26029478c4ea5c9e748c8fbd8f5adddc8b08088c978fbc67660c1ef4a98aa7d4

General

Target

26029478c4ea5c9e748c8fbd8f5adddc8b08088c978fbc67660c1ef4a98aa7d4
Size

42KB
MD5

e94579373c39e090970f2da0f389cb40
SHA1

1e540b8712c7babea206c787aae301e0aac5554a
SHA256

26029478c4ea5c9e748c8fbd8f5adddc8b08088c978fbc67660c1ef4a98aa7d4
SHA512

c13a1c8cd962c4c9813a12e0e8d0382494acac24ef95a81434e21d69f2f3f170e9337a4dece321e5987872df8d9ef919f8f9d10b80d1b4db18f6577fbd8ae90d
SSDEEP

768:tbDBJVXi9Q5NGMC9Rfaay+Z+V5apLGTFzVmLb7Z9zlVs:tbhXi9OU3faZjTu/73fs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26029478c4ea5c9e748c8fbd8f5adddc8b08088c978fbc67660c1ef4a98aa7d4

Files

26029478c4ea5c9e748c8fbd8f5adddc8b08088c978fbc67660c1ef4a98aa7d4
.exe windows:6 windows x86

2fea3c92ccd2a166b287a3a27c1d9fd4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strtol
wctomb_s
_XcptFilter
__set_app_type
__getmainargs
_environ
_msize
?terminate@@YAXXZ
strcpy_s
___lc_codepage_func
_isatty
fflush
_fileno
_CIlog10
ceil
realloc
_clearfp
malloc
strnlen
wcsnlen
tolower
__pctype_func
_iob
_unlock
_lock
_errno
free
_controlfp_s
__p__commode
__p___argv
__p___argc
_set_fmode
_initterm_e
_initterm
_time64
rand
srand
strrchr
_amsg_exit
_except_handler4_common
?_set_new_mode@@YAHH@Z
memset
memcpy
__CxxFrameHandler3
memmove

kernel32

MultiByteToWideChar
GetModuleHandleExW
FreeLibrary
ExitProcess
Sleep
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
VirtualQuery
TerminateProcess
GetCurrentProcess
GetModuleHandleW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2fea3c92ccd2a166b287a3a27c1d9fd4

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

Sections

.text Size: 30KB - Virtual size: 29KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 30KB - Virtual size: 29KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1KB - Virtual size: 1KB