d78e9f61914c7bf2006fe4d4487c6b9c

Sharing

Copy URL Twitter E-mail

General

Target

d78e9f61914c7bf2006fe4d4487c6b9c
Size

228KB
MD5

d78e9f61914c7bf2006fe4d4487c6b9c
SHA1

f8cd43d18039d547e3c781d01645da97b3429549
SHA256

771d30360aba20b0aa76559d7b59a227ad5506ee7a31903b312c5ae2fa6776ea
SHA512

761a401e03f7d3af0f8eee5592cab17ce182a9aee4502d18715a3c34c78cd7ee822fa0c6fee481b0189674dbb49bfaf8c9cdaaee37d24ab5c8b949186f3a6288
SSDEEP

6144:vaCwynnwkcMH7t/kLJjCy5/QPYXOA8hoHy9M:vaLynnwkcMH7t/kLJjCymPIjy9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d78e9f61914c7bf2006fe4d4487c6b9c

Files

d78e9f61914c7bf2006fe4d4487c6b9c
.exe windows:4 windows x86 arch:x86

27b5a9c08506015a873b8269b2757c1d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
WideCharToMultiByte
MultiByteToWideChar
IsDBCSLeadByte
GetSystemTime
TerminateThread
TerminateProcess
FlushFileBuffers
ReadFile
WriteFile
GetComputerNameA
ExitProcess
GetCurrentProcess
HeapAlloc
GetCommandLineA
GetVersion
SetCurrentDirectoryA
SetEnvironmentVariableA
MoveFileA
HeapFree
GetTimeZoneInformation
SetStdHandle
HeapReAlloc
GetFileType
GetFullPathNameA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
GetVolumeInformationA
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStartupInfoA
RtlUnwind
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetEnvironmentVariableW
GetProcAddress
GetModuleHandleA
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
LoadLibraryA
CompareStringA
CompareStringW
GetLocaleInfoW
GetStdHandle
RaiseException
GetDriveTypeA
GetFileAttributesA
GetLastError
WaitForSingleObject
FindCloseChangeNotification
FindFirstChangeNotificationA
SetEndOfFile
SetFilePointer
CloseHandle
CreateFileA
DeleteFileA
GetCurrentDirectoryA
FindClose
FindFirstFileA
FindNextFileA
GetLocalTime
FreeEnvironmentStringsW

wsock32

send
gethostbyname

Sections

.text
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CONST
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

27b5a9c08506015a873b8269b2757c1d

Headers

File Characteristics

Imports

kernel32

wsock32

Sections

.text Size: 162KB - Virtual size: 162KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 23KB - Virtual size: 168KB

.data1 Size: 31KB - Virtual size: 30KB

CONST Size: 512B - Virtual size: 132B

_data Size: 3KB - Virtual size: 3KB

.text
Size: 162KB - Virtual size: 162KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 23KB - Virtual size: 168KB

.data1
Size: 31KB - Virtual size: 30KB

CONST
Size: 512B - Virtual size: 132B

_data
Size: 3KB - Virtual size: 3KB