1168b1c81e6dee7de74f426579cadf9d0d0d5fb6944c47be752b8cb68c7b9b71

General

Target

1168b1c81e6dee7de74f426579cadf9d0d0d5fb6944c47be752b8cb68c7b9b71
Size

421KB
MD5

8725ae8e4d50378e282c2008b3a67320
SHA1

0d1d40439133a471c994e0a0a16baddca9d8de16
SHA256

1168b1c81e6dee7de74f426579cadf9d0d0d5fb6944c47be752b8cb68c7b9b71
SHA512

b4044ef2aa8067ea49c1758f5d11d58764bf4661c0fecc25b02a405260b6b9905795ad6440bd07e91c4864aa141a6bd5c19c51c4beb402f5f4ad7948ac53a39b
SSDEEP

768:ipNT1tnX422HAMmxeDsAX68UNXjbY8MEQgCXWWCNKYtlUI5iaroTzDvuGUUs:iph1NXz2gMMssMH5gNZ+Irq3uGUUs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1168b1c81e6dee7de74f426579cadf9d0d0d5fb6944c47be752b8cb68c7b9b71

Files

1168b1c81e6dee7de74f426579cadf9d0d0d5fb6944c47be752b8cb68c7b9b71
.exe windows:6 windows x86

c2fc5a834331b6652306abd4eb4126b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
HeapAlloc
HeapFree
VirtualFree
GetProcessHeap
GetProcAddress
VirtualAlloc
LoadLibraryA
VirtualProtect
GetLastError
HeapReAlloc
EncodePointer
DecodePointer
GetCommandLineA
IsDebuggerPresent
IsProcessorFeaturePresent
InterlockedIncrement
InterlockedDecrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
GetCurrentThreadId
MultiByteToWideChar
ExitProcess
GetModuleHandleExW
HeapSize
Sleep
GetStdHandle
WriteFile
GetModuleFileNameW
RaiseException
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitOnceExecuteOnce
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetCurrentProcess
TerminateProcess
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
LCMapStringEx
LoadLibraryExW
RtlUnwind
OutputDebugStringW
LoadLibraryW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle
CreateFileW

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 356KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2fc5a834331b6652306abd4eb4126b9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 356KB - Virtual size: 363KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 356KB - Virtual size: 363KB

.rsrc
Size: 11KB - Virtual size: 11KB