91cd139b212fe17c41cc7f26d884b11cedb78a0ad0ce479ff3f53d6e618e132d

Sharing

Copy URL Twitter E-mail

General

Target

91cd139b212fe17c41cc7f26d884b11cedb78a0ad0ce479ff3f53d6e618e132d
Size

86KB
MD5

5e201a2670664527926be1cc605bccc8
SHA1

41f676882a58e939c51531dec61cd0e867fc0512
SHA256

91cd139b212fe17c41cc7f26d884b11cedb78a0ad0ce479ff3f53d6e618e132d
SHA512

53ce602a1e3682e740b4bbd6c16661a16756f7526743b1688195d0fc5eaf79477ced2a26c91817197923587957aec36ee9a113c010b0715bf6bcd8066092a447
SSDEEP

1536:8LJ0ddPV+g1QKJrkngTOPUN+/Mmjlr+mc8rsWjcdbdgx:sevV6YrAzswN+AUbdgx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
91cd139b212fe17c41cc7f26d884b11cedb78a0ad0ce479ff3f53d6e618e132d

Files

91cd139b212fe17c41cc7f26d884b11cedb78a0ad0ce479ff3f53d6e618e132d
.exe windows x86

7d29544e906f7673dbb6dc2eb6efc578

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageA

shell32

ShellExecuteExA

kernel32

DeleteCriticalSection
CreateFileW
FlushFileBuffers
WriteConsoleW
SetStdHandle
GetStringTypeW
LCMapStringW
HeapReAlloc
SetFilePointerEx
GetConsoleMode
GetConsoleCP
OutputDebugStringW
LoadLibraryExW
OutputDebugStringA
GetNativeSystemInfo
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetVersionExA
GetExitCodeProcess
CloseHandle
CreateProcessA
GetModuleFileNameA
GetShortPathNameA
GetEnvironmentVariableA
lstrcpyA
lstrcatA
SetPriorityClass
GetCurrentProcess
SetThreadPriority
GetCurrentThread
ResumeThread
WinExec
GetCommandLineA
EncodePointer
DecodePointer
RaiseException
RtlUnwind
GetLastError
SetLastError
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
WriteFile
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsDebuggerPresent
IsProcessorFeaturePresent
HeapFree
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d29544e906f7673dbb6dc2eb6efc578

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

kernel32

Sections

.text Size: 52KB - Virtual size: 52KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 52KB - Virtual size: 52KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 1KB