436009b07005b70e0ad508b2c6e80b0ef8a0b134b1b2a519399f8df5e86c1e41

General

Target

436009b07005b70e0ad508b2c6e80b0ef8a0b134b1b2a519399f8df5e86c1e41
Size

7KB
MD5

868269c418058d88b26fd67b456bdb33
SHA1

6ad92061c5b41806b4140156cdc78b3faf8ba0c1
SHA256

436009b07005b70e0ad508b2c6e80b0ef8a0b134b1b2a519399f8df5e86c1e41
SHA512

b09e137381b2a1194d7f0e4679eb8b09d227849f82ed2ca5f20840e5051213d14c61524e97ca2389e1f472d5b823621e6b01ecd17f237b2d4f5116ea2ae5d07f
SSDEEP

48:C+Cu3gXvzbRneYSw9v26shxfYvIosKaCCM2HtOxPAcPQh/PvopY3MWg0TRvkbTas:r3gLVnem9v2prfUFVOMEb3q6xW3M7xo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
436009b07005b70e0ad508b2c6e80b0ef8a0b134b1b2a519399f8df5e86c1e41

Files

436009b07005b70e0ad508b2c6e80b0ef8a0b134b1b2a519399f8df5e86c1e41
.exe windows:6 windows x86

16bb0a1b581a9fbbb50a559221cca1c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
CloseHandle
GetLastError
SetLastError
WaitForSingleObject
GetCurrentProcess
GetCurrentProcessId
CreateRemoteThread
GetExitCodeThread
OpenProcess
VirtualAllocEx
WriteProcessMemory
VirtualFreeEx
IsWow64Process
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
QueryPerformanceCounter

shell32

CommandLineToArgvW

ntdll

RtlImageNtHeader
LdrProcessRelocationBlock
NtFreeVirtualMemory
NtAllocateVirtualMemory
LdrUnloadDll
NtQueryVirtualMemory
memcpy
LdrGetProcedureAddress
swscanf_s
RtlInitUnicodeString
wcscpy_s
NtProtectVirtualMemory
LdrLoadDll
RtlUnicodeStringToAnsiString

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16bb0a1b581a9fbbb50a559221cca1c6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

ntdll

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 204B

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 204B