439be47ed277edd3955adf220be91d40a42f49d096ee2f56351392c54f5a9b9d

Sharing

Copy URL Twitter E-mail

General

Target

439be47ed277edd3955adf220be91d40a42f49d096ee2f56351392c54f5a9b9d
Size

131KB
MD5

3abb5f853311005dd9212bacc4f09616
SHA1

1261468641dbbf1758afd38d749134bbf505c6dd
SHA256

439be47ed277edd3955adf220be91d40a42f49d096ee2f56351392c54f5a9b9d
SHA512

9645e4f652b5fc4f17acb08290ad4f5a4d2eef2a6f78e4e5f02eaa87269c056b549056dac7091246ee8d07b0976b752a00c6b1e8d64c2a227a1356c805cfa4a1
SSDEEP

3072:MzvFC6GSmPs+n4yhTjdTIfC4rr9XVsFoUPcovm/5Z:MQpPs5yhdozrxX+oUvvA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
439be47ed277edd3955adf220be91d40a42f49d096ee2f56351392c54f5a9b9d

Files

439be47ed277edd3955adf220be91d40a42f49d096ee2f56351392c54f5a9b9d
.exe windows x64

8e68ba435c47320d64805c131d79046d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrlenA
GetTickCount
WideCharToMultiByte
MultiByteToWideChar
WritePrivateProfileStringA
Sleep
FindClose
FindFirstFileA
GetLastError
GetCurrentThreadId
CloseHandle
CreateFileA
GetProcAddress
LoadLibraryA
GetPrivateProfileSectionA
SetLastError
TerminateProcess
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
SetStdHandle
GetPrivateProfileIntA
WritePrivateProfileSectionA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
DeleteFileA
SetEndOfFile
GetStringTypeA
GetStringTypeW
GetModuleFileNameA
GetLocaleInfoA
HeapSize
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
ReadFile
HeapFree
GetProcessHeap
RtlLookupFunctionEntry
RtlUnwindEx
GetSystemTimeAsFileTime
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
RaiseException
RtlPcToFileHeader
HeapAlloc
HeapReAlloc
GetCommandLineA
GetStartupInfoA
LCMapStringA
LCMapStringW
GetCPInfo
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
SetHandleCount
GetStdHandle
GetFileType
GetTimeZoneInformation
GetACP
GetOEMCP
IsValidCodePage
WriteFile
GetConsoleCP
GetConsoleMode
HeapSetInformation
HeapCreate
GetModuleHandleW
ExitProcess

user32

wsprintfA
GetMessageA
TranslateMessage
DispatchMessageA
RegisterClassExA
DefWindowProcA
DestroyWindow
PostQuitMessage
CreateWindowExA
PostMessageA

ole32

CoUninitialize
CoCreateInstance
CoInitializeEx

oleaut32

SysFreeString
VariantClear
SysAllocString

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e68ba435c47320d64805c131d79046d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 7KB - Virtual size: 15KB

.pdata Size: 5KB - Virtual size: 5KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 7KB - Virtual size: 15KB

.pdata
Size: 5KB - Virtual size: 5KB