135c41a6e2d5d1c3469b255c0a5760cb

General

Target

135c41a6e2d5d1c3469b255c0a5760cb
Size

464KB
MD5

135c41a6e2d5d1c3469b255c0a5760cb
SHA1

c4e1102195e000d6a63f136f254fb43f0837066b
SHA256

6c70cc6aac13d6c22687678a4ecada8f1b2d2521cdcd05db4eb3d5f6565977ed
SHA512

1bbe4ad109b34ffd0906aa6a86aa41b9db702a500bca09c56711799213e62d07fef9fc35fd5391ecf9f689c1e53913a4e1b131980fea2a138ccd8af6002b47e1
SSDEEP

12288:aB3ndkjYK9wb+Ha02MBU8Vezlmi3lHbuad+sp/p5tz+:63ndyYo6Oh2F8qlmi9bxdrpBD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
135c41a6e2d5d1c3469b255c0a5760cb

Files

135c41a6e2d5d1c3469b255c0a5760cb
.exe windows:4 windows x86 arch:x86

e2e3c139972bb4999e215ccfda55a03d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
Sleep
GetProcAddress
GetLastError
VirtualAlloc
ResetEvent
FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
RaiseException
SetFilePointer
GetOEMCP
GetACP
GetCPInfo
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
VirtualFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
RtlUnwind
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
CloseHandle

user32

GetActiveWindow
FindWindowA
SetFocus
SetActiveWindow

winmm

joySetThreshold

msacm32

acmFilterChooseA

Exports

Exports

?Exfit2@@YAKKK@Z
?Exfit@@YAKKK@Z

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 388KB - Virtual size: 738KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2e3c139972bb4999e215ccfda55a03d

Headers

File Characteristics

Imports

kernel32

user32

winmm

msacm32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 13KB

.rsrc Size: 388KB - Virtual size: 738KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 13KB

.rsrc
Size: 388KB - Virtual size: 738KB