f44b2208b7a3f19f3fc340b8019a41faa69716cdec443e2b7bd1013129185206

Sharing

Copy URL Twitter E-mail

General

Target

f44b2208b7a3f19f3fc340b8019a41faa69716cdec443e2b7bd1013129185206
Size

736KB
MD5

96b57d7164e093bb4167ef667d0a6b47
SHA1

8fa58670a4bce339eeffb1039f65df17d3a3201e
SHA256

f44b2208b7a3f19f3fc340b8019a41faa69716cdec443e2b7bd1013129185206
SHA512

4768374004747df1d70a4eb16ecfc632cecbb64586af348d5e26dad47c52b9f2910da80bcba32ec6e7c78dd001267565ac5f6d8a04666b9d7ed80d94ccaf5aa0
SSDEEP

12288:O9KMkrXfUsgOeVjkT+ceHaSZMwfU0c2xSZQZupdakB5lcPvTTvSOK5l9zzmQt:Z3XfyeT+rH9iwsVQSZDX/yP/vS15rzmG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f44b2208b7a3f19f3fc340b8019a41faa69716cdec443e2b7bd1013129185206

Files

f44b2208b7a3f19f3fc340b8019a41faa69716cdec443e2b7bd1013129185206
.exe windows x86

7948dcf8c7d5867de40b64dc77657453

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareStringW
CreateFileW
CreateProcessA
DecodePointer
DeleteCriticalSection
EncodePointer
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetFileSizeEx
GetFileType
GetLastError
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
HeapReAlloc
HeapSetInformation
HeapSize
InitOnceExecuteOnce
InitializeCriticalSectionAndSpinCount
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
RtlUnwind
SetEnvironmentVariableW
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WideCharToMultiByte
WriteConsoleW
WriteFile

ole32

CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize

rpcrt4

UuidFromStringA

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 481KB - Virtual size: 480KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.voltbl
Size: 512B - Virtual size: 183B

.rsrc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7948dcf8c7d5867de40b64dc77657453

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

rpcrt4

Sections

.text Size: 97KB - Virtual size: 97KB

.rdata Size: 481KB - Virtual size: 480KB

.data Size: 57KB - Virtual size: 59KB

.00cfg Size: 512B - Virtual size: 4B

.voltbl Size: 512B - Virtual size: 183B

.rsrc Size: 67KB - Virtual size: 66KB

.reloc Size: 32KB - Virtual size: 31KB

.text
Size: 97KB - Virtual size: 97KB

.rdata
Size: 481KB - Virtual size: 480KB

.data
Size: 57KB - Virtual size: 59KB

.00cfg
Size: 512B - Virtual size: 4B

.voltbl
Size: 512B - Virtual size: 183B

.rsrc
Size: 67KB - Virtual size: 66KB

.reloc
Size: 32KB - Virtual size: 31KB