8934d90114d302c11f621ec134a0590db8cfa5d588f1e7789e6e114f11c10b15

Sharing

Copy URL Twitter E-mail

General

Target

8934d90114d302c11f621ec134a0590db8cfa5d588f1e7789e6e114f11c10b15
Size

915KB
MD5

584078c2dbcb2b32a11e91835aa81dd3
SHA1

abb63dcf3c7312058542567ee16ef24085456f75
SHA256

8934d90114d302c11f621ec134a0590db8cfa5d588f1e7789e6e114f11c10b15
SHA512

1b320d13f35fc0c507d40849c92a20ec626fd5b20061cf36b81c4c217ce929aad67bac521f1aa6cc181048b4e112a1b2de3dc2944e5b87cf164bda124c5e58ae
SSDEEP

24576:G6G9GnL3EjsvjIb2KtbRT3iyTCYNZS4VywSFlgJxn+:G5eTEGY2IS4VVpZ+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8934d90114d302c11f621ec134a0590db8cfa5d588f1e7789e6e114f11c10b15

Files

8934d90114d302c11f621ec134a0590db8cfa5d588f1e7789e6e114f11c10b15
.exe windows x64

81a85b3e953e10a84bf6860886262f78

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetModuleFileNameA
LoadLibraryA
GetProcAddress
GetLastError
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
FormatMessageA
LocalFree
GetModuleHandleExW
FreeLibrary
ExitProcess
Sleep
RaiseException
WideCharToMultiByte
MultiByteToWideChar
OutputDebugStringA
VirtualQuery
RtlUnwindEx
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
GetSystemTimeAsFileTime
QueryPerformanceCounter
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
DecodePointer
EncodePointer
GetCurrentThreadId
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
VirtualProtect

msvcrt

_XcptFilter
__set_app_type
_ismbblead
_acmdln
_fmode
?_set_new_mode@@YAHH@Z
_commode
?terminate@@YAXXZ
_isatty
_fileno
ceil
log10
_clearfp
_iob
_unlock
_lock
strtol
_initterm
_callnewh
abort
___lc_codepage_func
__pctype_func
realloc
tolower
_time64
fclose
fflush
_errno
free
malloc
__CxxFrameHandler
_local_unwind
__DestructExceptionObject
_amsg_exit
__C_specific_handler
memset
memmove
memcpy
_CxxThrowException
strrchr
_msize
__getmainargs
___lc_handle_func
fopen
_localtime64

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 23.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 825KB - Virtual size: 825KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81a85b3e953e10a84bf6860886262f78

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 63KB - Virtual size: 62KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 1024B - Virtual size: 23.4MB

.pdata Size: 3KB - Virtual size: 3KB

.rsrc Size: 825KB - Virtual size: 825KB

.reloc Size: 512B - Virtual size: 432B

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 1024B - Virtual size: 23.4MB

.pdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 825KB - Virtual size: 825KB

.reloc
Size: 512B - Virtual size: 432B