db475bed756ec160e728741bd57b67c2

Sharing

Copy URL Twitter E-mail

General

Target

db475bed756ec160e728741bd57b67c2
Size

144KB
MD5

db475bed756ec160e728741bd57b67c2
SHA1

e95858f6d6df1650948134204ec09a67a0f2f8da
SHA256

a521d18336f5c0b8f1dbaae76cb9d0af9dd064ad40650e9bfb68b4fb7f237243
SHA512

73ae300fb036311bc1a5764b560fdd0b0956bcccc3040b92fef05cf170783923291a216e8d3c1141e0b972bcd28f87dc6723da7427a2c0f067cb858e4f8ee5f1
SSDEEP

3072:bAH0HQcUpAhRaPELmnt6xd15koHD7e/L:bfRhRaPELOXiD7oL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db475bed756ec160e728741bd57b67c2

Files

db475bed756ec160e728741bd57b67c2
.exe windows:5 windows x86 arch:x86

d4051887ae6f6a87571778f979cd61ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLocalTime
lstrcpynA
InterlockedIncrement
ReadConsoleA
InterlockedDecrement
GetCurrentProcess
GetEnvironmentStringsW
GetUserDefaultLCID
AddConsoleAliasW
SetEvent
GetCommandLineA
GetEnvironmentStrings
ReadConsoleInputA
GetSystemWindowsDirectoryA
DeleteVolumeMountPointW
LeaveCriticalSection
GetComputerNameExA
FindNextVolumeW
GetLocaleInfoA
ReadFile
SetConsoleTitleA
GetLongPathNameW
GetProcAddress
PeekConsoleInputW
VerLanguageNameA
CopyFileA
EnterCriticalSection
GetAtomNameA
WriteConsoleA
LocalAlloc
CreateTapePartition
SetConsoleOutputCP
GetModuleFileNameA
GetOEMCP
GetModuleHandleA
GetFileAttributesExW
GetCPInfoExA
Module32Next
ReadConsoleInputW
GetCurrentProcessId
VerifyVersionInfoA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetLastError
Sleep
HeapSize
ExitProcess
HeapFree
SetFilePointer
WriteFile
GetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
SetHandleCount
GetFileType
DeleteCriticalSection
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
IsValidCodePage
RaiseException
HeapAlloc
HeapReAlloc
VirtualAlloc
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
SetStdHandle
FlushFileBuffers
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CreateFileA
CloseHandle

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 29.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4051887ae6f6a87571778f979cd61ef

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 90KB - Virtual size: 89KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 29.1MB

.rsrc Size: 29KB - Virtual size: 28KB

.text
Size: 90KB - Virtual size: 89KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 29.1MB

.rsrc
Size: 29KB - Virtual size: 28KB