatus
FreeConsole
GlobalGetAtomNameW
SetComputerNameA
GetConsoleAliasExesLengthW
WriteConsoleInputW
CreateMailslotA
TzSpecificLocalTimeToSystemTime
MoveFileExA
SetLocalTime
GetStringTypeExW
EnumSystemLocalesW
CallNamedPipeA
GetConsoleAliasExesLengthA
FindActCtxSectionGuid
CopyFileA
ResetWriteWatch
GetPrivateProfileIntW
GetModuleHandleW
GetTickCount
GetModuleFileNameA
GetConsoleAliasesLengthA
GlobalUnWire
FillConsoleOutputCharacterW
GetCompressedFileSizeW
SetThreadPriority
MapUserPhysicalPages
WriteConsoleOutputCharacterA
EnumDateFormatsW
QueryInformationJobObject
CreateFileW
GetDateFormatW
RaiseException
HeapValidate
IsBadReadPtr
DeleteCriticalSection
EnterCriticalSection
GetModuleFileNameW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
Sleep
GetProcAddress
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetLastError
HeapDestroy
HeapCreate
HeapFree
WriteFile
HeapAlloc
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
HeapSize
HeapReAlloc
VirtualAlloc
GetOEMCP
GetCPInfo
IsValidCodePage
RtlUnwind
InitializeCriticalSectionAndSpinCount
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LoadLibraryW
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
GetConsoleOutputCP
CreateFileA
CloseHandle
FlushFileBuffers

user32

GetCaretBlinkTime

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1b3ca54a69e36ae6b29aaf272675684

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 147KB - Virtual size: 146KB

.data Size: 79KB - Virtual size: 330KB

.rsrc Size: 63KB - Virtual size: 62KB

.text
Size: 147KB - Virtual size: 146KB

.data
Size: 79KB - Virtual size: 330KB

.rsrc
Size: 63KB - Virtual size: 62KB