db444d9a752ee825c6888082a8123cc4f87dcde0adf6df1f54251aa7a600f666

Sharing

Copy URL Twitter E-mail

General

Target

db444d9a752ee825c6888082a8123cc4f87dcde0adf6df1f54251aa7a600f666
Size

107KB
MD5

e4a58fc2f907bd4d855cb2a6499c4920
SHA1

144ccc7a3986dd34f11d5d0075305fca9c11a5df
SHA256

db444d9a752ee825c6888082a8123cc4f87dcde0adf6df1f54251aa7a600f666
SHA512

0a82d592ce9c548fc9db7e7597a9a861cf08e2a208ee97ae48fb14c55542dccae83d98531cf193289cf613631419b6322f1edf61fc4b0b074e43cdfa6b61edf0
SSDEEP

1536:ChaLpR+NIBsX5husdug7EX+3OyZ4jFsaDhjJ0vIwpnjKy5C5u:Ia40Q5hSgAEdapsk0N4oC5u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db444d9a752ee825c6888082a8123cc4f87dcde0adf6df1f54251aa7a600f666

Files

db444d9a752ee825c6888082a8123cc4f87dcde0adf6df1f54251aa7a600f666
.exe windows:5 windows x86

601e0dc3c314daf0d6a054af90515cbf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileSectionA
lstrlenA
GetTickCount
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcess
WritePrivateProfileStringA
Sleep
FindClose
FindFirstFileA
GetLastError
GetCurrentThreadId
CloseHandle
CreateFileA
GetPrivateProfileIntA
LoadLibraryA
GetModuleFileNameA
SetLastError
GetModuleHandleA
TerminateProcess
GetStringTypeA
GetLocaleInfoA
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
InitializeCriticalSectionAndSpinCount
WritePrivateProfileSectionA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
DeleteFileA
GetStringTypeW
GetProcAddress
HeapSize
GetCurrentProcessId
QueryPerformanceCounter
FlushFileBuffers
SetStdHandle
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
ReadFile
HeapFree
GetProcessHeap
InterlockedIncrement
InterlockedExchange
RtlUnwind
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
HeapAlloc
HeapReAlloc
GetCommandLineA
GetStartupInfoA
LCMapStringA
LCMapStringW
GetCPInfo
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetHandleCount
GetStdHandle
GetFileType
GetTimeZoneInformation
GetACP
GetOEMCP
IsValidCodePage
WriteFile
GetConsoleCP
GetConsoleMode
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess

user32

RegisterClassExA
CreateWindowExA
PostQuitMessage
DestroyWindow
wsprintfA
GetMessageA
DispatchMessageA
TranslateMessage
DefWindowProcA
PostMessageA

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
VariantClear
SysAllocString

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

601e0dc3c314daf0d6a054af90515cbf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

Sections

.text Size: 85KB - Virtual size: 84KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 5KB - Virtual size: 12KB

.text
Size: 85KB - Virtual size: 84KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 5KB - Virtual size: 12KB