ec1e4fc1fb11289f2211906030df9e2a067f3bef3e5bf6460113b3b88ae433af

General

Target

ec1e4fc1fb11289f2211906030df9e2a067f3bef3e5bf6460113b3b88ae433af
Size

193KB
MD5

151900a7d3cd4087c16527f0a92f837e
SHA1

eb019785dc79522d9e7f134aa8300268bd648ffa
SHA256

ec1e4fc1fb11289f2211906030df9e2a067f3bef3e5bf6460113b3b88ae433af
SHA512

f1a5d1525074586b61f6ad0af4b0dd68a6665a95f993c6624e7d06d405ef86a022f0f62640ea8ec9379e39957c84ded78d92ef5209b0cb577ff11d7e5ddd1bdb
SSDEEP

3072:qpBNl/C/HYBKkPV6GaMCQOyCZg1oLOWWWSSgdM7RSY:sfqPG/N996Zg1WO9WsYR9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec1e4fc1fb11289f2211906030df9e2a067f3bef3e5bf6460113b3b88ae433af

Files

ec1e4fc1fb11289f2211906030df9e2a067f3bef3e5bf6460113b3b88ae433af
.exe windows x86

6a67abed7a5ee08c6ccec289829808d1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateHardLinkA
GetTickCount
WriteFile
Sleep
lstrcatA
lstrlenW
GetLastError
GetProcAddress
GetModuleHandleA
GetCurrentProcessId
GetPrivateProfileSectionW
LoadResource
GetNumberOfConsoleInputEvents
RtlCaptureContext
GlobalFix
ReplaceFileA
UnregisterWait
GetModuleHandleW
ExitProcess
DecodePointer
GetCommandLineW
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
LoadLibraryW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapFree
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
RtlUnwind
HeapAlloc
HeapReAlloc
IsProcessorFeaturePresent
LCMapStringW
MultiByteToWideChar
GetStringTypeW
RaiseException

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 41.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a67abed7a5ee08c6ccec289829808d1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 59KB - Virtual size: 58KB

.data Size: 53KB - Virtual size: 41.5MB

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 59KB - Virtual size: 58KB

.data
Size: 53KB - Virtual size: 41.5MB

.rsrc
Size: 80KB - Virtual size: 80KB