26ab97f3fd0c926f5a8d48128e4e0a345d37a24b4dd68d8476d1dfefe0d4e59d

Sharing

Copy URL Twitter E-mail

General

Target

26ab97f3fd0c926f5a8d48128e4e0a345d37a24b4dd68d8476d1dfefe0d4e59d
Size

211KB
MD5

70998515c33557e968085e90a8db80bd
SHA1

0ad3521e896b5a452dc7ec0ec312a14c5fd30709
SHA256

26ab97f3fd0c926f5a8d48128e4e0a345d37a24b4dd68d8476d1dfefe0d4e59d
SHA512

4f00d6afbebfdab061b2720a11dc7d4911a95ea60c9dc9c6defb613c998f06b8ba93caf8193a9d4e6985435515c93bb5bdbdf9067a4075a1cfc78a803904a2be
SSDEEP

6144:wOQ6IbNm++fYC2bjfOAVOo2YWEkuqDAl72CUcE:t++wDfH4fRDAlf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26ab97f3fd0c926f5a8d48128e4e0a345d37a24b4dd68d8476d1dfefe0d4e59d

Files

26ab97f3fd0c926f5a8d48128e4e0a345d37a24b4dd68d8476d1dfefe0d4e59d
.exe windows x64

cd04b39c03aa2e7dd643db97b9ac0e8e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

FindResourceW
SizeofResource
LoadResource
VirtualAlloc
VirtualProtect
CreateThread
WaitForSingleObject
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent

msvcp120

?_Winerror_map@std@@YAPEBDH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Syserror_map@std@@YAPEBDH@Z

msvcr120

__getmainargs
__set_app_type
exit
_exit
_cexit
_configthreadlocale
memmove
_initterm_e
_initterm
__C_specific_handler
__initenv
_fmode
_commode
_amsg_exit
_unlock
_calloc_crt
__dllonexit
_onexit
?terminate@@YAXXZ
__crtSetUnhandledExceptionFilter
__crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__crtCapturePreviousContext
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
malloc
_XcptFilter
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
_lock
_purecall
__setusermatherr
_CxxThrowException
__CxxFrameHandler3
memcpy
memset

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd04b39c03aa2e7dd643db97b9ac0e8e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp120

msvcr120

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1024B - Virtual size: 516B

.rsrc Size: 198KB - Virtual size: 197KB

.reloc Size: 512B - Virtual size: 112B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 516B

.rsrc
Size: 198KB - Virtual size: 197KB

.reloc
Size: 512B - Virtual size: 112B