7290e2f046a94f5133a1d5db651426bad11924ab69f28db5f08cd90194209ab7

Sharing

Copy URL Twitter E-mail

General

Target

7290e2f046a94f5133a1d5db651426bad11924ab69f28db5f08cd90194209ab7
Size

4.8MB
MD5

c806d58f8d5c833d146e6576ea9bbdf9
SHA1

33ff149b8d6bc6af515e3e8a8e00993faa3d30b2
SHA256

7290e2f046a94f5133a1d5db651426bad11924ab69f28db5f08cd90194209ab7
SHA512

6f95b90e08c11e36ff3f1716d34848f895a964627e9c97a7d7f989cb7eaa10a062f26c022aaf2467ce8998c083fd87f0632007eaa097fb3415382cec9118289f
SSDEEP

98304:HWHX8+C6MGcwFXfcNVWYFHAC127cDJzgKBUO2Amn2JkO71:HWPC68SmJd9F2Amu1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7290e2f046a94f5133a1d5db651426bad11924ab69f28db5f08cd90194209ab7

Files

7290e2f046a94f5133a1d5db651426bad11924ab69f28db5f08cd90194209ab7
.exe windows x86

85be36472a27bbe9d4aeda5b08406fd8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
WriteFile
DecodePointer
CloseHandle
RaiseException
GetLastError
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
InitializeCriticalSectionEx
DeleteCriticalSection
Sleep
CreateThread
GetCurrentThread
GlobalMemoryStatusEx
VirtualProtect
FreeResource
GetProcAddress
LoadResource
LockResource
SizeofResource
FindResourceW
LoadLibraryW
WriteConsoleW
SetStdHandle
FreeEnvironmentStringsW
EnterCriticalSection
LeaveCriticalSection
EncodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
GetCPInfo
IsDebuggerPresent
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
CreateEventW
GetModuleHandleW
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
GetACP
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
ReadConsoleW
SetFilePointerEx
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
SetEndOfFile

ole32

CoTaskMemAlloc

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85be36472a27bbe9d4aeda5b08406fd8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

Sections

.text Size: 139KB - Virtual size: 139KB

.rdata Size: 61KB - Virtual size: 60KB

.data Size: 10KB - Virtual size: 13KB

.rsrc Size: 4.9MB - Virtual size: 4.9MB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 139KB - Virtual size: 139KB

.rdata
Size: 61KB - Virtual size: 60KB

.data
Size: 10KB - Virtual size: 13KB

.rsrc
Size: 4.9MB - Virtual size: 4.9MB

.reloc
Size: 10KB - Virtual size: 10KB