02346a1faf189af71a7fcf30b6776032

Sharing

Copy URL Twitter E-mail

General

Target

02346a1faf189af71a7fcf30b6776032
Size

15KB
MD5

02346a1faf189af71a7fcf30b6776032
SHA1

772975b444839c99aa6ff6711a024b70e162e584
SHA256

7cba084e2aae824b4e9c7713340a1555956d2459be5df284cc6661ab62cc0e67
SHA512

942938b08ae1e04d8a15e46e0d40ef1fb66e41ea6e06d2333882162a61cd2e93c2579330cdbdf942ebd789d3f63809891a16446addf5855f00b1c9d0a67f8612
SSDEEP

384:GNxS0ZQHebLYZtShWxzyu0ljcQ4x7h5fP4bD6HF:G5ZQ5Dlzyu9x7htP4bwF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02346a1faf189af71a7fcf30b6776032

Files

02346a1faf189af71a7fcf30b6776032
.exe windows:6 windows x86 arch:x86

ac124f58ad1e22310aa2abdd035a8cf1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
OpenProcess
CreateToolhelp32Snapshot
CreateFileA
LoadLibraryA
Process32Next
CloseHandle
GetProcAddress
VirtualAllocEx
VirtualAlloc
CreateRemoteThread
VirtualFreeEx
SetConsoleTitleA
GetStdHandle
GetConsoleCursorInfo
Sleep
SetConsoleCursorInfo
SetUnhandledExceptionFilter
WriteProcessMemory
Process32First
GetFileSize
ReadFile
GetCurrentProcess
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetModuleHandleW
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent

msvcp140

?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Random_device@std@@YAIXZ
?_Xlength_error@std@@YAXPBD@Z

urlmon

URLDownloadToFileA

vcruntime140

__std_exception_copy
_CxxThrowException
__CxxFrameHandler3
memcpy
memmove
_except_handler4_common
memset
__current_exception_context
__std_exception_destroy
__current_exception

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_crt_atexit
__p___argv
_controlfp_s
_cexit
_initterm
exit
_c_exit
__p___argc
_exit
_invalid_parameter_noinfo_noreturn
_register_thread_local_exe_atexit_callback
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
terminate
_set_app_type
_seh_filter_exe
_initterm_e

api-ms-win-crt-locale-l1-1-0

setlocale
_configthreadlocale

api-ms-win-crt-filesystem-l1-1-0

remove

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh
_set_new_mode

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac124f58ad1e22310aa2abdd035a8cf1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp140

urlmon

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1024B - Virtual size: 672B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1024B - Virtual size: 672B