67583cc0e14f1b87494b279b19f11ea9

Sharing

Copy URL Twitter E-mail

General

Target

67583cc0e14f1b87494b279b19f11ea9
Size

11.9MB
MD5

67583cc0e14f1b87494b279b19f11ea9
SHA1

fc7bb61a956b049ed7fafc9118f915bf7b9d19fc
SHA256

ffd12580b7012b1f4dab3f6ec496c6212086ee5c4967024483afa5cef88c048f
SHA512

a92b5792ee97d70da929604f0a546c121f883b2a41514820b9664a207f7e2122b2b2fd52ba19e587af8cc1d07d421ddc215d186388b2bf9c5c58aa25200cc0d7
SSDEEP

196608:twH222222222222222222222222222222222222222222222222222222222222e:twH2222222222222222222222222222e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67583cc0e14f1b87494b279b19f11ea9

Files

67583cc0e14f1b87494b279b19f11ea9
.exe windows:5 windows x86 arch:x86

943257016140161e36448820d517bd78

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNamedPipeHandleStateA
GetSystemDefaultLCID
GetCommandLineA
GetDriveTypeA
LoadLibraryW
GetAtomNameW
ReadFile
lstrlenW
GetCurrentProcess
SetConsoleTitleA
EnumSystemLocalesA
GetLastError
GetProcAddress
WriteConsoleA
GetProcessId
DebugSetProcessKillOnExit
DebugBreakProcess
BuildCommDCBA
SetProcessShutdownParameters
HeapAlloc
LoadResource
FindResourceW
GetProcessIoCounters
GlobalMemoryStatus
CreateTimerQueue
CreateFileA
IsBadStringPtrA
LocalUnlock
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
InterlockedCompareExchange
InterlockedExchange
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
GetStartupInfoA
GetCPInfo
HeapValidate
IsBadReadPtr
RaiseException
RtlUnwind
LCMapStringW
LCMapStringA
GetStringTypeW
TlsGetValue
GetModuleHandleW
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
SetLastError
DebugBreak
GetStdHandle
WriteFile
OutputDebugStringA
WriteConsoleW
GetFileType
OutputDebugStringW
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapDestroy
HeapCreate
HeapFree
VirtualFree
GetStringTypeA
FlushFileBuffers
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc
VirtualAlloc
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
IsValidLocale
GetUserDefaultLCID
SetFilePointer
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetLocaleInfoW
SetStdHandle
GetConsoleOutputCP
CloseHandle

Sections

.text
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 41.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11.7MB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

943257016140161e36448820d517bd78

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 212KB - Virtual size: 212KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 12KB - Virtual size: 41.5MB

.tls Size: 4KB - Virtual size: 4KB

.rsrc Size: 11.7MB - Virtual size: 37KB

.text
Size: 212KB - Virtual size: 212KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 12KB - Virtual size: 41.5MB

.tls
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 11.7MB - Virtual size: 37KB