164f04c9708e88912b23ec1585e4d71f004c6407cb2d89f874883e00e65d3caf

Sharing

Copy URL

Twitter E-mail

General

Target

164f04c9708e88912b23ec1585e4d71f004c6407cb2d89f874883e00e65d3caf
Size

127KB
MD5

435cec6df28a10ff69828dc513af195f
SHA1

8b9db6d2a7715aa3b1e5fb5589d1d41514e20456
SHA256

164f04c9708e88912b23ec1585e4d71f004c6407cb2d89f874883e00e65d3caf
SHA512

d8752f86fec9da96fed2ca4b41e76c73a160bf27b7bb1d0674daaa39de59c7a33ff680b115bdd050202c227a8a0482ca95a2d3ddce4002540433d1c2f9ec2bd4
SSDEEP

1536:zvzLIlh70D0c/vFr2YLh8YDjDSWPBFhv0vrLec7RaIrItI4MZwpL+Sar7:z20vN2y5DlFhvArZlatG40wpKSM7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
164f04c9708e88912b23ec1585e4d71f004c6407cb2d89f874883e00e65d3caf

Files

164f04c9708e88912b23ec1585e4d71f004c6407cb2d89f874883e00e65d3caf
.exe windows x86

033b991db8d89f431cb5a1e6875a479f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
FreeLibrary
DeleteFileA
CreateFileA
CloseHandle
WriteFile
CreateFileW
WriteConsoleW
GetProcessHeap
GetCommandLineA
HeapSetInformation
HeapAlloc
GetLastError
HeapFree
SetUnhandledExceptionFilter
GetModuleHandleW
ExitProcess
DecodePointer
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
SetFilePointer
MultiByteToWideChar
ReadFile
LoadLibraryW
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
IsProcessorFeaturePresent
HeapSize
HeapReAlloc
LCMapStringW
GetStringTypeW
SetEndOfFile

wininet

InternetReadFile
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

033b991db8d89f431cb5a1e6875a479f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

wininet

Sections

.text Size: 38KB - Virtual size: 38KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 70KB - Virtual size: 70KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 38KB - Virtual size: 38KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 70KB - Virtual size: 70KB

.reloc
Size: 3KB - Virtual size: 3KB