280b77851ca30697984e56bc600bb40cbfa2de23128a08f0483b8aeaaba54f86

Sharing

Copy URL Twitter E-mail

General

Target

280b77851ca30697984e56bc600bb40cbfa2de23128a08f0483b8aeaaba54f86
Size

126KB
MD5

16fb40d4b04e6bea775ea7e64810b70f
SHA1

3210d045e6fc16eb741ca8c3f69c28ddaab07759
SHA256

280b77851ca30697984e56bc600bb40cbfa2de23128a08f0483b8aeaaba54f86
SHA512

2a0151bb54ba8054eda7c346f68703eb1e3b815499a98542995553c877718c7a9d8df3ee00fc87534ced058f18bd7667fb29f8347def9a44679eca986d019741
SSDEEP

3072:zsaz/M9DwHDZanTZ7mzOVJixQdx+WiHOxq8sbqkFO:z1zktwHqTy+UxKxnkOxMJO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
280b77851ca30697984e56bc600bb40cbfa2de23128a08f0483b8aeaaba54f86

Files

280b77851ca30697984e56bc600bb40cbfa2de23128a08f0483b8aeaaba54f86
.exe windows x64

868e0e3fd01dea2987e510393799aa4a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

OpenMutexA
GetModuleFileNameA
CreateMutexA
HeapSize
HeapReAlloc
LCMapStringW
GetLastError
CloseHandle
WaitForSingleObject
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte
Sleep
GlobalFree
GlobalUnlock
GlobalAlloc
GlobalLock
GetStringTypeW
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
CompareStringW
GlobalSize
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
DecodePointer
CreateThread
GetCurrentThreadId
ExitThread
LoadLibraryExW
GetConsoleMode
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
SetConsoleMode
GetCommandLineA
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
GetModuleFileNameW
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
RtlUnwindEx
GetConsoleCP
GetTimeZoneInformation
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
RtlPcToFileHeader
RaiseException
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
DeleteCriticalSection
CreateFileW
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
OutputDebugStringW
SetEnvironmentVariableA

user32

SetClipboardData
OpenClipboard
EmptyClipboard
GetClipboardData
CloseClipboard
IsClipboardFormatAvailable
FindWindowA
ShowWindow

winmm

timeGetTime

libcurl

curl_slist_append
curl_easy_setopt
curl_easy_perform
curl_easy_cleanup
curl_slist_free_all
curl_easy_init

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

868e0e3fd01dea2987e510393799aa4a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

winmm

libcurl

iphlpapi

Sections

.text Size: 77KB - Virtual size: 76KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 6KB - Virtual size: 15KB

.pdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 77KB - Virtual size: 76KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 6KB - Virtual size: 15KB

.pdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB