40adb48a6ca49d3a01768be373f577d793e4c118aba44eda567dfe5ffd7fc0c6

Sharing

Copy URL Twitter E-mail

General

Target

40adb48a6ca49d3a01768be373f577d793e4c118aba44eda567dfe5ffd7fc0c6
Size

1002KB
MD5

42d849d177cf75c11bb09e3b1ecf1c01
SHA1

a8625450619fdefe3a1f449d19633dc5909852d0
SHA256

40adb48a6ca49d3a01768be373f577d793e4c118aba44eda567dfe5ffd7fc0c6
SHA512

8469db0bfc0b7817770ef51f5f54be7f988aa62133730dbb0e258567983cb97b285f54cb232fbb9f3d30e7659438de0719c996b865446351415acfcaf594827a
SSDEEP

24576:Upv3GYPaLxMgE7l4zGm/IpAeOME3maPfBJ5BbydzU:4rF2Gm/LPM+msBJGdU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SiglusEngineCrack.exe

Files

40adb48a6ca49d3a01768be373f577d793e4c118aba44eda567dfe5ffd7fc0c6
.zip
SiglusEngineCrack.exe
.exe windows x64

6707bb0cb9f4f8848b49f3b8c8666abe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

VirtualProtect
GetCurrentProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress
VirtualAllocEx
ExitProcess
VirtualQueryEx
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess

user32

MessageBoxA

vcruntime140

_CxxThrowException
__std_type_info_destroy_list
memcpy
__C_specific_handler
__std_exception_copy
memset
__std_exception_destroy

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initterm
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e

Exports

Exports

DotNetRuntimeDebugHeader

Sections

.text
Size: - Virtual size: 420KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.managed
Size: - Virtual size: 988KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

hydrated
Size: - Virtual size: 412KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 857KB - Virtual size: 856KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.dpack
Size: 548KB - Virtual size: 547KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6707bb0cb9f4f8848b49f3b8c8666abe

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: - Virtual size: 420KB

.managed Size: - Virtual size: 988KB

hydrated Size: - Virtual size: 412KB

.rdata Size: 857KB - Virtual size: 856KB

.data Size: - Virtual size: 60KB

.pdata Size: 100KB - Virtual size: 99KB

_RDATA Size: - Virtual size: 348B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: - Virtual size: 5KB

.dpack Size: 548KB - Virtual size: 547KB

.text
Size: - Virtual size: 420KB

.managed
Size: - Virtual size: 988KB

hydrated
Size: - Virtual size: 412KB

.rdata
Size: 857KB - Virtual size: 856KB

.data
Size: - Virtual size: 60KB

.pdata
Size: 100KB - Virtual size: 99KB

_RDATA
Size: - Virtual size: 348B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: - Virtual size: 5KB

.dpack
Size: 548KB - Virtual size: 547KB