977df8430b2b3dce4026260f61d9648c4a5367a5ef2f7494c1f3b491b33f5748

Sharing

Copy URL Twitter E-mail

General

Target

977df8430b2b3dce4026260f61d9648c4a5367a5ef2f7494c1f3b491b33f5748
Size

13.8MB
MD5

98e74ecf753f885cf9a276b7efb1ea9b
SHA1

239db6384ea820961609f59ed74aca9de05f6dab
SHA256

977df8430b2b3dce4026260f61d9648c4a5367a5ef2f7494c1f3b491b33f5748
SHA512

c796736ce5e4378711099f76c183ef236f1dafcf94381b6817131388730c25192ea3c1483954699ce7e93d06a3bad8124ad0f2adf08bff565c0f4677fd95d877
SSDEEP

12288:+uu7nnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn:+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
977df8430b2b3dce4026260f61d9648c4a5367a5ef2f7494c1f3b491b33f5748

Files

977df8430b2b3dce4026260f61d9648c4a5367a5ef2f7494c1f3b491b33f5748
.exe windows:5 windows x86

e11b0f2991c98cc7226dee5830a029bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrlenA
WaitNamedPipeA
GetCurrentProcess
SetEvent
GetModuleHandleW
GetTickCount
ReadConsoleW
WriteFile
FindActCtxSectionStringA
FindResourceExA
GetConsoleCP
GlobalAlloc
FreeConsole
GetFileAttributesA
GetFileAttributesW
TryEnterCriticalSection
lstrlenW
ReleaseActCtx
GetProcAddress
GetTapeStatus
LocalLock
HeapUnlock
ResetEvent
LoadLibraryA
SetConsoleCtrlHandler
HeapLock
SetConsoleWindowInfo
SetConsoleTitleW
GetPrivateProfileSectionA
SetFileShortNameA
GetCurrentProcessId
WriteProcessMemory
VerifyVersionInfoA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
ExitProcess
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
GetLastError
GetStdHandle
GetModuleFileNameA
TerminateProcess
IsDebuggerPresent
HeapAlloc
HeapFree
EnterCriticalSection
LeaveCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
CloseHandle
CreateFileA
HeapSize
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
SetEndOfFile
GetProcessHeap
ReadFile

advapi32

ReportEventA

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 7.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13.7MB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e11b0f2991c98cc7226dee5830a029bc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 69KB - Virtual size: 68KB

.data Size: 57KB - Virtual size: 7.9MB

.tls Size: 46KB - Virtual size: 45KB

.rsrc Size: 13.7MB - Virtual size: 43KB

.text
Size: 69KB - Virtual size: 68KB

.data
Size: 57KB - Virtual size: 7.9MB

.tls
Size: 46KB - Virtual size: 45KB

.rsrc
Size: 13.7MB - Virtual size: 43KB