430d22548ba11c8c9485f7ce283adbe9

Sharing

Copy URL Twitter E-mail

General

Target

430d22548ba11c8c9485f7ce283adbe9
Size

64KB
MD5

430d22548ba11c8c9485f7ce283adbe9
SHA1

6c63425ee568d200d367db085daee31636c7b479
SHA256

6e41db1ecff6418633278252ad46ae80119cbc14db678cf9f4e07fa253c72812
SHA512

51b87db3f74e323057fa3d342b414d441da082c91eb8233ec10000d7c75f817b5c47364516e8fdadbb5201450441a1f6d6584a1319d22fa78bdccbf5b39ad944
SSDEEP

1536:wibOM2rpr8/xgPxUh3ijVT7OzA+l0Ji7zreLML:FKbJ+gPqgxT7Okm+greLK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
430d22548ba11c8c9485f7ce283adbe9

Files

430d22548ba11c8c9485f7ce283adbe9
.exe windows:4 windows x86 arch:x86

a7eb30581276bc80716fd6639463eb1e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetVolumeLabelW
FindNextVolumeW
VirtualAlloc
BuildCommDCBAndTimeoutsA
ReadConsoleA
SetFilePointerEx
FindNextChangeNotification
SetVolumeMountPointA
SetConsoleDisplayMode
LZRead
DuplicateHandle
SetVolumeLabelA
GetTempFileNameA
WinExec
OpenJobObjectA
FindNextVolumeA
GetCommandLineA

dhcpcsvc

DhcpUndoRequestParams

odbc32

SQLCancel

crypt32

CertFreeCRLContext

user32

SetDlgItemTextA
EnableWindow
CopyIcon
SetScrollRange
EndDeferWindowPos
GetMonitorInfoA
SetDeskWallpaper
EnumDisplaySettingsA
RedrawWindow
CreateWindowExA
LoadBitmapA
SetRectEmpty
CreateWindowExA

advapi32

AddAce
GetAce

Exports

Exports

ReadDdnqrhwhlf
Bkmkbbvfdbk
Drxuxmp
AddHvkxhjs
Yrknwjrxrju
Lrunlcd
Vfujdegk
CreateFyakgmp
Pymbvmvjtrd
Gkspoif
WriteHyqaklf
Ydpoeia
CreateTkdaxsrql
WriteVmlftvvkn
InitClghitqa
AddMeoqhia
Dcoqdimnam
Qclvjlr

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a7eb30581276bc80716fd6639463eb1e

Headers

File Characteristics

Imports

kernel32

dhcpcsvc

odbc32

crypt32

user32

advapi32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 39KB

.data Size: 1024B - Virtual size: 600B

.rdata Size: 20KB - Virtual size: 125KB

.idata Size: 1024B - Virtual size: 988B

.edata Size: 512B - Virtual size: 452B

.rsrc Size: 1024B - Virtual size: 1024B

.text
Size: 40KB - Virtual size: 39KB

.data
Size: 1024B - Virtual size: 600B

.rdata
Size: 20KB - Virtual size: 125KB

.idata
Size: 1024B - Virtual size: 988B

.edata
Size: 512B - Virtual size: 452B

.rsrc
Size: 1024B - Virtual size: 1024B