dc172b6d856cd49e1bef1f2ac90cdcb7e296350713bd122ba645f0d5e3e004a7

Resubmissions

08-12-2023 09:44

231208-lqltssad73 10

03-05-2022 14:46

220503-r5ab7shef7 10

Sharing

Copy URL

Twitter E-mail

General

Target

dc172b6d856cd49e1bef1f2ac90cdcb7e296350713bd122ba645f0d5e3e004a7
Size

184KB
MD5

f5f6ba34d4c80305f9106fb307a33ca8
SHA1

b338e884ec5e1a27148ecb8a4dd2814dfbc4644c
SHA256

dc172b6d856cd49e1bef1f2ac90cdcb7e296350713bd122ba645f0d5e3e004a7
SHA512

0622ef42699a3f604f9bfed415002e7660467ac645ae88fa2219c6ca0ea411946a9948bb39fe11c5e4e25254c6de775f1e447f22035c9cd32712c7171823ac64
SSDEEP

3072:cILZvMHXKVi7eSWM1G6PSFccuEiP5IIs+/6L0cLLnKtEXnRuT:cILgXVr1G69rW+QR2y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc172b6d856cd49e1bef1f2ac90cdcb7e296350713bd122ba645f0d5e3e004a7

Files

dc172b6d856cd49e1bef1f2ac90cdcb7e296350713bd122ba645f0d5e3e004a7
.exe windows:5 windows x86 arch:x86

9218559b9850c4dc7a84b71909671346

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
EnumResourceNamesW
SetDefaultCommConfigA
WritePrivateProfileStructA
CopyFileExW
TlsGetValue
SetLocalTime
GetNumberOfConsoleInputEvents
LocalCompact
LoadResource
WriteTapemark
InterlockedIncrement
ReadConsoleA
InterlockedDecrement
SetConsoleActiveScreenBuffer
GetProfileStringW
SleepEx
ConnectNamedPipe
_lclose
SetTapeParameters
GetModuleHandleW
GetProcessHeap
GetSystemTimeAsFileTime
WriteFile
SetProcessPriorityBoost
ActivateActCtx
FindResourceExA
GlobalAlloc
GetPrivateProfileIntA
LoadLibraryW
SetSystemTimeAdjustment
GetFileAttributesW
IsDBCSLeadByte
lstrcatA
GetACP
lstrlenW
GetLastError
GetProcAddress
VirtualAlloc
CreateNamedPipeA
SetVolumeLabelW
ReadFileEx
GetConsoleDisplayMode
VirtualProtectEx
SearchPathA
GetExitCodeThread
BeginUpdateResourceA
AddAtomA
GetTapeParameters
CreateMutexA
FreeEnvironmentStringsW
PurgeComm
CompareStringA
GetConsoleCursorInfo
ScrollConsoleScreenBufferA
OpenSemaphoreW
GetVersionExA
DebugBreak
FindActCtxSectionStringW
GetSystemTime
SuspendThread
lstrcpyW
RaiseException
GetModuleHandleA
HeapAlloc
GetStartupInfoW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapFree
VirtualFree
HeapReAlloc
HeapCreate
Sleep
ExitProcess
GetStdHandle
GetModuleFileNameA
SetUnhandledExceptionFilter
GetModuleFileNameW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
InitializeCriticalSectionAndSpinCount
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
LoadLibraryA
GetCPInfo
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
WideCharToMultiByte
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

user32

GetCursorPos

Sections

.text
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 737KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

9218559b9850c4dc7a84b71909671346

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 142KB - Virtual size: 142KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 5KB - Virtual size: 737KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 142KB - Virtual size: 142KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 5KB - Virtual size: 737KB

.rsrc
Size: 20KB - Virtual size: 19KB