b175c8ef8c682a0d30c62c525cd25c17f3b9a235dfc1a125be473bf56355ea8f

Sharing

Copy URL Twitter E-mail

General

Target

b175c8ef8c682a0d30c62c525cd25c17f3b9a235dfc1a125be473bf56355ea8f
Size

126KB
MD5

cde5733dfdca26d459c8739bea24ccdc
SHA1

50fe44d49c4519977c6f1f7505dc4bf1e0f97965
SHA256

b175c8ef8c682a0d30c62c525cd25c17f3b9a235dfc1a125be473bf56355ea8f
SHA512

34135b16be8cd44c5c65eff0ec4f2ff3813389ada0f56fc387050e638eb796fc7ccb522e780fad6bbc6c8104c53b1f76ed788a3eb570f1da57640761f8873155
SSDEEP

3072:IuTR+5n8Z90dYXy1O00cX/m160yLqpkeVwlTv3NZ:IIUn8ZO4i30cXu193p63NZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b175c8ef8c682a0d30c62c525cd25c17f3b9a235dfc1a125be473bf56355ea8f

Files

b175c8ef8c682a0d30c62c525cd25c17f3b9a235dfc1a125be473bf56355ea8f
.exe windows:5 windows x86

c648345e86f46c63525512673a3b2809

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetModuleFileNameW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
GetProcAddress
LoadLibraryW
DeleteCriticalSection
CreateEventW
GetModuleHandleW
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
LocalFree
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId

oleaut32

SysFreeString
SysAllocString

msvcp140

?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z

shlwapi

PathAppendW
PathRemoveFileSpecW

vcruntime140

_CxxThrowException
__CxxFrameHandler3
memcpy
memset
__std_exception_copy
memmove
__vcrt_InitializeCriticalSectionEx
_except_handler4_common
__std_terminate
_purecall
__std_exception_destroy

api-ms-win-crt-runtime-l1-1-0

_c_exit
terminate
_controlfp_s
_invalid_parameter_noinfo_noreturn
_exit
exit
_initterm_e
_initterm
_get_narrow_winmain_command_line
_register_thread_local_exe_atexit_callback
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_configure_narrow_argv
_initialize_narrow_environment

api-ms-win-crt-math-l1-1-0

_dtest
_dsign
__setusermatherr

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode
__stdio_common_vsprintf

api-ms-win-crt-locale-l1-1-0

localeconv
_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode
malloc
_callnewh
free

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c648345e86f46c63525512673a3b2809

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

oleaut32

msvcp140

shlwapi

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 27KB - Virtual size: 27KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 1KB - Virtual size: 1KB

.tls Size: 512B - Virtual size: 9B

.gfids Size: 512B - Virtual size: 92B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 74KB - Virtual size: 76KB

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 1KB - Virtual size: 1KB

.tls
Size: 512B - Virtual size: 9B

.gfids
Size: 512B - Virtual size: 92B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 74KB - Virtual size: 76KB