d2742de01c96b71189a2776d33c7a0d881c83ec0ef32cfb963573c7f18d9c18f

General

Target

d2742de01c96b71189a2776d33c7a0d881c83ec0ef32cfb963573c7f18d9c18f
Size

25KB
MD5

ee3b3732315863bbfc7fcee66371bf92
SHA1

a8125e7ab051aa462d8b30bae30269245beb125c
SHA256

d2742de01c96b71189a2776d33c7a0d881c83ec0ef32cfb963573c7f18d9c18f
SHA512

741a4acf9505261a09be9ba0354180c2eb9986487a9f01a5044acac394ad3438705c034580134bd7352290eede97d57c2fb4fbf8113a3630e1ce7980fd917ff5
SSDEEP

384:7d9MEp+r/W2s9iA05rWWKbHUAtmlxdcTcRh+hQNwpa6vOxj70vqHFHPGT:7d9MEumrreLcE+hQNwFOZGq9g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2742de01c96b71189a2776d33c7a0d881c83ec0ef32cfb963573c7f18d9c18f

Files

d2742de01c96b71189a2776d33c7a0d881c83ec0ef32cfb963573c7f18d9c18f
.exe windows:5 windows x64

d6511a4542035a7d7b86486e12d6ee71

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

_amsg_exit
__lconv_init
signal
_wcmdln
__winitenv
_initterm
_fpreset
_cexit
__set_app_type
__wgetmainargs
swprintf
__setusermatherr
memcpy
_vsnwprintf
wcslen
wcstok
wcscpy
wcscmp
wcscat
memset
towlower
realloc
malloc
free
exit

kernel32

GetVolumeInformationW
TlsGetValue
GetLastError
DeleteCriticalSection
LoadLibraryW
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
Sleep
SetUnhandledExceptionFilter
GetStartupInfoW
GetConsoleMode
LockResource
LoadResource
GetProcAddress
GetFileType
FindResourceExW
WriteConsoleW
GetConsoleOutputCP
WideCharToMultiByte
WriteFile
SetLastError
LeaveCriticalSection
HeapFree
HeapAlloc
GetProcessHeap
FindClose
FindFirstFileW
FindNextFileW
GetCurrentDirectoryW
GetStdHandle
EnterCriticalSection
SetCurrentDirectoryW
InitializeCriticalSection

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6511a4542035a7d7b86486e12d6ee71

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 12KB

.pdata Size: 512B - Virtual size: 480B

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 512B - Virtual size: 28B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 12KB

.pdata
Size: 512B - Virtual size: 480B

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 512B - Virtual size: 28B