277fa8b7d2c20fc3b6c086b0072ffea1

General

Target

277fa8b7d2c20fc3b6c086b0072ffea1
Size

62KB
MD5

277fa8b7d2c20fc3b6c086b0072ffea1
SHA1

4428e1507ec89101d6460ba27b054e7332aaf265
SHA256

193313d0628dc6419f1364f796563d5047efe94f31f0b730efcba98bc587f80b
SHA512

3284025bc3e276b12fba7d383d304cbd3f8e5ea066d8e66246762488028a218a20b4ba4362b21109040de9c6dfcd1f461f2a38ce7a23d3036e6e3357653de7a6
SSDEEP

1536:V9KiLxshSKqrpof8jIWzERuUqhQbjOLqE2:GiLxsh2e0jdS5qhQbjOLL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
277fa8b7d2c20fc3b6c086b0072ffea1

Files

277fa8b7d2c20fc3b6c086b0072ffea1
.exe windows:4 windows x64 arch:x64

bd31922b2b929649fd55af9ddc333031

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CreateMutexA
GetLastError
LoadLibraryA
GetProcAddress
GetModuleFileNameA
Sleep
FlushFileBuffers
CloseHandle
CreateFileA
HeapReAlloc
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetFileAttributesA
GetModuleHandleA
ExitProcess
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
FlsGetValue
FlsSetValue
TlsFree
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
WriteFile
GetStdHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
RtlUnwindEx
InitializeCriticalSection
RtlVirtualUnwind
RtlLookupFunctionEntry
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
MultiByteToWideChar
GetLocaleInfoA

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd31922b2b929649fd55af9ddc333031

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 41KB - Virtual size: 41KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 5KB - Virtual size: 13KB

.pdata Size: 3KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 41KB - Virtual size: 41KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 5KB - Virtual size: 13KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 4KB