e12a36ef5aa7d1633862556cc8d620ed522bfe82c0530001d11b3e8a74247167

General

Target

e12a36ef5aa7d1633862556cc8d620ed522bfe82c0530001d11b3e8a74247167
Size

7.2MB
MD5

48abd7434ede34996c9f53b3e5ec9a28
SHA1

8cf221972d8a2f6fa614bc773c1b1b9a428bfc7e
SHA256

e12a36ef5aa7d1633862556cc8d620ed522bfe82c0530001d11b3e8a74247167
SHA512

7e75e96840f18f3577e4047b4df6dd4450acf9d918717277f52854fb4fef35ebe9798f4c74e95eadeb16cf0383948612571af773e097aceffede8318f78d7591
SSDEEP

49152:BoPQ5PXtIraZsrb/T6vO90d7HjmAFd4A64nsfJCJ/BWkTzEw85kbbUzpnwFQReDZ:UJaZrP7bUNNeDXGDE1E2uVqr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e12a36ef5aa7d1633862556cc8d620ed522bfe82c0530001d11b3e8a74247167

Files

e12a36ef5aa7d1633862556cc8d620ed522bfe82c0530001d11b3e8a74247167
.exe windows:6 windows x64

f0ea7b7844bbc5bfa9bb32efdcea957c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteFile
WriteConsoleW
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
TlsAlloc
SwitchToThread
SuspendThread
SetWaitableTimer
SetUnhandledExceptionFilter
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
ResumeThread
PostQueuedCompletionStatus
LoadLibraryA
LoadLibraryW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatusEx
GetProcessAffinityMask
GetProcAddress
GetEnvironmentStringsW
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateWaitableTimerExW
CreateThread
CreateIoCompletionPort
CreateFileA
CreateEventA
CloseHandle
AddVectoredExceptionHandler

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.6MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 286KB - Virtual size: 667KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0ea7b7844bbc5bfa9bb32efdcea957c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 3.3MB - Virtual size: 3.3MB

.rdata Size: 3.6MB - Virtual size: 3.5MB

.data Size: 286KB - Virtual size: 667KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 59KB - Virtual size: 58KB

.symtab Size: 512B - Virtual size: 4B

.text
Size: 3.3MB - Virtual size: 3.3MB

.rdata
Size: 3.6MB - Virtual size: 3.5MB

.data
Size: 286KB - Virtual size: 667KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 59KB - Virtual size: 58KB

.symtab
Size: 512B - Virtual size: 4B