7b3a28bfe1eb241dd539336313198a6684bcbef1905349b8b0859de555bdf3dc

General

Target

7b3a28bfe1eb241dd539336313198a6684bcbef1905349b8b0859de555bdf3dc
Size

1.6MB
MD5

6c8bf477e0bf5273be5d338d3d529c1a
SHA1

6109db58ac8792573926dbade7a4e3b9395f8485
SHA256

7b3a28bfe1eb241dd539336313198a6684bcbef1905349b8b0859de555bdf3dc
SHA512

9fc6453b942615a223726b5e1385c8d1acd904b6401694694202d9bffc14ba21200815df91b4598c6421c75243fdf247d0c73eeb3a7d89a785e9e9d3acd159ba
SSDEEP

24576:e6GFgZ633ouDVeBGWpcNjvPiJCFO6RTFuLVnnZttF8aqeMIFRcs6rFY+s:PlwosYGWplJCFbRTknZN8aCIUs8I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b3a28bfe1eb241dd539336313198a6684bcbef1905349b8b0859de555bdf3dc

Files

7b3a28bfe1eb241dd539336313198a6684bcbef1905349b8b0859de555bdf3dc
.exe windows:5 windows x86 arch:x86

b610b1ff2dfb4b84acc0b3fb1474f9f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomW
WaitForSingleObject
Sleep
CreateThread
lstrlenW
VirtualProtect
GetProcAddress
LoadLibraryA
VirtualAlloc
GetModuleHandleA
FreeConsole
RtlUnwind
GetCommandLineA
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
SetUnhandledExceptionFilter
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
HeapAlloc
HeapReAlloc
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.bss
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.nurz
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b610b1ff2dfb4b84acc0b3fb1474f9f2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.bss Size: 1KB - Virtual size: 1KB

.nurz Size: 11KB - Virtual size: 11KB

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 1.6MB - Virtual size: 1.6MB

.bss
Size: 1KB - Virtual size: 1KB

.nurz
Size: 11KB - Virtual size: 11KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 1.6MB - Virtual size: 1.6MB