c7586b6688b00b5b1f87bff5e5b947b000e4e46a864fff87bb7f9a469ac1157c

Sharing

Copy URL

Twitter E-mail

General

Target

c7586b6688b00b5b1f87bff5e5b947b000e4e46a864fff87bb7f9a469ac1157c
Size

1.2MB
MD5

30e68ec41222f34f70ec44dc58e60fa7
SHA1

7665d6114644f520ac948345e69fe9b38d4502d8
SHA256

c7586b6688b00b5b1f87bff5e5b947b000e4e46a864fff87bb7f9a469ac1157c
SHA512

c9e92db205513d77ee43b06e0c7cb87ca923b030e09b5856fcdc3ea26d0843af4baf50ba9d8349255bacc0387fd8550e0963f32598344c02c34f365817853f37
SSDEEP

6144:uLwKA3d92v4FJNZLbdy5oKG2+LzIlMMdPBCj2/ycTbaggwu0K0uPkv2em:GAN92wFp0SLIxq3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7586b6688b00b5b1f87bff5e5b947b000e4e46a864fff87bb7f9a469ac1157c

Files

c7586b6688b00b5b1f87bff5e5b947b000e4e46a864fff87bb7f9a469ac1157c
.exe windows:5 windows x64

e03ae44da593afc1ac1149321bd00636

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW

user32

LoadStringW
MessageBeep

msvcrt

__lconv_init
signal
_wcmdln
__winitenv
_initterm
_fpreset
_cexit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__setusermatherr
__C_specific_handler
sprintf
bsearch
strcspn
strchr
strlen
strcmp
strcpy
memcmp
wcstok
_getdrive
isalnum
isalpha
_errno
_snwprintf
_wcsupr
_wgetdcwd
_wpopen
_wfopen
fgetws
_pclose
fclose
qsort
memmove
free
memchr
realloc
vswprintf
wcsstr
_wcsnset
wcspbrk
wcsncat
wcscpy
wcscmp
_wchdir
towupper
_wtol
wcstoul
wcstol
_itow
rand
_vsnwprintf
swprintf
_wcsnicmp
_wtoi
memcpy
_wcsicmp
wcsrchr
wcsncpy
wcscat
wcslen
memset
wcsspn
wcsncmp
wcscspn
wcschr
_wcsdup
iswctype
towlower
malloc
_wcslwr

kernel32

TlsGetValue
GetModuleHandleA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
SetUnhandledExceptionFilter
GetStartupInfoW
HeapReAlloc
LockResource
LoadResource
FindResourceExW
FlushFileBuffers
WriteConsoleW
WideCharToMultiByte
HeapFree
HeapAlloc
GetProcessHeap
LocalReAlloc
LocalAlloc
GetEnvironmentVariableA
GetVersionExW
GetFileType
SetProcessAffinityMask
ResumeThread
GetEnvironmentStringsW
FreeEnvironmentStringsW
MoveFileW
WriteConsoleOutputCharacterW
FillConsoleOutputCharacterW
MoveFileExW
CopyFileW
DeviceIoControl
GlobalMemoryStatus
GetLocaleInfoW
GetDateFormatW
RemoveDirectoryW
CreateDirectoryW
lstrcmpW
lstrcmpiW
LocalFree
FormatMessageW
GetVolumePathNameW
GetVolumeInformationW
GetDiskFreeSpaceW
Sleep
SetLocalTime
GetLocalTime
FreeConsole
AllocConsole
GetCurrentProcess
DuplicateHandle
WriteFile
VirtualFree
VirtualAlloc
SystemTimeToFileTime
SetFileTime
SetFileAttributesW
GetSystemTime
GetFileTime
GetFileAttributesW
FindNextFileW
DeleteFileW
CopyFileExW
SetConsoleTitleW
SetConsoleTextAttribute
SetConsoleCursorPosition
SetConsoleCursorInfo
GetConsoleMode
FlushConsoleInputBuffer
FillConsoleOutputAttribute
GetConsoleScreenBufferInfo
WriteConsoleInputW
SetConsoleMode
SetConsoleCtrlHandler
GetConsoleTitleW
GetConsoleOutputCP
GetConsoleCP
WaitForMultipleObjects
TryEnterCriticalSection
TerminateProcess
SetStdHandle
SetHandleInformation
SetFileApisToOEM
lstrlenW
AddConsoleAliasW
GetConsoleAliasW
GetConsoleAliasesW
GetConsoleAliasesLengthW
CloseHandle
CreateFileW
GetFileSize
GetFullPathNameW
ReadFile
SetFilePointer
SetLastError
MultiByteToWideChar
Beep
GetStdHandle
GetTickCount
WaitForSingleObject
ReadConsoleInputW
CreatePipe
CreateProcessW
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileW
FreeLibrary
GetCommandLineW
GetCurrentDirectoryW
GetEnvironmentVariableW
GetExitCodeProcess
GetLastError
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryW
SearchPathW
SetCurrentDirectoryW
SetEnvironmentVariableW

ntdll

RtlIsDosDeviceName_U
RtlAssert
vDbgPrintExWithPrefix

Sections

.text
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1020KB - Virtual size: 1020KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e03ae44da593afc1ac1149321bd00636

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

msvcrt

kernel32

ntdll

Sections

.text Size: 189KB - Virtual size: 189KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 3KB - Virtual size: 97KB

.pdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 1020KB - Virtual size: 1020KB

.reloc Size: 512B - Virtual size: 496B

.text
Size: 189KB - Virtual size: 189KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 3KB - Virtual size: 97KB

.pdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1020KB - Virtual size: 1020KB

.reloc
Size: 512B - Virtual size: 496B