af26bb67e9fd526349144dc8d40b27d934129905015af4411e3c3192ccd238f2

Sharing

Copy URL Twitter E-mail

General

Target

af26bb67e9fd526349144dc8d40b27d934129905015af4411e3c3192ccd238f2
Size

1.1MB
MD5

7187717ed9bb5125a8a60843c20e130c
SHA1

00db948766db02def080fbdd120abf2644ad3b08
SHA256

af26bb67e9fd526349144dc8d40b27d934129905015af4411e3c3192ccd238f2
SHA512

5b8ea1f1d2b47ce9fcbf6fb863bfa0a04f067e99eb59b57c82b75cc97b7d5ace44b79229710a0ed9e61062487809eb0eea90ca6fccbd7a7fa3ab912a8cad83ea
SSDEEP

24576:YQ3vmDmBYdY1WjQfHt46OhoGL3oKQdcjHHP:YQ3vzBYdOWjQfN46+bk1IHv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af26bb67e9fd526349144dc8d40b27d934129905015af4411e3c3192ccd238f2

Files

af26bb67e9fd526349144dc8d40b27d934129905015af4411e3c3192ccd238f2
.exe windows x64

7dd026bfc95be1e87953b4c632cbfb31

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shlwapi

PathFileExistsW
PathRemoveExtensionW
PathRemoveBlanksW

kernel32

UnhandledExceptionFilter
GetCurrentProcess
GetCurrentThread
CloseHandle
IsDebuggerPresent
SizeofResource
WriteProcessMemory
SetPriorityClass
WriteFile
GetShortPathNameW
GetModuleFileNameW
SetThreadPriority
GetEnvironmentVariableW
WaitForSingleObject
CreateFileW
RtlVirtualUnwind
ResumeThread
Sleep
lstrcatW
LoadLibraryW
LoadResource
FindResourceW
VirtualAllocEx
CreateProcessW
lstrcpyW
CreateRemoteThread
VirtualProtect
K32GetModuleInformation
GetProcAddress
CreateFileMappingW
MapViewOfFile
RtlLookupFunctionEntry
GetSystemDirectoryW
SetUnhandledExceptionFilter
TerminateProcess
GetModuleHandleExW
FreeLibrary
ExitProcess
GetModuleHandleW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
RtlCaptureContext

user32

MessageBoxW

shell32

ShellExecuteW

msvcrt

__argc
__argv
?_set_new_mode@@YAHH@Z
_commode
_msize
?terminate@@YAXXZ
realloc
__getmainargs
__set_app_type
_XcptFilter
_errno
free
_initterm
malloc
memset
__C_specific_handler
_fmode
_environ
memcpy
_amsg_exit
__CxxFrameHandler

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 769KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gehcont
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7dd026bfc95be1e87953b4c632cbfb31

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

shell32

msvcrt

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 769KB

.pdata Size: 1024B - Virtual size: 1008B

.gfids Size: 512B - Virtual size: 28B

.gehcont Size: 512B - Virtual size: 4B

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 292KB - Virtual size: 292KB

.reloc Size: 512B - Virtual size: 56B

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 769KB

.pdata
Size: 1024B - Virtual size: 1008B

.gfids
Size: 512B - Virtual size: 28B

.gehcont
Size: 512B - Virtual size: 4B

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 292KB - Virtual size: 292KB

.reloc
Size: 512B - Virtual size: 56B