3f4d5d8a469cc80e95b5bfac6dd9092a6896cc8b469e435269c896b53de87e64

Sharing

Copy URL

Twitter E-mail

General

Target

3f4d5d8a469cc80e95b5bfac6dd9092a6896cc8b469e435269c896b53de87e64
Size

124KB
MD5

1d41bbbcc272c8b2a8accc3dd02242b3
SHA1

2abdc05d31357de5e9d7cb6008fec286870ef3b2
SHA256

3f4d5d8a469cc80e95b5bfac6dd9092a6896cc8b469e435269c896b53de87e64
SHA512

3aa9ce4c7824b5cece985b6386d7fe76ee1c2cb9cd9e255df196a615c5968c93f51c73a7aa261b74f4ad3b973f92d033d851de135814a57f486eedd03a7b6ed6
SSDEEP

3072:RAYZ/k/9+a+hs3LXa2yapVla2yapVK+nkQa2yapVla2yapVla2yapVla2yapVlab:S3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f4d5d8a469cc80e95b5bfac6dd9092a6896cc8b469e435269c896b53de87e64

Files

3f4d5d8a469cc80e95b5bfac6dd9092a6896cc8b469e435269c896b53de87e64
.exe windows:5 windows x64

d6b843f8810f17b900a9849a70ae10d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

_cexit
wcschr
wcsrchr
_wcsicmp
towupper
iswctype
abs
calloc
__lconv_init
signal
_wcmdln
__winitenv
_initterm
_fpreset
wcstoul
exit
__set_app_type
__wgetmainargs
_amsg_exit
__setusermatherr
_vsnwprintf
wcslen
memset
memcpy
malloc
free

shlwapi

PathAppendW
PathFindExtensionW
PathFindFileNameW
PathRemoveExtensionW
PathRemoveFileSpecW
PathAddExtensionW

kernel32

FindFirstFileW
TlsGetValue
GetLastError
DeleteCriticalSection
LoadLibraryW
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
Sleep
SetUnhandledExceptionFilter
GetStartupInfoW
GetConsoleMode
LockResource
LoadResource
GetProcAddress
GetFileType
FindResourceExW
WriteConsoleW
GetConsoleOutputCP
WideCharToMultiByte
WriteFile
SetLastError
LeaveCriticalSection
HeapFree
HeapAlloc
GetProcessHeap
EnterCriticalSection
InitializeCriticalSection
CompareStringW
CompareStringA
UnmapViewOfFile
CloseHandle
CreateFileW
CreateFileMappingW
FindClose
GetStdHandle
FindNextFileW
GetFileSizeEx
MapViewOfFile

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6b843f8810f17b900a9849a70ae10d7

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

shlwapi

kernel32

Sections

.text Size: 30KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 544B

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 86KB - Virtual size: 85KB

.reloc Size: 512B - Virtual size: 40B

.text
Size: 30KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 544B

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 86KB - Virtual size: 85KB

.reloc
Size: 512B - Virtual size: 40B