0d2eed77a8fc8812b70ba559bece2a3d6d825ae8d4dd40f94f7daea1f85d396c

General

Target

0d2eed77a8fc8812b70ba559bece2a3d6d825ae8d4dd40f94f7daea1f85d396c
Size

9KB
MD5

849a7974bae088dd9b342862220cb8cc
SHA1

56e76ca5c538ab499b679f4d4030473108973412
SHA256

0d2eed77a8fc8812b70ba559bece2a3d6d825ae8d4dd40f94f7daea1f85d396c
SHA512

92914976338323c84aa6c4ec7d9e6ea025adafcce594ebe2b64f7dc98373dbe2d610581184c2109b36efc13e51556feb02f4c496e00e5f2b9cfdd588059588ea
SSDEEP

192:I3pHRBkZgspCTdAGjV9ZakEYNikzWYZNccjr4lU:I5jHHL78Yr9Nlh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d2eed77a8fc8812b70ba559bece2a3d6d825ae8d4dd40f94f7daea1f85d396c

Files

0d2eed77a8fc8812b70ba559bece2a3d6d825ae8d4dd40f94f7daea1f85d396c
.exe windows x64

43759c747e5c0c542c44b1f613eb37ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WaitForSingleObject
Sleep
VirtualAlloc
VirtualProtect
CreateThread
GetTickCount64
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
DecodePointer

msvcr110

__setusermatherr
_initterm_e
_initterm
__C_specific_handler
__initenv
_fmode
_commode
_configthreadlocale
__crtUnhandledException
__crtTerminateProcess
__crtCapturePreviousContext
?terminate@@YAXXZ
__crtSetUnhandledExceptionFilter
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
_cexit
_exit
exit
__set_app_type
__getmainargs
_amsg_exit
_XcptFilter
__crt_debugger_hook
memcpy

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43759c747e5c0c542c44b1f613eb37ef

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcr110

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 264B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 76B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 264B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 76B