b05aee638f8734ddb73e6296e95f663abad47c049bfe779d82e93b0d86f5cccf

Sharing

Copy URL Twitter E-mail

General

Target

b05aee638f8734ddb73e6296e95f663abad47c049bfe779d82e93b0d86f5cccf
Size

28KB
MD5

d5cde0c5302233bfdf5b67f90d0f5523
SHA1

6d8b23dbb3011f4756d3f431289a3e86b706f78f
SHA256

b05aee638f8734ddb73e6296e95f663abad47c049bfe779d82e93b0d86f5cccf
SHA512

f27068cf3851a76186524abe87ab19e70e06366ee4b2062d58e7eeef0d24fba910ad8805833fb198fe143b312a6a830c3c40d8878be9bd809bd358bc638aef06
SSDEEP

384:mSGEWy+YaHMh/6uqgaHcAnNSdlTcRd+hHmUgJpIpKCVj7lVro2n+qK2MYp/ZQDvu:0EZYlklw+hHmvbAl5o0+XW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b05aee638f8734ddb73e6296e95f663abad47c049bfe779d82e93b0d86f5cccf

Files

b05aee638f8734ddb73e6296e95f663abad47c049bfe779d82e93b0d86f5cccf
.exe windows:5 windows x64

c8cb483630be640638ec5b551403206c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

urlmon

URLDownloadToFileW

wininet

InternetCrackUrlW
InternetCreateUrlW

msvcrt

exit
memcmp
wcslen
__lconv_init
signal
_wcmdln
__winitenv
_initterm
_fpreset
_cexit
wcsrchr
__set_app_type
__wgetmainargs
_amsg_exit
__setusermatherr
malloc
memcpy
memset
_vsnwprintf
wcscpy

user32

LoadStringW

kernel32

GetLocalTime
TlsGetValue
DeleteCriticalSection
LoadLibraryW
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
Sleep
SetUnhandledExceptionFilter
GetStartupInfoW
GetConsoleMode
LockResource
LoadResource
GetProcAddress
GetFileType
FindResourceExW
WriteConsoleW
GetConsoleOutputCP
WideCharToMultiByte
WriteFile
SetLastError
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetConsoleScreenBufferInfo
HeapFree
HeapAlloc
GetStdHandle
GetLastError
GetProcessHeap

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 564B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c8cb483630be640638ec5b551403206c

Headers

DLL Characteristics

File Characteristics

Imports

urlmon

wininet

msvcrt

user32

kernel32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 552B

.pdata Size: 1024B - Virtual size: 564B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 512B - Virtual size: 52B

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 552B

.pdata
Size: 1024B - Virtual size: 564B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 512B - Virtual size: 52B