23b753e1e7f556ee925d2c3cb87d07ece407feeb463fe9dd22faa8b7e0189659

General

Target

23b753e1e7f556ee925d2c3cb87d07ece407feeb463fe9dd22faa8b7e0189659
Size

25KB
MD5

6063184b9b4d160f5f88946085a51b68
SHA1

0e11893da158a068603811bc20e848a15b1ff4cd
SHA256

23b753e1e7f556ee925d2c3cb87d07ece407feeb463fe9dd22faa8b7e0189659
SHA512

826d1453e011c28f8eaa57656eff9a051a385b1d92e1abba5ae5580b4bfe9d95cceafde609e4f02055ac46862df8f62aaac06189f16d586360d3606e2ae3be71
SSDEEP

384:7d9MEp+r/W2s9iA05rWWKbHUAtmlxdcTcRh+hQNwJa6vOxj70vqHFHPGT:7d9MEumrreLcE+hQNwlOZGq9g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23b753e1e7f556ee925d2c3cb87d07ece407feeb463fe9dd22faa8b7e0189659

Files

23b753e1e7f556ee925d2c3cb87d07ece407feeb463fe9dd22faa8b7e0189659
.exe windows:5 windows x64

d6511a4542035a7d7b86486e12d6ee71

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

_amsg_exit
__lconv_init
signal
_wcmdln
__winitenv
_initterm
_fpreset
_cexit
__set_app_type
__wgetmainargs
swprintf
__setusermatherr
memcpy
_vsnwprintf
wcslen
wcstok
wcscpy
wcscmp
wcscat
memset
towlower
realloc
malloc
free
exit

kernel32

GetVolumeInformationW
TlsGetValue
GetLastError
DeleteCriticalSection
LoadLibraryW
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
Sleep
SetUnhandledExceptionFilter
GetStartupInfoW
GetConsoleMode
LockResource
LoadResource
GetProcAddress
GetFileType
FindResourceExW
WriteConsoleW
GetConsoleOutputCP
WideCharToMultiByte
WriteFile
SetLastError
LeaveCriticalSection
HeapFree
HeapAlloc
GetProcessHeap
FindClose
FindFirstFileW
FindNextFileW
GetCurrentDirectoryW
GetStdHandle
EnterCriticalSection
SetCurrentDirectoryW
InitializeCriticalSection

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6511a4542035a7d7b86486e12d6ee71

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 12KB

.pdata Size: 512B - Virtual size: 480B

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 512B - Virtual size: 28B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 12KB

.pdata
Size: 512B - Virtual size: 480B

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 512B - Virtual size: 28B