1919361839133717c6afbd0e11994abf

General

Target

1919361839133717c6afbd0e11994abf
Size

627KB
MD5

1919361839133717c6afbd0e11994abf
SHA1

b17438c45182ff94941fe4a5aa046c350344e1a2
SHA256

400fd5ca342e2d600060ba444325a120f4fbd143b3df037543178f8b33d79f89
SHA512

96d0810151b4235df4904bf291f05d02d1c2c2ee608250f00aed439179b06cd0081bfc5c8837f131856cc2981d0dd6dee796e7cfa411ca325f73b96a1af23e96
SSDEEP

12288:32eTFamRHV49Er1pkCKtKPSC3fljpNJnI6vB2jGVd6FHA:Gvk149Er3KtKPh9VYO2jN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1919361839133717c6afbd0e11994abf

Files

1919361839133717c6afbd0e11994abf
.dll windows:4 windows x86 arch:x86

61f06677734a871e0ff5a479c5b3f587

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetACP
GetCurrentThreadId
QueryPerformanceCounter
DuplicateHandle
CreateEventA
SetEvent
FreeEnvironmentStringsW
GetModuleFileNameA
HeapAlloc
ReleaseMutex
ConnectNamedPipe
GetVersionExA
GetLastError
DeleteCriticalSection
ResetEvent
SetUnhandledExceptionFilter
GetStartupInfoA
WaitForSingleObject
LoadLibraryA
InterlockedExchange
TerminateProcess
LCMapStringA
IsBadCodePtr
CreateNamedPipeA
GetSystemTimeAsFileTime
GetCPInfo
GetSystemInfo
lstrcpyW
HeapDestroy
IsBadReadPtr
LCMapStringW
WaitForMultipleObjects
InterlockedDecrement
GetTickCount
HeapFree
IsBadWritePtr
FreeEnvironmentStringsA
UnhandledExceptionFilter
InterlockedCompareExchange
GetStdHandle
WideCharToMultiByte
OpenProcess
GetLocaleInfoA
GetOEMCP
WriteFile
GetEnvironmentStrings
UnmapViewOfFile
SetLastError
DisconnectNamedPipe
GetEnvironmentStringsW
GetCurrentProcessId
GetFileType
EnterCriticalSection
LeaveCriticalSection
CreateMutexW
RtlUnwind
InterlockedExchangeAdd
MultiByteToWideChar
DeleteTimerQueueTimer
ExitThread
GetBinaryTypeA
GetModuleHandleA
lstrcatW
InitializeCriticalSection
CreateTimerQueueTimer

user32

wsprintfW
LoadIconA
DrawIcon
CreateIconFromResource

advapi32

InitializeSecurityDescriptor
GetUserNameA
SetSecurityDescriptorDacl

msvcrt

wcsncmp
memcpy
free
wcscmp
_wcsnset
realloc
wcstod
vwprintf
wcsstr
_stricmp
fgetws
wcscat
wcstok
_wtoi
wprintf
wcscpy
_ltow
_strnicmp
malloc
swprintf
towupper
wcschr
memmove
memset
fflush
strtok
fprintf
exit
printf
wcslen
isdigit
scanf
calloc
wcstol

Exports

Exports

sunkixpz

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 556KB - Virtual size: 586KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61f06677734a871e0ff5a479c5b3f587

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 67KB - Virtual size: 67KB

.data Size: 556KB - Virtual size: 586KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 67KB - Virtual size: 67KB

.data
Size: 556KB - Virtual size: 586KB

.reloc
Size: 2KB - Virtual size: 2KB