002d4d126173fe33d6052b30d5d0543f

Sharing

Copy URL

Twitter E-mail

General

Target

002d4d126173fe33d6052b30d5d0543f
Size

95KB
MD5

002d4d126173fe33d6052b30d5d0543f
SHA1

84775b55ddb78e57b2f9bb73843e6d79df52dab2
SHA256

132c0d07f22eb34a41fb98c3e6723cce3ae80ec9ab3e894bccd1bf44c0ab00c9
SHA512

dfbc4bcececfacc2b95400744c5dea646405e9fbbc23bd680e3ab5f690dbf754e5829a08686510675d32dbffbbbdefc8857b2ec66d2577ddafa3137e369debf6
SSDEEP

768:PaTxiU9QVETv4krsJgnc/DZnNIlcpqOMvXTxEGbSqO0akp+tz9nHhtnys3ztdLhD:/MQk4JrDPIbTekwRhtnyyZd1qId

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
002d4d126173fe33d6052b30d5d0543f

Files

002d4d126173fe33d6052b30d5d0543f
.exe windows:4 windows x86 arch:x86

120c6901d7d3f915b1dd62557f100204

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

libgcc_s_dw2-1

_Unwind_Resume
__deregister_frame_info
__register_frame_info
__udivdi3
__umoddi3

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___mb_cur_max_func
__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_errno
_initterm
_iob
_itoa
_lock
_onexit
_unlock
abort
atoi
calloc
exit
fprintf
fputc
free
fwrite
localeconv
localtime
malloc
memcpy
puts
setlocale
signal
strchr
strerror
strftime
strlen
strncmp
time
vfprintf
wcslen

user32

GetAsyncKeyState
GetForegroundWindow
GetWindowTextA

libstdc++-6

_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE12find_last_ofEPKcjj
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE4findEPKcjj
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE7compareEPKc
_ZNSt14basic_ofstreamIcSt11char_traitsIcEEC1Ev
_ZNSt14basic_ofstreamIcSt11char_traitsIcEED1Ev
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_assignERKS4_
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_createERjj
_ZNSt8ios_base4InitC1Ev
_ZNSt8ios_base4InitD1Ev
_ZSt16__ostream_insertIcSt11char_traitsIcEERSt13basic_ostreamIT_T0_ES6_PKS3_i
_ZSt19__throw_logic_errorPKc
_ZSt24__throw_out_of_range_fmtPKcz
_ZSt4cout
_ZSt4endlIcSt11char_traitsIcEERSt13basic_ostreamIT_T0_ES6_
_ZdaPv
_ZdlPv
_Znaj
__gxx_personality_v0

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 512B - Virtual size: 329B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 1024B - Virtual size: 553B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/67
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/80
Size: 512B - Virtual size: 153B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

120c6901d7d3f915b1dd62557f100204

Headers

File Characteristics

Imports

libgcc_s_dw2-1

kernel32

msvcrt

user32

libstdc++-6

Sections

.text Size: 30KB - Virtual size: 29KB

.data Size: 512B - Virtual size: 96B

.rdata Size: 3KB - Virtual size: 2KB

/4 Size: 6KB - Virtual size: 6KB

.bss Size: - Virtual size: 3KB

.idata Size: 3KB - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

/14 Size: 512B - Virtual size: 56B

/29 Size: 8KB - Virtual size: 7KB

/41 Size: 512B - Virtual size: 329B

/55 Size: 1024B - Virtual size: 553B

/67 Size: 512B - Virtual size: 56B

/80 Size: 512B - Virtual size: 153B

.text
Size: 30KB - Virtual size: 29KB

.data
Size: 512B - Virtual size: 96B

.rdata
Size: 3KB - Virtual size: 2KB

/4
Size: 6KB - Virtual size: 6KB

.bss
Size: - Virtual size: 3KB

.idata
Size: 3KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

/14
Size: 512B - Virtual size: 56B

/29
Size: 8KB - Virtual size: 7KB

/41
Size: 512B - Virtual size: 329B

/55
Size: 1024B - Virtual size: 553B

/67
Size: 512B - Virtual size: 56B

/80
Size: 512B - Virtual size: 153B