1b754138dece878430756f303b58192149e09030bab0d9b304550428f1d91da0

General

Target

1b754138dece878430756f303b58192149e09030bab0d9b304550428f1d91da0
Size

34KB
MD5

f38863bea812635ead16568eaf812242
SHA1

3a826dd6a915a1bf48f9b0735a24225023e55b4a
SHA256

1b754138dece878430756f303b58192149e09030bab0d9b304550428f1d91da0
SHA512

f0414ffc44c7826cdfef56f5e2daa2ab9d558793fd93f698392f446637b6d5df7b5c1eae6f948e7223a22dfc70685c5e61f2a7a215e7e8975f9ef8cd2a04b348
SSDEEP

384:BUVPhIj1q2n1SbI9rmsKg1nuA2DqjTBeBFlQhleNtUITZRyxQb66QIwdINlIZp/S:yfbILD1nuAmq3QQhlUTZzbNQxdINW+G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b754138dece878430756f303b58192149e09030bab0d9b304550428f1d91da0

Files

1b754138dece878430756f303b58192149e09030bab0d9b304550428f1d91da0
.exe windows:4 windows x64 arch:x64

0c18f6bce2acec2d2367bc9db958d831

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

ExitProcess
GetCommandLineW
GetConsoleScreenBufferInfo
GetStdHandle
WriteFile
WriteConsoleW
SetConsoleTextAttribute
OutputDebugStringW
GetConsoleMode
CreateMutexW
CreateEventW
GetSystemInfo
CloseHandle
WaitForMultipleObjectsEx
SetEvent
DeviceIoControl
GetFileInformationByHandle
CreateFileW
GetLastError
WaitForSingleObject
ReleaseMutex
CreateThread
GetCurrentProcess
FormatMessageW
GetModuleHandleW
LocalFree
SetLastError
GetFileAttributesW
GetFileSize
GetVersion
GetCurrentDirectoryW
GetModuleFileNameW
GetEnvironmentVariableW
GetFileTime
FindClose
FindNextFileW
FindFirstFileW
HeapAlloc
GetProcessHeap
HeapFree
GetSystemDirectoryW
GetProcAddress
WideCharToMultiByte

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 918B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c18f6bce2acec2d2367bc9db958d831

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 512B - Virtual size: 918B

.pdata Size: 1024B - Virtual size: 936B

.rsrc Size: 1024B - Virtual size: 776B

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 918B

.pdata
Size: 1024B - Virtual size: 936B

.rsrc
Size: 1024B - Virtual size: 776B